last executing test programs:

8.406653473s ago: executing program 2 (id=1039):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000003100)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES8=r1], &(0x7f0000000400)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x89, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(0x0, 0x0, 0xfffff7ffffffffff, 0xffffffffffffffff, 0x8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0xd, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}}, 0x0, 0x0, 0x48, 0x0, "59b6e4180255aafc689c17b5157a81bf870bae3cf74117c208356d0581197fa246165c0c2102d16e3f444ea4c6f2f1eeff0719a6d076e39302af76cd60eaae0a99b4f3d932561dff5767f51daeefef8d"}, 0xd8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext2\x00', &(0x7f0000000240)='./file2\x00', 0x40000, &(0x7f0000001cc0)={[{@orlov}, {@oldalloc}, {@user_xattr}, {@noinit_itable}, {@data_err_abort}, {@sysvgroups}, {@dioread_nolock}, {@init_itable_val={'init_itable', 0x3d, 0x7}}]}, 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x88c, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x4, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0xfffffff8, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x6, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0xfffffffb, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x224, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x4, 0x249, 0x5, 0x2fbf, 0x3, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0x1, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x80000001, 0x3224, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x6, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x7, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x1, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0xfffffffa]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x6, 0x0, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x2, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000000, 0x3, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x2, 0xd92e, 0x7fffffff, 0x3, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x43, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x5, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa8f, 0x0, 0x6, 0x7, 0x0, 0x8, 0x8, 0x10000, 0x3, 0x3, 0x0, 0xa, 0x5, 0x1, 0xee7e, 0x800, 0xd1, 0x7fff, 0x1, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x5, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x64, 0x4, 0xffffffff, 0x1, 0x9, 0x1, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0xb, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x5, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0xd3c3, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4fedcacd, 0x1, 0x4, 0x9df4, 0x2, 0x7, 0x5, 0xfff, 0x3, 0x0, 0x1, 0x7, 0x401, 0x7f, 0x4, 0x7, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x49, 0x70, 0x0, 0xe1, 0x401, 0xa, 0x101, 0x3ff, 0x101, 0x0, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x9, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x0, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0x6, 0x400, 0x436, 0x3, 0x202, 0x0, 0x0, 0x0, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x1, 0x81, 0x3, 0x2, 0x3, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x4, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x400, 0x8, 0x3, 0x7b2, 0x400, {0x1, 0x2, 0x8, 0x624, 0x0, 0xfffffff8}, {0x9, 0x2, 0x7, 0x7ff, 0xff01, 0x4}, 0x6, 0x4, 0x923}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}}, 0x0)
sendmsg$kcm(r4, &(0x7f0000003040)={&(0x7f0000000680)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @loopback}, 0x4, 0x0, 0x4, 0x4}}, 0x80, &(0x7f0000002ec0)=[{&(0x7f00000007c0)="3c2583ea07805c7cc6bdf9e18153160c8d22fc0a34baefbeff12d55ee5769f60d882400e887160b118be93cb52fb9a77c8ce6c79196ba0d23dcf5873fa012e4935256817ff20bb8d0ab7af220018f482fb25a1eaec1e4892ad59f79d8e21e658634d31d808ceb2c22429f48a665003a9f454393f54b48de71b6c46b8beef636a4e2c9db10ac141c8a211dc65b0f48e568231004616771bac178bf068d9ed375d1644dd96f34df02027a8", 0xaa}, {&(0x7f0000000700)="f8a5df2ed6b44c89f96865fc9f91b82abf42b674d3e4c236aed48241", 0x1c}, {0x0}, {&(0x7f0000002e00)="a74d0cb0ab2e0fa741714b3a43cfa248684cfce4f14ff242b5457bb5acdb024cfd17b4f2ff749942bbaf361830", 0x2d}], 0x4, &(0x7f0000002f40)=ANY=[@ANYBLOB="00010000000000000301000003000000b25ae883d53867bd75cc561a6d537fd06b9938cadef05fa4c3645d33215781b268ed2f646127cd5680abe3d7d3d2519e695f834ba100e4dee99b99a1d77227e929a9d6dab66d642178be6d2a4ec81d5985dc6f2dd92aa9dbc904c5cf6e89fc685d55dd3ce1570f3f2d9c4e51e6c291ad75c388cc3eeadfc27169977c9ca018df4d1745bdc9635e7e98944db9d439e72ab102df134fd587d7b54685491ed58e13497cf12fea42d577ca051585aa3d2e324b34d2243617a2978897c21325f933db986d2b59be2671d53e8558bc160f248cc729d2584a54dbe87a23160610bc45a4f1ae39cce62d0bdbf89c5233a107e27d"], 0x100}, 0x8004)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYRESHEX, @ANYRES64, @ANYRES64, @ANYRESDEC=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003180)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000026", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x800, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0xffc5, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, @void, @value}, 0x94)
write$cgroup_int(r4, &(0x7f0000000000), 0xfffffd26)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x401c5820, &(0x7f00000001c0)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000000)='kmem_cache_free\x00', r3, 0x0, 0x8000}, 0x18)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in=@rand_addr=0xffffffff, 0x0, 0x0, 0xfffe, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x671}, {0x2cb, 0x0, 0x4}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in=@loopback, 0x0, 0x3}}, 0xe8)
socket$key(0xf, 0x3, 0x2)

7.907263725s ago: executing program 2 (id=1049):
syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000140)='./bus\x00', 0x1a40cc4, &(0x7f0000000940)=ANY=[@ANYRESDEC, @ANYBLOB="4ffef8a5fe039b069f473594fba9121a07732b", @ANYRESOCT, @ANYRESDEC, @ANYRESDEC, @ANYBLOB="1263a7b959383aa0a9fa10796416da755d29640e5041a395796348a83463470c07de0fe7c8e02a1a743587f58ffb22bbd585d0a5cbead9ca0823180dad88e609da79bbd442bddae537570748f21ac461994ea7754a096f9d50951ef0a07c555e2e53a20f4a407feef4892391f639afa0eccda43b87b58452d42073ba989bbdec9a81948e1f0c9cb8c0ad00fccafaefa58aadfc71bbd61088", @ANYRESDEC, @ANYRES64, @ANYRES16, @ANYRESOCT=0x0], 0xde, 0x0, &(0x7f0000000000))
bind$tipc(0xffffffffffffffff, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000400)='syzkaller\x00', 0xd, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f7f, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r4, 0x0, 0xf7}, 0x18)
pidfd_send_signal(0xffffffffffffffff, 0x2, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
timerfd_create(0x1, 0x0)

7.743935295s ago: executing program 2 (id=1052):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_read_part_table(0x1056, &(0x7f0000000000)="$eJzsz8GpwkAUBdA7IT8hVfy4tp40YCXBvY1YgyXYjisXI6Mg2oC6OGcxj3lcLrzwXWvmZHx+T0kOGZL8Jekytbk7z9tLyiPRdy1eXjtq+tK/tQ7JfbHWuh/r8J9rrbUtNt3SxtSekuX4gQsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OfdAgAA//+X0A8/")

7.481245841s ago: executing program 2 (id=1058):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid}]}})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000740)=@filter={'filter\x00', 0x42, 0x4, 0x3c0, 0xffffffff, 0xf8, 0xf8, 0x208, 0xffffffff, 0xffffffff, 0x328, 0x328, 0x328, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x5}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xa0, 0x110, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "d675ef1a27acea4c3c29b1bc225f00641b4756e72736ac9737ed75a12134a9df80284d4b52f6e9a2ed7f2cf113cb0032d3b0e7802fc1a581c0cfc778aab4a6ef"}}}, {{@ip={@private, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'veth1\x00'}, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x420)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2000000000000045, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}]}, 0x1, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r5 = inotify_init()
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, &(0x7f0000000140)=0x7, r6, 0x0, 0x8, 0x2)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
pipe2(&(0x7f0000001cc0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x10802, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB="2c756e616d653dd0"])
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r12}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]})

7.140459833s ago: executing program 2 (id=1062):
syz_open_dev$sg(0x0, 0x0, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001140)=@raw={'raw\x00', 0x3c1, 0x3, 0x330, 0x170, 0x1170, 0x1170, 0x170, 0x1170, 0x260, 0x1398, 0x1398, 0x260, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [], [], 'veth0_vlan\x00', 'veth0_to_hsr\x00'}, 0x0, 0x108, 0x170, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@statistic={{0x38}, {0x0, 0x1, 0x7, 0x9, 0x1, {0x90}}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x14, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ipv6={@local, @mcast2, [0x0, 0x0, 0xff000000], [], 'veth1_to_hsr\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x390)

5.717641722s ago: executing program 2 (id=1088):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, 0x0, &(0x7f0000000340)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200008385000000710000001801000002696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
uname(&(0x7f0000000640)=""/234)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x3, 0xc, &(0x7f0000000940)=ANY=[@ANYBLOB="1800f7ff0000000000000000000000cf7946022172904baa3185885e1ad1652cfcf585ca566904b7f8ce83cacd4a4c612733798a896fb7cb543d3f6f00bd551649ac491b02a39c3ec54b2625d23671e1eef573c81fc2a4890afa242b7e6f47f86ad9d0025341c78051cdb753f7cb2c5ba9ac063df6293a940dcf043eaeee87a69246bb04ef5cf9cbf83601f65dcff52365bb650862fe5c65b7c752a0ef39997832c699b7e38120639855c522bc0f2d917edbbb840a4d090ff41c0260a0acdaf16bb15d11c4721f6ba7ce7b2e7dcfd771162a1c0699731ba981fa5cd68e3f01049563450608bb4fa7563e4eefbc6d00610d2c6c02fc7b265241", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYRES16=r3], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc11a900e8d164a40, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)

5.717355732s ago: executing program 32 (id=1088):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, 0x0, &(0x7f0000000340)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200008385000000710000001801000002696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
uname(&(0x7f0000000640)=""/234)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x3, 0xc, &(0x7f0000000940)=ANY=[@ANYBLOB="1800f7ff0000000000000000000000cf7946022172904baa3185885e1ad1652cfcf585ca566904b7f8ce83cacd4a4c612733798a896fb7cb543d3f6f00bd551649ac491b02a39c3ec54b2625d23671e1eef573c81fc2a4890afa242b7e6f47f86ad9d0025341c78051cdb753f7cb2c5ba9ac063df6293a940dcf043eaeee87a69246bb04ef5cf9cbf83601f65dcff52365bb650862fe5c65b7c752a0ef39997832c699b7e38120639855c522bc0f2d917edbbb840a4d090ff41c0260a0acdaf16bb15d11c4721f6ba7ce7b2e7dcfd771162a1c0699731ba981fa5cd68e3f01049563450608bb4fa7563e4eefbc6d00610d2c6c02fc7b265241", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYRES16=r3], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc11a900e8d164a40, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)

3.576051476s ago: executing program 1 (id=1139):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
io_setup(0x9, &(0x7f00000000c0)=<r0=>0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/sync_on_suspend', 0x20001, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
io_submit(r0, 0x0, 0x0)

3.35522462s ago: executing program 4 (id=1143):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)

3.237800877s ago: executing program 4 (id=1145):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000000000000000fd00"/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x10000000000}, 0x18)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f000001f180)=[@rthdr_2292={{0x28, 0x29, 0x5, {0x0, 0x2, 0x2, 0x1, 0x0, [@remote]}}}, @hopopts={{0x18, 0x29, 0x36, {0x33}}}], 0x40}, 0x0)
r4 = request_key(&(0x7f0000000a40)='big_key\x00', &(0x7f0000000a80)={'syz', 0x3}, &(0x7f0000000ac0)='geneve\x00', r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f00000017c0)='dns_resolver\x00', &(0x7f00000000c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r5, 0xc0109428, &(0x7f0000000000)={0x1, 0x3})
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mlockall(0x1)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x18)
r9 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(0xffffffffffffffff, 0x2)
flock(r9, 0x2)
close_range(r9, 0xffffffffffffffff, 0x0)

3.084845817s ago: executing program 1 (id=1149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x2, 0x0, 0x0)

2.953885615s ago: executing program 1 (id=1153):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_read_part_table(0x1056, &(0x7f0000000000)="$eJzsz8GpwkAUBdA7IT8hVfy4tp40YCXBvY1YgyXYjisXI6Mg2oC6OGcxj3lcLrzwXWvmZHx+T0kOGZL8Jekytbk7z9tLyiPRdy1eXjtq+tK/tQ7JfbHWuh/r8J9rrbUtNt3SxtSekuX4gQsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OfdAgAA//+X0A8/")

2.71275776s ago: executing program 1 (id=1155):
bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x8205, &(0x7f0000000480)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@data_err_abort}, {@minixdf}, {@errors_remount}, {@abort}, {@noblock_validity}, {@barrier}, {@journal_dev={'journal_dev', 0x3d, 0xf35}}]}, 0x1, 0x618, &(0x7f0000000640)="$eJzs3c9rHG0dAPDvzCYxed9oWpFii2LAQwvS/KjFqqe2F3soWLAHEQ8NTVJDN21oUrC1YAoeFBREvIr04j/gXYpXbyKoN89CFYl4UOnKzM60a3Y32ebN7mwznw/M9plnZvd5vjv7dJ5nNs9OALU1nz2kEWcj4k4SMdexbTbaG+eL/fb+8exutiTRan3j70kkRV65/+vi3w+zhyRiOiJ+fz3ik43ucrefPL2/0my1fT9icWdza3H7ydOLG5sr99burT1YvvTly1eWvrJ8eflY4izjunHz65/5yQ++86X1PzQvJnE1bk9+bzX2xXFc5mM+XhchduZPRMSVLNHjfXnflCEkFdeDo2kUn8fJiDgTc9HI19rmYuPHlVYOGKpWI6IF1FSi/UNNlf2Acmw/jHHwOHt1rT0A6o5/on1tJKbzsdEHe0nHyKg93j11DOVnZfz32blfZEv0uQ4xcQzl9LP7PCI+3Sv+JK/bqfwqThZ/GmnH87L0UkRMFe/FYOP/ya6c+X3ro/78vUv8ncchi/9q8W+Wf/2I5VcdPwD19PJacSLfzdbenv+ynmHZ/4ke/Z/ZHueuo6j6/Ne//1ee76fza+Tpvn5Y1t+51fsluzo5f/nRjZ/1K7+z/5ctWfllX3AUXj2POLcv/h/mHb3kzfFPehz/bJc7A5bxtT/+7Ua/bVXH33oRcb7n+OdtjzZLLe5sbpV5+76fXFzfaK4ttR97lvGb3337V/3Krzr+7PhHn/HfQcc/y9sasIxf33qx2W/b7KHxp3+dSm7nqaki57srOzuPliOmkpvFLh35lw6uS7lP+RpZ/Bc+37v994q/KCo/0Lv/9270t/XN+3v99hv4+HcPnTKvWweHe6gs/tU+n//Djv9PByzjX996/Nl9WTNl4qD4Z7pfKtl95wgBAAAAAACgPtL8O9gkXXiTTtOFhfYc3k/FB2nz4fbOF9YfPn6wGnEh/3vIybT8pnuuvZ5k68vF38OW65f2rX8xIk5HxM8bM/n6wt2HzdWqgwcAAAAAAAAAAAAAAAAAAIAx8WEx/7+8T/U/G+35/wPZOTPk2gFDN8wbzAHjTfuH+srbf1p1LYAqOP9DfWn/UF/aP9SX9g/1pf1DfWn/UF/aP9SX9g8AAAAAJ9Lpz738cxIRu1+dyZfMVLFtstKaAcP27m18fij1AEavMdKnAePkzVf/pv9D7QzU//938eOAw68OUIGkV2beOWgd3Phf9nwmAAAAAAAAAAAAADAE58+a/w91lcZvq64CUJHuifxn9wac6Oc3AOA956f/ob4+0hjfBQI4EQ6bxT/db4P5/wAAAAAAAAAAAAAwMrP5kqQLxS1AZyNNFxYiPh4Rp2IyWd9ori1FxCci4k+NyY9l68tVVxoAAAAAAAAAAAAAAAAAAABOmO0nT++vNJtrjzoT/+nKOdmJ8i6o41KfzkQkoy90JiLGIfbhJCY6cpKI3ezIj0XFHm3HWFQjzatR8X9MAAAAAAAAAAAAAAAAAABQQx1zj3s798sR1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARu/t/f+PnkgOeZ2qYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k//CwAA//9vNjw9")

2.239549879s ago: executing program 0 (id=1159):
r0 = socket$inet(0xa, 0x801, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r3 = accept4(r0, 0x0, 0x0, 0x0)
write(r3, &(0x7f0000000000)="ea", 0x2a)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f00000004c0)=0x27)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000040)={r6, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000280)={r6, 0x101}, 0x8)
close(r3)

2.171615904s ago: executing program 5 (id=1089):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
bind$unix(r0, &(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x13, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000007bc23c22c47a74cfb5af100fc4e94d123d9f22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe66a22d132a161eea53a46a5316f6800"/100], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.166429344s ago: executing program 1 (id=1161):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})

2.119930037s ago: executing program 5 (id=1163):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700"/15, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r0, {0x9}}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r4, 0x0, r4, &(0x7f00000001c0)='./file0\x00', 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
r5 = syz_io_uring_setup(0xbc3, &(0x7f0000000540)={0x0, 0x1064, 0x80, 0x4, 0x1a8}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000005c0)=@IORING_OP_SHUTDOWN={0x22, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x47f8, 0x0, 0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r10 = io_uring_setup(0x3caf, &(0x7f0000000080)={0x0, 0x6d33, 0x100, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r10, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

2.093513549s ago: executing program 1 (id=1164):
clock_nanosleep(0x7, 0x1, 0x0, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
sysinfo(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file0\x00', 0x19f, &(0x7f0000000100), 0x80, 0x553, &(0x7f0000001ec0)="$eJzs3c9rJFkdAPBvddKz8yOznVUPuuC4uiszi073ZOPuBg/rCKKnBXG9jzHpCWE66ZDu7E7CoJm/QBBRwZNevAj+AYIMePEowoLiRVBYUUQzehBcp6SqK5mmpzvp2e3tziSfD9TUq1dV7/teTV51V9ejKoBT67mIuB4RD9I0fTEiKkV+qZhitzNl293fu7OUTUmk6Rv/SCIp8vbLSor5hWK3sxHxta9EfDN5NG5re+fWYqNR3yyWa+21jVpre+fq6triSn2lvj4/P/fKwqsLLy9cG0k7L0bEa1/6y/e/89Mvv/bLz7715xt/u/KtrFozxfrudjyG7BBNH7ZBp+nlzrEsZDtsvodgx9V03sLCuX5bpGmaPkgrXTl3x1IzAAB6Zd9LPxQRn4qIF6MSU4d/nQUAAACeQOkXZuLdJL9DE3/8w6W0x5neDAAAAODJU8rHwCalajEWYCZKpWq1M4b3I3G+1Gi22p+52dxaX+6MlZ2NcunmaqN+rRgrPBvlJFuey9MPl1/qWZ6PiGci4nuVc/lydanZWJ70jx8AAABwSlzouf7/d6Vz/Q8AAACcMLOPZpUmUQ8AAADgg9Pn+h8AAAA4YVz/AwAAwIn21ddfz6Z0//3Xy29ub91qvnl1ud66VV3bWqouNTc3qivN5kr+zL61o8prNJsbn4v1rdu1dr3VrrW2d26sNbfW2zdW89eBAwAAABPwzCfu/T6JiN3Pn8unzJlJVwoYi+mDVFLM+/T+Pz3dmb8zpkoBYzE1xDbvPDWGigBjNz3pCgATU550BYCJS45YP3Dwzm+K+SdHWx8AAGD0Ln9s8P3/w98BsOsVAfCEe9xOfHC/4KgfDIBjr+f+f1qZVEWAscs/z4cd8OsbP5wo5aFGAAIn2fu+/3+kNH2sCgEAACM3k09JqVr8vDcTpVK1GnExfy1AObm52qhfi4inI+J3lfJT2fJcvmfiFiAAAAAAAAAAAAAAAAAAAAAAAAAADClNk0gPc/3QtQAAAMATIKL01+RXnWf5X668MNP7+8CZ5D/5K4HPRMRbP3rjB7cX2+3NuSz/nwf57R8W+S917fjufvkAAADAuO1fp+9fxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKN3fu7N0f+9O+t+9O0vjjPv3L0bE7EH8fOqsmY6z+fxslCPi/L+SmO7aL4mIqRHE370bER/tFz/JqnUQsl/8cx98/JgtjkK/+BdGEB9Os3vZ+ed63v8iNqKr/5XiuXze1f+SouNF58QwPYL4g89/cXD+mxrQ/y8OGePZt39eGxj/bsSz0/3PP/vxkwHxn4/SUPG/8fWdnUHr0h9HXI7+8btj1dprG7XW9s7V1bXFlfpKfX1+fu6VhVcXXl64Vru52qgX//aN8d2P/+LBYe0/PyD+7BHtf6G3sAF/EP97+/behzvJcr/4V57vE//XPym2eDR+qfjs+3SRztZf3k/vdtLdLv3st5cOa//yw/aXH+f//8qgQoc8LgDAZLS2d24tNhr1zRObyK7S33c5UxfT3OSbM5LE7vGoxsQT3x5pgdkfSNan+qy6FxHDlJPEcTgseWLSZyYAAGDUHn7pn3RNAAAAAAAAAAAAAAAAAAAA4PQax+PEemPuHqQSTwYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6N/wcAAP//qOTkJw==")
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f0000000280)='%pS    \x00'}, 0x20)
mount$cgroup(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x29, 0x18, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004cc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x30, 0x40400d1}}], 0x1, 0x10)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000800)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000080))
r6 = getuid()
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYRES64=r6, @ANYRESDEC, @ANYRESHEX=r6], 0x1, 0x522, &(0x7f0000000a80)="$eJzs1b1u01AYBuCvaSiBqTNiOBILU1XYmAhCqVRhCQmUASYiNSwxQooXJ1MvgQvgwhi4CJSpW1BlF2jFWP+oeZ4ln/LaPuc9g/3p8ZfF2dfi849v32M03ovBOB4MLvbiMAZx5TwAgLvkYruNX9tK13sBANrh+w8Au+f9h49vXmXZ5F1Ko4jNeTktp9VvlZ+cZpPjdOngn7s2ZTnd/5M/S5Xr+b14WOfP/5sfxNMnVX6ZvX6b3cjvx1nj7QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYLcdpTSMiJRSOvz776Ysp/tVfpSu3Mir6eQ0mxzXF1zPh/Fo2FoNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4BYUq/Vilufz5R0bIn5Gy4uO6iNtuem4XrYvJ9/k8LKJJ7+IiL4U7NHQ4UsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVLFaL2Z5Pl8WXe8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiLYrVezPJ8vmxw6LojAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0I3fAQAA///PCC46")

2.061688351s ago: executing program 4 (id=1165):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX=r0], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r2}, 0x10)
uname(0x0)

1.939827038s ago: executing program 5 (id=1168):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
lseek(r0, 0x10000, 0x0)
getdents64(r0, 0xffffffffffffffff, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
ioctl$PPPIOCGFLAGS1(r2, 0x80047455, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
fsopen(&(0x7f0000000280)='fuse\x00', 0x1)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x4e25, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000640)=[@mask_fadd={0x58, 0x114, 0x8, {{0x613a1cc9, 0x7}, &(0x7f0000000080)=0x100000000, 0x0, 0x80000001, 0x8000000000000000, 0x9, 0xfffffffffffeffff, 0x53, 0x7}}, @fadd={0x58, 0x114, 0x6, {{0x5, 0x44}, &(0x7f0000000140)=0xfffffffffffffff8, 0x0, 0x4, 0x800, 0x6341, 0x7, 0x1, 0x8}}, @fadd={0x58, 0x114, 0x6, {{0x200, 0xa}, &(0x7f0000000180)=0x24783db3, &(0x7f0000000200)=0xf47, 0x7, 0x4, 0x100000000bae0, 0x5, 0x3, 0x1}}], 0x108, 0x4000000}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001180)=ANY=[@ANYBLOB="300000002000010000000000000000000200000000000000000000000c0014400000000000000000050013"], 0x30}}, 0x0)

1.939453829s ago: executing program 4 (id=1169):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f0000000140)=ANY=[@ANYBLOB='map=off,cruft,iocharset=ascii,block=0x0000000000000200,unhide,session=0x0000000000000011,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c004238994fceef7f633ea81416b1324d35327f7ace27c590b7f9fb133af0ffd6dfc4d893195864142b1450fbace6795f6e181993255fbbca2cb54fcf79cc53b3a6c3704aed82da89741aad5205bb43ded29cfd65509ff9c85cbdb7337ef48b9412ff439da96bb3f5ac11273d94d3d75d"], 0x1, 0xa29, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+CpAALbWEZllQIIurCbgHb6EIFiq5qxAiCAEk2gZdZGXAW8SbQLllmlUWAxP9BYGSlBAgmmDtDiY+ZoUhRpKJ8PoPR3MfvnPO7c+/coxnO3BP+nNXr9fK+zflLP9rNZHn0nJ/8+vMvPm3c/+dW+rIvrxc/SQaSVJOeP5bHSu/E5ML87CYV3UyuJLmdFEn603zsYP+auSspvpUn783fTvGDHG5TbGCLG8em6vxF2+vjDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHkkTk6OjY0VmpucuvV3trBwCvMv6leq+Kkf9Lr5a3URfm2aLpGjcMzCwMtT34UP3Vj/b+Od4nmvOPdcc+Xsgnzzx7ME3numprJTvktCu+PDjT26+u7x87YN7i3o3LdT/cHPalr7tFbtQm5tenJ+ePXehVp1enK+ePX169OTFqcXq1HRqi5cXl2qz1YmF2rml+YXq0MQr1bGzZ09VayOX5y/NXZgcmamtLDzzd+Ojo6erb438U+3cwuL83Mm3RhYnLk7PzEzPXShjGqsbMWcaB+I/Ti9Vl2rnZqvV6zeWr53aLMlG0FjbNUV1X1YFjW9W0/jo+PjY2Pj42OnXz75+ZnS0Z8OC0XWyIWLvD1r2zo8fyjkctqnS6v8zk+nM5VLeTrXtbSKTWch8Zjusb1np/0+crHVtd3X/v9LLH763+kjK/v+F5twLnfr/DrlsfqvXmzVvt/zK7cN8nE9yM+9mOcu5lg8euMb+rMvs9w9aY+tWffCt3Xi7kFrmMp3FzGc6szlXLqm2llRzNqdzOqN5JxczlcVUM5XpzKSWxVzOYpZSK4+oiSyklnNZynwWUs1QJvJKqhnL2ZzNqVRTy0guZz6XMpcLmcy5spbruVE+76e65Hg3aOx+gsa7BO1w/19/FP8nyMO2o+dveBD1Vv/f7j16M6C+MjU0sWtZAQAAADvpb3+eA4ee/tmvk948X34uPzU9Uxvd67QAAACAHVR+Xe+5xkNvY+r5FN7/AwAAwOOmKH9jVyQZzNHmVPOXUPviQwAAAAB4TJR//3+h8TDYmDqa4u6VUK7sdW4AAADAzrh7jf10usbuplfhL4ZXLv9bvdp8vNqKaF3nd3BqeqY2MjE/88ZYXiqvMlD+0mBDbfuSorf8+cGrOdaMOjbYfBxcW+NAI2ps5I2xvJrjrQ0ZerHx8OJQm8jxZuTLzciXu0SeakQCwOPueJf++H77/1cz3IwYPtLTl6TnSJuedVTPCgCPis3H2Nk0ovj7e+//e1vVrun/n871o82vFIzkvbyf5VzNcPlrg/IbB2tq/ZfPWp8Z3P0awmiGN/k0YCX2F2cqGe7weUBf1tc7nuFNPhFoxuZfk1MPf0cAwC463qEf3kr/P7zq/X82vv+/O7TQNT8pBIBHwt0R7B/ixF5vIwCwll4aAAAAAAAAAAAAAAAAAAAAAAAAAAAAdt6OXu1/YJvFf9Ma1+/hDkOwYWJ/6znYfj3fTrJ7OReNtvp3rsLKDtRTT7Jb+2v3JnIw2faz2vYw7kuy99u1lYm9PCsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwW4pkX7vllaQ/yWiSk7uf1fYVjS3q4tauZfLI+IfVM8Wd3MlHObB36QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJ5a1/+vpPn4RHNReirJiSRXkvzzXue4k+7sdQI7ZP82y626/n9jn6depKe521P0TkwuzM+W4yf0N9Z//fkXnzbuq4r33287ZWBl3eASrRbWx/7wyZWpp8pSg5PXPrz5n+//R3XyfCrpy/mlqZnJ2QsLb94r8mzxZVJN875iJd//PvHTz9ps+ZeNLW1vfbtT5ZMzubHdv2lXunu73dxYvjbeaGmp9vbSf/37jY9WrXo6x5IXh5KhtS39W+PeoaVj6e3WWvFN8X/FgXw3V8r933g2inrR2EV/VW7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflVczC/zv6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/3efWXfdpgatur/17x4K6vO/619tUPno3rR9Xy0qsWtvS7WtbjuqOjyuih7pEPrSrTOPp3KtPI81IzqkOdf57Wk50i3s+KG3vq1zU5pK+XfbL96u6//7xdD+V1uGf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB49BXJvnbLK8mJJAdX5qtJfQvV9ndaURkstprijrp195/HQmWrBYo7uZOPcuDhpAMAAAAAAADAbjs/+fXnX3zauJd/j993p15v/X2/mvQkOVh8Z38mF+ZnN6moN7mS5HZjeqBT0B/qTWuXNsrlyXvztxtzh9tWcPB+twsA6OxPAQAA//8pUm3K")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
unshare(0x8040600)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000003d0007010000000000000000047c000008000880040003000c0001"], 0x38}}, 0xc000)

1.939175609s ago: executing program 5 (id=1170):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000340)={[{@sb={'sb', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x8}}, {@errors_remount}]}, 0x1, 0x51d, &(0x7f00000014c0)="$eJzs3bFvW1sZAPDvOnGT5qUvffAGQMArjwcFVXUSt42qLrQLCFWVEBUTQxsSN4pq11HsiiZ0SEf2SlRigj+BjQGpEwMbG2wsZUAqUIGaSgxG99pJ3cRJDHHixv79pJt7z7muv3PinnPuPbF9Ahha5yJiIyJORcTdiJhq5SetLa43t/Rxr189Xth89XghiUbj9j+S7HyaF23/JvVB6znHI+KH34v4SbI7bm1tfbNRLpdWW+npemVlura2fnE518opzs3OzVy9dKXYs7p+UvnNy+8u3/zR7377lRd/3Pj2z9JiTf78THauvR691Kx6Pibb8kYj4uZRBOuT0db/H06etLV9LiI+zdr/VIxkryYAMMgajaloTLWnd4k3HTIBgJMrvf+fjCRXaM0FTEYuVyg05/A+jolcuVqrX5iqPnywGNkc1tnI5+4tl0szrbnCs5FP0vRsdvw2XXwn/bR0KSI+ioinY6ez84WFanmxnxc+ADDEPtgx/v97rDn+AwADbrzfBQAAjt0743+HN+sCAIPH/T8ADJ//Yfz36UAAGBDu/wFg+Bj/AWD4HDj+PzmecgAAx+IHt26lW2Oz+f3XW2/+v7hYqt0vVB4uFBaqqyuFpWp1qVwqLDQaBz1fuVpdmb28naytrd+pVB8+qN9Zrswvle6U8kdZGQCgKx998vzP6aC/ce10tkXbWg7GahhsuX4XAOibkX4XAOgbn+eB4dXFPb5pABhwB33r155vEXpm8Vc4qc5/0fw/DKvDzP+bO4CT7f+b//9Oz8sBHD9jOAyvRiPptOY/ADDAzPEDh/r7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAypyWxLcoVsLfCN9GeuUIg4ExFnI5/cWy6XZiLiw4j401h+LE3P9rvQAMAh5f6WtNb/Oj/12eTOs6eSN2PZPiJ++svbv3g0X6+vzqb5/9zOrz9L80/XV4un+lEBAKDd9d1Z2fhdbO3bbuRfv3q8sLUdZxFf3mguLprG3WxtzTOjMZrtxyMfERP/SlrppvR6ZaQH8TeeRMQXtuo/Ho/aIkxmcyDNlU93xk9jn+l5/Pbf/874uXfqm8vOpft89rv4fA/KAsPm+Y1mP9lqe2kTb7W/XJzL9p3b/3jWQx1e2v+l7XpzV/+X2+7/RnbFT7I2f247vX9JXl7+/fd3ZTammueeRHxptFP8ZDt+0rn/zX/WZR3/8uWvfrrXucavIs53rP/WitSVrJudrldWpmtr6xeXK/NLpaXSg2JxbnZu5uqlK8XpbI66+fMPnWL8/dqFD/eKn9Z/Yo/44/vXP77RZf1//Z+7P/7aPvG/9fXOr//H+8RPx8Rvdhl/fuL6nst3p/EX96j/Aa9/XOgy/ou/ri92+VAA4BjU1tbvz5fLpdUDDtJrzYMe46D7g/Te/j0oRnYQGxG9esJsUiIiOj4mvaJ+P6p8VAfJ+1GMXhz0u2cCjtrbRt/vkgAAAAAAAAAAAAAAAHupra3fH+v8aa2eHfS7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyu/wYAAP//2WbEIA==")
r0 = memfd_create(&(0x7f0000000040)='\x01\xfd\xae.+\xa6\x8c\xf8\xff2\x199\x94S,|\x99x?Ue[\xbd\xe1!\x03[d \xa0\x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xd3\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\xfa\x18\x8dR\xbb\xea5F\x00G\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xccV\xa6w%\x06\x19\x7f\xc3\xb3O\xe5t3\x03\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6x\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00p+\x96\x1ei|n\xda\xee\x01\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\x9f\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\xf4\xcd\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\ti\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x17&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\b\x00\x00\x00\x00\x00\x00\x00\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01;\xbfM.\xe3\x84\x82\x9c\x91\a\x9b\x191c\xaeLz\xe0\x04Daz\x8d\xc3\x03\xab\x8dEGC$\x00e,\x94#\xcd4\xf9\x05\x88.\x13\x03\x04\xdb', 0x4)
lseek(r0, 0x0, 0x1)
ioperm(0x1, 0x4, 0x52)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r1, 0x11, 0x64, 0x0, &(0x7f0000000080)=0x4f)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)

740.934503ms ago: executing program 0 (id=1171):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0xf000000, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="0213400002"], 0x10}}, 0x0)

740.046863ms ago: executing program 4 (id=1173):
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x20a0, &(0x7f00000001c0), 0x83, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58, &(0x7f0000000280)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x1000)
msgctl$IPC_RMID(0x0, 0x0)

629.824041ms ago: executing program 0 (id=1174):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})

617.954761ms ago: executing program 4 (id=1176):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000000000000000fd00"/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x10000000000}, 0x18)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f000001f180)=[@rthdr_2292={{0x28, 0x29, 0x5, {0x0, 0x2, 0x2, 0x1, 0x0, [@remote]}}}, @hopopts={{0x18, 0x29, 0x36, {0x33}}}], 0x40}, 0x0)
r4 = request_key(&(0x7f0000000a40)='big_key\x00', &(0x7f0000000a80)={'syz', 0x3}, &(0x7f0000000ac0)='geneve\x00', r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f00000017c0)='dns_resolver\x00', &(0x7f00000000c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r5, 0xc0109428, &(0x7f0000000000)={0x1, 0x3})
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mlockall(0x1)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x18)
r9 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(0xffffffffffffffff, 0x2)
flock(r9, 0x2)
close_range(r9, 0xffffffffffffffff, 0x0)

491.786369ms ago: executing program 5 (id=1178):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200400000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

478.39233ms ago: executing program 0 (id=1179):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
gettid()
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4004881)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="a4", 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x58)
close(r1)
mount$tmpfs(0x0, &(0x7f0000000800)='./file0\x00', &(0x7f0000000a40), 0x80, &(0x7f0000000a80)={[{}, {@grpquota_block_hardlimit}]})

429.802473ms ago: executing program 3 (id=1180):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX=r0], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r1}, 0x10)
uname(0x0)

424.901813ms ago: executing program 3 (id=1181):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001140)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f8, 0x170, 0x1170, 0x1170, 0x170, 0x1170, 0x260, 0x1398, 0x1398, 0x260, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [], [], 'veth0_vlan\x00', 'veth0_to_hsr\x00'}, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x14, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ipv6={@local, @mcast2, [0x0, 0x0, 0xff000000], [], 'veth1_to_hsr\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358)

404.407864ms ago: executing program 0 (id=1182):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000140)={0x0, 0x1, 0x303, 0xfffd, 0x0, 0x5, 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_read_part_table(0x5f8, &(0x7f0000000bc0)="$eJzs0zGIU3ccB/Bf0jNXBRE7uTVchliXEzJer2BDfBwBcwSLDiK62SGLTh1iAoaKg2eHiOByDpbCGSq0TiKCIOLFQcgkinZREYciuFjFpuTu3XItB4UctPD5wHuP/+//+70vfx4v+F/Lxu/D4TATEcPJDdqGrdE9t778zVJl/1x+fl/9YEQmjkTE9+//+GG0k1kbTN86la6fpevSrYnG+aXk7EJ3+64b+Q8PsrEa0I5YuV72Lx8d5znZHLtP7bmTaQ923qzGlU9jeWZb4/CJXvGLbO/h+9H2n+nn3rJuLD+u/Ouz93ac6ZxMvsxFPEqaz5NX2bdvkgOXFqdzF1r14uu9ad+xcQWu0/h4KHft6t1y58XW0v1qrdb9+cnFQrNyu3N60C88fnfueNr3dKO/CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4zdp/bc+Twz2HmzGleWv1qe2dY4fKJXLLd6D+d//frH/E9TkVnpm96k/Ouz93ac6ZxMFr6b/fZR0nyevMq+fZMcuLQ4nbvQqhdf7037jv3DbG4M+Y2Ph3LXrt4td15sLd2v1mrdLXGx0Kzc7pwe9AuP3507Hp/9Uq5GPJ0cxWXHkAgAAAAAAAAAAAAAAAAAAAB/V9k/l5/fVz8YkYkjETGzOPdkVB9Ormx/stY3lT6frdajdGuicX4pObvQ3b7rRv7Dg9/Sejsb0Y6Il/3LRzdOnticA/Gv/BUAAP//FI2HuA==")

270.758173ms ago: executing program 0 (id=1183):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@bridge_delneigh={0x30, 0x1e, 0x1, 0x0, 0x0, {0x7}, [@NDA_PROBES, @NDA_CACHEINFO={0x0, 0x3, {0x9, 0x0, 0x795, 0x4d}}]}, 0x30}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

116.324583ms ago: executing program 3 (id=1184):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)

37.671418ms ago: executing program 3 (id=1185):
socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x3, 0x3)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x22020600)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="00000000000000b7040000080000008500000095000000950000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000440), r0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x24, r6, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x2800)

29.732128ms ago: executing program 3 (id=1186):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)

0s ago: executing program 3 (id=1187):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
sendmsg$nl_route(r2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

mark_inode_dirty error
[   42.017527][ T4065] EXT4-fs (loop2): Total free blocks count 0
[   42.031701][ T4050] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   42.034566][ T4065] EXT4-fs (loop2): Free/Dirty block details
[   42.034581][ T4065] EXT4-fs (loop2): free_blocks=2415919104
[   42.043978][ T4050] EXT4-fs (loop3): 1 truncate cleaned up
[   42.049340][ T4065] EXT4-fs (loop2): dirty_blocks=48
[   42.056840][ T4050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.060714][ T4065] EXT4-fs (loop2): Block reservation details
[   42.060728][ T4065] EXT4-fs (loop2): i_reserved_data_blocks=3
[   42.084236][ T4071] loop0: detected capacity change from 0 to 764
[   42.090059][ T4050] SELinux:  Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped).
[   42.106115][   T29] audit: type=1400 audit(1739467417.592:1007): avc:  denied  { relabelto } for  pid=4049 comm="syz.3.224" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:var_lib_t:s0"
[   42.110273][ T4071] SELinux: syz.0.232 (4071) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   42.150409][ T4050] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5
[   42.159591][ T4050] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[   42.169028][ T4050] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.224: Failed to acquire dquot type 0
[   42.181759][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.191848][ T4071] Symlink component flag not implemented
[   42.197652][ T4071] Symlink component flag not implemented (101)
[   42.205803][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.230705][ T4076] loop2: detected capacity change from 0 to 764
[   42.241461][ T4076] Symlink component flag not implemented
[   42.247503][ T4076] Symlink component flag not implemented (101)
[   42.294387][ T4088] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   42.302649][ T4088] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   42.335242][ T4094] loop4: detected capacity change from 0 to 512
[   42.371087][ T4101] loop3: detected capacity change from 0 to 512
[   42.378776][ T4096] loop0: detected capacity change from 0 to 4096
[   42.386676][ T4101] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   42.401293][ T4096] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.432665][ T4102] loop4: detected capacity change from 0 to 2048
[   42.490900][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.558356][ T4113] loop4: detected capacity change from 0 to 512
[   42.567825][ T4116] __nla_validate_parse: 6 callbacks suppressed
[   42.567843][ T4116] netlink: 16 bytes leftover after parsing attributes in process `syz.2.248'.
[   42.595553][ T4118] netlink: 20 bytes leftover after parsing attributes in process `syz.0.246'.
[   42.614890][ T4112] loop4: detected capacity change from 0 to 1764
[   42.632248][ T4118] loop0: detected capacity change from 0 to 2048
[   42.639747][ T4114] netlink: 4 bytes leftover after parsing attributes in process `syz.4.247'.
[   42.747041][ T3307] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   42.776750][ T4124] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   42.785004][ T4124] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   42.888437][ T4143] xt_CT: You must specify a L4 protocol and not use inversions on it
[   42.945618][ T4150] netlink: 16 bytes leftover after parsing attributes in process `syz.3.259'.
[   42.957089][ T4152] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   42.980438][ T4141] loop2: detected capacity change from 0 to 4096
[   43.001029][ T4141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.025628][ T4159] loop4: detected capacity change from 0 to 128
[   43.032784][ T4159] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   43.080338][ T4157] loop0: detected capacity change from 0 to 8192
[   43.089558][ T4159] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x80417272 (sector = 1)
[   43.109466][ T4159] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   43.121505][ T4159] FAULT_INJECTION: forcing a failure.
[   43.121505][ T4159] name failslab, interval 1, probability 0, space 0, times 0
[   43.134221][ T4159] CPU: 0 UID: 0 PID: 4159 Comm: syz.4.262 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   43.134245][ T4159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   43.134256][ T4159] Call Trace:
[   43.134261][ T4159]  <TASK>
[   43.134270][ T4159]  dump_stack_lvl+0xf2/0x150
[   43.134302][ T4159]  dump_stack+0x15/0x1a
[   43.134328][ T4159]  should_fail_ex+0x24a/0x260
[   43.134428][ T4159]  should_failslab+0x8f/0xb0
[   43.134460][ T4159]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   43.134554][ T4159]  ? __d_alloc+0x3d/0x340
[   43.134626][ T4159]  ? selinux_inode_permission+0x341/0x410
[   43.134667][ T4159]  __d_alloc+0x3d/0x340
[   43.134745][ T4159]  d_alloc_parallel+0x54/0xc80
[   43.134763][ T4159]  ? __rcu_read_unlock+0x4e/0x70
[   43.134783][ T4159]  ? __d_lookup+0x342/0x370
[   43.134804][ T4159]  ? try_to_unlazy+0x264/0x390
[   43.134855][ T4159]  path_openat+0x6c8/0x1fc0
[   43.134942][ T4159]  ? _parse_integer_limit+0x167/0x180
[   43.134988][ T4159]  do_filp_open+0x107/0x230
[   43.135021][ T4159]  do_sys_openat2+0xab/0x120
[   43.135052][ T4159]  __x64_sys_openat+0xf3/0x120
[   43.135152][ T4159]  x64_sys_call+0x2b30/0x2dc0
[   43.135184][ T4159]  do_syscall_64+0xc9/0x1c0
[   43.135214][ T4159]  ? clear_bhb_loop+0x55/0xb0
[   43.135268][ T4159]  ? clear_bhb_loop+0x55/0xb0
[   43.135294][ T4159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.135332][ T4159] RIP: 0033:0x7f5aa2c8cde9
[   43.135349][ T4159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.135427][ T4159] RSP: 002b:00007f5aa12f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   43.135447][ T4159] RAX: ffffffffffffffda RBX: 00007f5aa2ea5fa0 RCX: 00007f5aa2c8cde9
[   43.135459][ T4159] RDX: 0000000000000040 RSI: 0000400000000180 RDI: ffffffffffffff9c
[   43.135470][ T4159] RBP: 00007f5aa12f7090 R08: 0000000000000000 R09: 0000000000000000
[   43.135503][ T4159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.135514][ T4159] R13: 0000000000000000 R14: 00007f5aa2ea5fa0 R15: 00007ffdb8847d88
[   43.135534][ T4159]  </TASK>
[   43.347750][ T4157]  loop0: p2 p3 p4[EZD]
[   43.358714][ T4157] loop0: p3 start 4294639647 is beyond EOD, truncated
[   43.365674][ T4157] loop0: p4 size 65536 extends beyond EOD, truncated
[   43.399014][ T4165] tmpfs: Unsupported parameter 'huge'
[   43.448420][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.453238][ T4167] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   43.465906][ T4167] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   43.526494][ T4181] netlink: 'syz.3.267': attribute type 4 has an invalid length.
[   43.603042][ T4183] lo speed is unknown, defaulting to 1000
[   43.618871][ T4186] netlink: 16 bytes leftover after parsing attributes in process `syz.2.273'.
[   43.629810][ T4179] loop4: detected capacity change from 0 to 8192
[   43.656845][ T4188] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   43.665106][ T4188] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   43.704918][ T4190] tmpfs: Unsupported parameter 'huge'
[   43.729299][ T4192] loop1: detected capacity change from 0 to 128
[   43.737162][ T4192] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   43.741698][ T4194] FAULT_INJECTION: forcing a failure.
[   43.741698][ T4194] name failslab, interval 1, probability 0, space 0, times 0
[   43.761622][ T4194] CPU: 1 UID: 0 PID: 4194 Comm: syz.4.275 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   43.761650][ T4194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   43.761662][ T4194] Call Trace:
[   43.761669][ T4194]  <TASK>
[   43.761676][ T4194]  dump_stack_lvl+0xf2/0x150
[   43.761843][ T4194]  dump_stack+0x15/0x1a
[   43.761868][ T4194]  should_fail_ex+0x24a/0x260
[   43.761981][ T4194]  should_failslab+0x8f/0xb0
[   43.762082][ T4194]  kmem_cache_alloc_node_noprof+0x59/0x320
[   43.762124][ T4194]  ? __alloc_skb+0x10b/0x310
[   43.762152][ T4194]  __alloc_skb+0x10b/0x310
[   43.762247][ T4194]  ? audit_log_start+0x34c/0x6b0
[   43.762281][ T4194]  audit_log_start+0x368/0x6b0
[   43.762316][ T4194]  ? kmem_cache_free+0xdc/0x2d0
[   43.762356][ T4194]  audit_seccomp+0x4b/0x130
[   43.762437][ T4194]  __seccomp_filter+0x6fa/0x1180
[   43.762465][ T4194]  ? update_load_avg+0x1f7/0x7c0
[   43.762643][ T4194]  ? __dequeue_entity+0x22/0x310
[   43.762679][ T4194]  ? __list_add_valid_or_report+0x38/0xe0
[   43.762752][ T4194]  ? tracing_record_taskinfo_sched_switch+0x6f/0x270
[   43.762788][ T4194]  __secure_computing+0x9f/0x1c0
[   43.762815][ T4194]  syscall_trace_enter+0xd1/0x1f0
[   43.762846][ T4194]  do_syscall_64+0xaa/0x1c0
[   43.762876][ T4194]  ? clear_bhb_loop+0x55/0xb0
[   43.762965][ T4194]  ? clear_bhb_loop+0x55/0xb0
[   43.762999][ T4194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.763088][ T4194] RIP: 0033:0x7f5aa2c8b7fc
[   43.763106][ T4194] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   43.763126][ T4194] RSP: 002b:00007f5aa12f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   43.763148][ T4194] RAX: ffffffffffffffda RBX: 00007f5aa2ea5fa0 RCX: 00007f5aa2c8b7fc
[   43.763161][ T4194] RDX: 000000000000000f RSI: 00007f5aa12f70a0 RDI: 0000000000000003
[   43.763175][ T4194] RBP: 00007f5aa12f7090 R08: 0000000000000000 R09: 0000000000000000
[   43.763188][ T4194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.763201][ T4194] R13: 0000000000000000 R14: 00007f5aa2ea5fa0 R15: 00007ffdb8847d88
[   43.763276][ T4194]  </TASK>
[   43.764337][ T4192] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x80417272 (sector = 1)
[   43.810144][ T4196] FAULT_INJECTION: forcing a failure.
[   43.810144][ T4196] name failslab, interval 1, probability 0, space 0, times 0
[   43.850534][ T4192] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   43.854643][ T4196] CPU: 1 UID: 0 PID: 4196 Comm: syz.2.278 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   43.854672][ T4196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   43.854687][ T4196] Call Trace:
[   43.854695][ T4196]  <TASK>
[   43.854705][ T4196]  dump_stack_lvl+0xf2/0x150
[   43.854781][ T4196]  dump_stack+0x15/0x1a
[   43.854806][ T4196]  should_fail_ex+0x24a/0x260
[   43.854848][ T4196]  should_failslab+0x8f/0xb0
[   43.854911][ T4196]  __kmalloc_node_noprof+0xad/0x410
[   43.854952][ T4196]  ? __kvmalloc_node_noprof+0x72/0x170
[   43.855040][ T4196]  __kvmalloc_node_noprof+0x72/0x170
[   43.855071][ T4196]  simple_xattr_set+0x6e/0x2a0
[   43.855110][ T4196]  ? strlen+0x19/0x30
[   43.855143][ T4196]  shmem_xattr_handler_set+0x129/0x220
[   43.855198][ T4196]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[   43.855224][ T4196]  __vfs_setxattr+0x2e5/0x310
[   43.855306][ T4196]  __vfs_setxattr_noperm+0xed/0x420
[   43.855340][ T4196]  __vfs_setxattr_locked+0x1af/0x1d0
[   43.855373][ T4196]  vfs_setxattr+0x140/0x290
[   43.855407][ T4196]  filename_setxattr+0x1a6/0x2a0
[   43.855468][ T4196]  path_setxattrat+0x284/0x310
[   43.855575][ T4196]  __x64_sys_lsetxattr+0x71/0x90
[   43.855718][ T4196]  x64_sys_call+0x29c8/0x2dc0
[   43.855752][ T4196]  do_syscall_64+0xc9/0x1c0
[   43.855782][ T4196]  ? clear_bhb_loop+0x55/0xb0
[   43.855832][ T4196]  ? clear_bhb_loop+0x55/0xb0
[   43.855866][ T4196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.855899][ T4196] RIP: 0033:0x7f134b18cde9
[   43.855918][ T4196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.855940][ T4196] RSP: 002b:00007f13497f1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   43.856001][ T4196] RAX: ffffffffffffffda RBX: 00007f134b3a5fa0 RCX: 00007f134b18cde9
[   43.856016][ T4196] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000400000000000
[   43.856031][ T4196] RBP: 00007f13497f1090 R08: 0000000000000000 R09: 0000000000000000
[   43.856045][ T4196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.856076][ T4196] R13: 0000000000000000 R14: 00007f134b3a5fa0 R15: 00007ffed5fdcd38
[   43.856097][ T4196]  </TASK>
[   43.964937][ T4200] loop4: detected capacity change from 0 to 4096
[   44.242504][ T4200] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.258898][ T4215] loop1: detected capacity change from 0 to 256
[   44.350719][ T4221] loop1: detected capacity change from 0 to 512
[   44.357594][ T4221] EXT4-fs: Ignoring removed bh option
[   44.363836][ T4221] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   44.377020][ T4221] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   44.410430][ T4221] EXT4-fs (loop1): 1 orphan inode deleted
[   44.416205][ T4221] EXT4-fs (loop1): 1 truncate cleaned up
[   44.433144][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.487950][ T4221] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.528092][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.543075][ T4235] loop4: detected capacity change from 0 to 764
[   44.561460][ T4238] netlink: 20 bytes leftover after parsing attributes in process `syz.1.292'.
[   44.563777][ T4235] SELinux: syz.4.289 (4235) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   44.586369][ T4235] Symlink component flag not implemented
[   44.592130][ T4235] Symlink component flag not implemented (101)
[   44.621482][ T4238] loop1: detected capacity change from 0 to 2048
[   44.657002][ T4236] loop3: detected capacity change from 0 to 8192
[   44.659860][ T4242] 9pnet_fd: Insufficient options for proto=fd
[   44.673399][ T4242] xt_TPROXY: Can be used only with -p tcp or -p udp
[   44.696676][ T4244] loop1: detected capacity change from 0 to 1024
[   44.703270][ T4236]  loop3: p2 p3 p4[EZD]
[   44.708057][ T4236] loop3: p3 start 4294639647 is beyond EOD, truncated
[   44.715017][ T4236] loop3: p4 size 65536 extends beyond EOD, truncated
[   44.742820][ T4244] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.766773][ T4244] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   44.766817][ T4246] loop4: detected capacity change from 0 to 512
[   44.788020][ T4244] EXT4-fs (loop1): orphan cleanup on readonly fs
[   44.829258][ T4244] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   44.846467][ T4244] EXT4-fs (loop1): Remounting filesystem read-only
[   44.853204][ T4244] EXT4-fs (loop1): 1 orphan inode deleted
[   44.860097][ T4244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   44.860958][ T4247] loop2: detected capacity change from 0 to 8192
[   44.872208][ T4244] SELinux: (dev loop1, type ext4) getxattr errno 5
[   44.885424][ T4244] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.902018][ T4253] xt_CT: You must specify a L4 protocol and not use inversions on it
[   44.986713][ T4260] xt_CT: You must specify a L4 protocol and not use inversions on it
[   44.991349][ T4255] loop4: detected capacity change from 0 to 4096
[   45.053408][ T4255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.155588][ T4273] loop1: detected capacity change from 0 to 512
[   45.171582][ T4275] vlan2: entered allmulticast mode
[   45.240606][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.304630][ T4284] netlink: 20 bytes leftover after parsing attributes in process `syz.4.311'.
[   45.352050][ T4290] xt_CT: You must specify a L4 protocol and not use inversions on it
[   45.360440][ T4284] loop4: detected capacity change from 0 to 2048
[   45.434500][ T4302] IPv6: Can't replace route, no match found
[   45.436976][ T4305] loop0: detected capacity change from 0 to 512
[   45.449500][ T4300] loop3: detected capacity change from 0 to 4096
[   45.477255][ T4300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.570245][ T4315] xt_CT: You must specify a L4 protocol and not use inversions on it
[   45.665849][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.705994][ T4321] loop4: detected capacity change from 0 to 8192
[   45.707026][ T4325] xt_CT: You must specify a L4 protocol and not use inversions on it
[   45.749739][ T4321]  loop4: p2 p3 p4[EZD]
[   45.756183][ T4334] bridge: RTM_NEWNEIGH with invalid ether address
[   45.759013][ T4321] loop4: p3 start 4294639647 is beyond EOD, truncated
[   45.770021][ T4321] loop4: p4 size 65536 extends beyond EOD, truncated
[   45.785257][ T3375] kernel write not supported for file /184/attr/exec (pid: 3375 comm: kworker/1:5)
[   45.876471][ T4341] loop4: detected capacity change from 0 to 2048
[   45.888665][ T4345] xt_CT: You must specify a L4 protocol and not use inversions on it
[   45.984253][ T4348] loop3: detected capacity change from 0 to 4096
[   46.020036][ T4348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.112799][ T4368] loop1: detected capacity change from 0 to 512
[   46.160391][ T4370] bridge: RTM_NEWNEIGH with invalid ether address
[   46.175241][ T4374] lo speed is unknown, defaulting to 1000
[   46.190988][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.255000][ T4372] loop1: detected capacity change from 0 to 8192
[   46.261820][ T4377] siw: device registration error -23
[   46.284464][ T4377] lo speed is unknown, defaulting to 1000
[   46.298024][ T4372]  loop1: p2 p3 p4[EZD]
[   46.303400][ T4372] loop1: p3 start 4294639647 is beyond EOD, truncated
[   46.310298][ T4372] loop1: p4 size 65536 extends beyond EOD, truncated
[   46.355040][ T4391] tmpfs: Unsupported parameter 'huge'
[   46.402642][ T4399] loop4: detected capacity change from 0 to 512
[   46.433648][ T4397] loop2: detected capacity change from 0 to 4096
[   46.452779][ T4397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.453188][ T4403] netlink: 60 bytes leftover after parsing attributes in process `GPL'.
[   46.474072][ T4403] netlink: 60 bytes leftover after parsing attributes in process `GPL'.
[   46.492730][ T4407] bridge: RTM_NEWNEIGH with invalid ether address
[   46.522227][ T4403] netlink: 60 bytes leftover after parsing attributes in process `GPL'.
[   46.555781][ T4411] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[   46.562352][ T4411] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   46.570193][ T4411] vhci_hcd vhci_hcd.0: Device attached
[   46.602250][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.632913][ T4414] vhci_hcd: connection closed
[   46.633154][   T50] vhci_hcd: stop threads
[   46.642213][   T50] vhci_hcd: release socket
[   46.646649][   T50] vhci_hcd: disconnect device
[   46.646763][ T4410] loop4: detected capacity change from 0 to 8192
[   46.660985][ T4420] xt_CT: You must specify a L4 protocol and not use inversions on it
[   46.698058][ T4424] tmpfs: Unsupported parameter 'huge'
[   46.703778][ T4410]  loop4: p2 p3 p4[EZD]
[   46.708496][ T4410] loop4: p3 start 4294639647 is beyond EOD, truncated
[   46.715339][ T4410] loop4: p4 size 65536 extends beyond EOD, truncated
[   46.717000][ T4426] loop3: detected capacity change from 0 to 2048
[   46.768751][   T29] kauditd_printk_skb: 361 callbacks suppressed
[   46.768819][   T29] audit: type=1400 audit(1739467422.262:1361): avc:  denied  { map } for  pid=4430 comm="syz.0.369" path="socket:[7550]" dev="sockfs" ino=7550 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   46.797817][   T29] audit: type=1400 audit(1739467422.262:1362): avc:  denied  { read } for  pid=4430 comm="syz.0.369" path="socket:[7550]" dev="sockfs" ino=7550 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   46.848760][   T29] audit: type=1326 audit(1739467422.312:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   46.872193][   T29] audit: type=1326 audit(1739467422.312:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   46.895649][   T29] audit: type=1326 audit(1739467422.312:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   46.919097][   T29] audit: type=1326 audit(1739467422.312:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5aa2c8ce23 code=0x7ffc0000
[   46.942245][   T29] audit: type=1326 audit(1739467422.312:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5aa2c8ce23 code=0x7ffc0000
[   46.965514][   T29] audit: type=1326 audit(1739467422.322:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   46.988932][   T29] audit: type=1326 audit(1739467422.332:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   46.990083][ T4429] loop2: detected capacity change from 0 to 8192
[   47.012354][   T29] audit: type=1326 audit(1739467422.332:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4435 comm="syz.4.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   47.064353][ T4444] loop4: detected capacity change from 0 to 4096
[   47.072616][ T4429]  loop2: p2 p3 p4[EZD]
[   47.077496][ T4429] loop2: p3 start 4294639647 is beyond EOD, truncated
[   47.084333][ T4429] loop2: p4 size 65536 extends beyond EOD, truncated
[   47.094913][ T4444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.122574][ T4451] capability: warning: `syz.0.374' uses deprecated v2 capabilities in a way that may be insecure
[   47.190732][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.236686][ T4460] tmpfs: Unsupported parameter 'huge'
[   47.270063][ T4457] loop4: detected capacity change from 0 to 8192
[   47.298702][ T4457]  loop4: p2 p3 p4[EZD]
[   47.303519][ T4457] loop4: p3 start 4294639647 is beyond EOD, truncated
[   47.310414][ T4457] loop4: p4 size 65536 extends beyond EOD, truncated
[   47.345536][ T4466] loop4: detected capacity change from 0 to 764
[   47.356160][ T4466] SELinux: syz.4.381 (4466) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   47.370912][ T4466] Symlink component flag not implemented
[   47.376749][ T4466] Symlink component flag not implemented (101)
[   47.405083][ T4472] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   47.413506][ T4472] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   47.444260][ T4476] loop4: detected capacity change from 0 to 764
[   47.447219][ T4478] siw: device registration error -23
[   47.462980][ T4476] SELinux: syz.4.386 (4476) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   47.472133][ T4478] lo speed is unknown, defaulting to 1000
[   47.483437][ T4476] Symlink component flag not implemented
[   47.489543][ T4476] Symlink component flag not implemented (101)
[   47.536341][ T4481] loop4: detected capacity change from 0 to 4096
[   47.536992][ T4483] bridge: RTM_NEWNEIGH with invalid ether address
[   47.552033][ T4481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.583115][ T4486] IPv6: Can't replace route, no match found
[   47.689477][ T4497] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   47.693351][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.697690][ T4497] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   47.743394][ T4501] __nla_validate_parse: 6 callbacks suppressed
[   47.743409][ T4501] netlink: 16 bytes leftover after parsing attributes in process `syz.1.397'.
[   47.763127][ T4503] loop4: detected capacity change from 0 to 512
[   47.789859][ T4505] siw: device registration error -23
[   47.808367][ T4505] lo speed is unknown, defaulting to 1000
[   47.823412][ T4507] bridge: RTM_NEWNEIGH with invalid ether address
[   47.864577][ T4512] FAULT_INJECTION: forcing a failure.
[   47.864577][ T4512] name failslab, interval 1, probability 0, space 0, times 0
[   47.877419][ T4512] CPU: 1 UID: 0 PID: 4512 Comm: syz.1.402 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   47.877448][ T4512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   47.877526][ T4512] Call Trace:
[   47.877532][ T4512]  <TASK>
[   47.877539][ T4512]  dump_stack_lvl+0xf2/0x150
[   47.877571][ T4512]  dump_stack+0x15/0x1a
[   47.877596][ T4512]  should_fail_ex+0x24a/0x260
[   47.877647][ T4512]  should_failslab+0x8f/0xb0
[   47.877689][ T4512]  kmem_cache_alloc_lru_noprof+0x57/0x320
[   47.877729][ T4512]  ? __d_alloc+0x3d/0x340
[   47.877794][ T4512]  __d_alloc+0x3d/0x340
[   47.877832][ T4512]  d_alloc_pseudo+0x1e/0x80
[   47.877867][ T4512]  alloc_file_pseudo+0x73/0x160
[   47.877947][ T4512]  __shmem_file_setup+0x1bb/0x1f0
[   47.877995][ T4512]  shmem_file_setup+0x3b/0x50
[   47.878101][ T4512]  __se_sys_memfd_create+0x2e1/0x5a0
[   47.878197][ T4512]  __x64_sys_memfd_create+0x31/0x40
[   47.878219][ T4512]  x64_sys_call+0x2d4c/0x2dc0
[   47.878249][ T4512]  do_syscall_64+0xc9/0x1c0
[   47.878315][ T4512]  ? clear_bhb_loop+0x55/0xb0
[   47.878429][ T4512]  ? clear_bhb_loop+0x55/0xb0
[   47.878468][ T4512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.878499][ T4512] RIP: 0033:0x7fd20a3ecde9
[   47.878514][ T4512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.878531][ T4512] RSP: 002b:00007fd208a56e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   47.878550][ T4512] RAX: ffffffffffffffda RBX: 00000000000002a9 RCX: 00007fd20a3ecde9
[   47.878577][ T4512] RDX: 00007fd208a56ef0 RSI: 0000000000000000 RDI: 00007fd20a46ec51
[   47.878590][ T4512] RBP: 0000400000000500 R08: 00007fd208a56bb7 R09: 00007fd208a56e40
[   47.878603][ T4512] R10: 000000000000000a R11: 0000000000000202 R12: 0000400000000000
[   47.878616][ T4512] R13: 00007fd208a56ef0 R14: 00007fd208a56eb0 R15: 00004000000001c0
[   47.878633][ T4512]  </TASK>
[   48.097558][ T4516] FAULT_INJECTION: forcing a failure.
[   48.097558][ T4516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.110874][ T4516] CPU: 0 UID: 0 PID: 4516 Comm: syz.2.404 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   48.110901][ T4516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   48.110915][ T4516] Call Trace:
[   48.110922][ T4516]  <TASK>
[   48.110932][ T4516]  dump_stack_lvl+0xf2/0x150
[   48.110963][ T4516]  dump_stack+0x15/0x1a
[   48.111041][ T4516]  should_fail_ex+0x24a/0x260
[   48.111080][ T4516]  should_fail+0xb/0x10
[   48.111154][ T4516]  should_fail_usercopy+0x1a/0x20
[   48.111172][ T4516]  _copy_from_iter+0xd5/0xd00
[   48.111191][ T4516]  ? kmalloc_reserve+0x16e/0x190
[   48.111215][ T4516]  ? __build_skb_around+0x196/0x1f0
[   48.111276][ T4516]  ? __alloc_skb+0x21f/0x310
[   48.111298][ T4516]  ? __virt_addr_valid+0x1ed/0x250
[   48.111382][ T4516]  ? __check_object_size+0x364/0x520
[   48.111489][ T4516]  netlink_sendmsg+0x460/0x6e0
[   48.111526][ T4516]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.111560][ T4516]  __sock_sendmsg+0x140/0x180
[   48.111583][ T4516]  ____sys_sendmsg+0x312/0x410
[   48.111647][ T4516]  __sys_sendmsg+0x19d/0x230
[   48.111700][ T4516]  __x64_sys_sendmsg+0x46/0x50
[   48.111736][ T4516]  x64_sys_call+0x2734/0x2dc0
[   48.111767][ T4516]  do_syscall_64+0xc9/0x1c0
[   48.111828][ T4516]  ? clear_bhb_loop+0x55/0xb0
[   48.111929][ T4516]  ? clear_bhb_loop+0x55/0xb0
[   48.111973][ T4516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.112005][ T4516] RIP: 0033:0x7f134b18cde9
[   48.112023][ T4516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.112044][ T4516] RSP: 002b:00007f13497f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.112061][ T4516] RAX: ffffffffffffffda RBX: 00007f134b3a5fa0 RCX: 00007f134b18cde9
[   48.112073][ T4516] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000003
[   48.112152][ T4516] RBP: 00007f13497f1090 R08: 0000000000000000 R09: 0000000000000000
[   48.112166][ T4516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.112180][ T4516] R13: 0000000000000000 R14: 00007f134b3a5fa0 R15: 00007ffed5fdcd38
[   48.112202][ T4516]  </TASK>
[   48.138441][ T4518] loop4: detected capacity change from 0 to 4096
[   48.347163][ T4518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.370149][ T4532] netlink: 20 bytes leftover after parsing attributes in process `syz.1.411'.
[   48.414270][ T4532] loop1: detected capacity change from 0 to 2048
[   48.414631][ T4535] siw: device registration error -23
[   48.437356][ T4535] lo speed is unknown, defaulting to 1000
[   48.476868][ T4540] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   48.485223][ T4540] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   48.531533][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.550310][ T4548] netlink: 36 bytes leftover after parsing attributes in process `syz.1.417'.
[   48.594630][ T4554] loop1: detected capacity change from 0 to 128
[   48.601711][ T4554] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   48.650773][ T4554] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x80417272 (sector = 1)
[   48.666803][ T4554] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   48.671780][ T4565] siw: device registration error -23
[   48.711219][ T4568] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   48.719494][ T4568] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   48.746675][ T4565] lo speed is unknown, defaulting to 1000
[   48.747677][ T4574] loop3: detected capacity change from 0 to 512
[   48.810493][ T4579] loop3: detected capacity change from 0 to 764
[   48.824398][ T4582] Illegal XDP return value 1561530111 on prog  (id 266) dev N/A, expect packet loss!
[   48.838704][ T4579] SELinux: syz.3.431 (4579) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   48.866298][ T4579] Symlink component flag not implemented
[   48.872910][ T4579] Symlink component flag not implemented (101)
[   48.916018][ T4590] loop4: detected capacity change from 0 to 1024
[   48.933265][ T4592] loop2: detected capacity change from 0 to 256
[   48.940334][ T4590] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   48.960676][ T4596] loop3: detected capacity change from 0 to 2048
[   48.967419][ T4596] EXT4-fs: Ignoring removed bh option
[   48.975951][ T4590] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   48.997546][ T4590] EXT4-fs (loop4): orphan cleanup on readonly fs
[   49.014851][ T4590] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   49.026624][ T4590] EXT4-fs (loop4): Remounting filesystem read-only
[   49.042152][ T4590] EXT4-fs (loop4): 1 orphan inode deleted
[   49.048607][ T4590] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   49.060838][ T4590] SELinux: (dev loop4, type ext4) getxattr errno 5
[   49.081803][ T4590] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.093519][ T4596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.155619][ T4611] FAULT_INJECTION: forcing a failure.
[   49.155619][ T4611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.168913][ T4611] CPU: 0 UID: 0 PID: 4611 Comm: syz.2.439 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   49.168942][ T4611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   49.168956][ T4611] Call Trace:
[   49.168980][ T4611]  <TASK>
[   49.168987][ T4611]  dump_stack_lvl+0xf2/0x150
[   49.169019][ T4611]  dump_stack+0x15/0x1a
[   49.169042][ T4611]  should_fail_ex+0x24a/0x260
[   49.169117][ T4611]  should_fail+0xb/0x10
[   49.169150][ T4611]  should_fail_usercopy+0x1a/0x20
[   49.169171][ T4611]  _copy_from_user+0x1c/0xa0
[   49.169239][ T4611]  __sys_bpf+0x14e/0x7a0
[   49.169275][ T4611]  __x64_sys_bpf+0x43/0x50
[   49.169302][ T4611]  x64_sys_call+0x2914/0x2dc0
[   49.169352][ T4611]  do_syscall_64+0xc9/0x1c0
[   49.169379][ T4611]  ? clear_bhb_loop+0x55/0xb0
[   49.169406][ T4611]  ? clear_bhb_loop+0x55/0xb0
[   49.169431][ T4611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.169485][ T4611] RIP: 0033:0x7f134b18cde9
[   49.169502][ T4611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.169522][ T4611] RSP: 002b:00007f13497f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   49.169543][ T4611] RAX: ffffffffffffffda RBX: 00007f134b3a5fa0 RCX: 00007f134b18cde9
[   49.169557][ T4611] RDX: 0000000000000018 RSI: 00004000000001c0 RDI: 0000000000000006
[   49.169570][ T4611] RBP: 00007f13497f1090 R08: 0000000000000000 R09: 0000000000000000
[   49.169583][ T4611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.169675][ T4611] R13: 0000000000000000 R14: 00007f134b3a5fa0 R15: 00007ffed5fdcd38
[   49.169694][ T4611]  </TASK>
[   49.372563][ T4356] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   49.394827][ T4621] IPv6: Can't replace route, no match found
[   49.410620][ T4624] netlink: 16 bytes leftover after parsing attributes in process `syz.1.447'.
[   49.483795][ T4636] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.493983][ T4636] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[   49.497019][ T4637] xt_CT: You must specify a L4 protocol and not use inversions on it
[   49.512647][ T4635] loop1: detected capacity change from 0 to 1024
[   49.520444][ T4636] bond0: (slave sit0): Error -95 calling set_mac_address
[   49.528360][ T4635] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   49.550327][ T4635] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   49.558323][ T4635] EXT4-fs (loop1): orphan cleanup on readonly fs
[   49.577715][ T4635] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   49.587622][ T4635] EXT4-fs (loop1): Remounting filesystem read-only
[   49.594365][ T4635] EXT4-fs (loop1): 1 orphan inode deleted
[   49.602780][ T4635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   49.615341][ T4635] SELinux: (dev loop1, type ext4) getxattr errno 5
[   49.622794][ T4635] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.665963][ T4657] loop2: detected capacity change from 0 to 512
[   49.749426][ T4668] IPv6: Can't replace route, no match found
[   49.781964][ T4673] netlink: 16 bytes leftover after parsing attributes in process `syz.2.459'.
[   49.792679][ T4678] netlink: 20 bytes leftover after parsing attributes in process `syz.4.460'.
[   49.814831][ T4680] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   49.852123][ T4680] loop1: detected capacity change from 0 to 512
[   49.870330][ T4689] loop4: detected capacity change from 0 to 2048
[   49.925254][ T4700] lo speed is unknown, defaulting to 1000
[   49.973076][ T4709] netlink: 12 bytes leftover after parsing attributes in process `syz.4.466'.
[   50.028546][ T4696] loop2: detected capacity change from 0 to 8192
[   50.088208][ T4696]  loop2: p2 p3 p4[EZD]
[   50.092832][ T4696] loop2: p3 start 4294639647 is beyond EOD, truncated
[   50.099673][ T4696] loop2: p4 size 65536 extends beyond EOD, truncated
[   50.142647][ T4727] IPv6: Can't replace route, no match found
[   50.224186][ T4736] xt_CT: You must specify a L4 protocol and not use inversions on it
[   50.344914][ T4740] loop2: detected capacity change from 0 to 8192
[   50.358318][ T4743] xt_CT: You must specify a L4 protocol and not use inversions on it
[   50.385344][ T4746] Zero length message leads to an empty skb
[   50.386137][ T4740]  loop2: p2 p3 p4[EZD]
[   50.396225][ T4740] loop2: p3 start 4294639647 is beyond EOD, truncated
[   50.403027][ T4740] loop2: p4 size 65536 extends beyond EOD, truncated
[   50.542152][ T4762] netlink: 16 bytes leftover after parsing attributes in process `syz.4.486'.
[   50.563976][ T4758] loop2: detected capacity change from 0 to 4096
[   50.584977][ T4758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.638906][ T4766] xt_CT: You must specify a L4 protocol and not use inversions on it
[   50.672900][ T4774] loop1: detected capacity change from 0 to 512
[   50.699062][ T4774] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   50.775911][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.852879][ T4795] netlink: 16 bytes leftover after parsing attributes in process `syz.2.498'.
[   50.893730][ T4797] loop2: detected capacity change from 0 to 128
[   50.938170][ T4801] 9pnet_fd: Insufficient options for proto=fd
[   50.966015][ T4805] tmpfs: Unsupported parameter 'huge'
[   50.979296][ T3297] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   51.036784][ T4814] FAULT_INJECTION: forcing a failure.
[   51.036784][ T4814] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   51.050107][ T4814] CPU: 0 UID: 0 PID: 4814 Comm: syz.1.508 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   51.050135][ T4814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   51.050149][ T4814] Call Trace:
[   51.050155][ T4814]  <TASK>
[   51.050164][ T4814]  dump_stack_lvl+0xf2/0x150
[   51.050196][ T4814]  dump_stack+0x15/0x1a
[   51.050265][ T4814]  should_fail_ex+0x24a/0x260
[   51.050307][ T4814]  should_fail_alloc_page+0xfd/0x110
[   51.050340][ T4814]  __alloc_frozen_pages_noprof+0x109/0x340
[   51.050446][ T4814]  alloc_pages_mpol+0xb4/0x260
[   51.050487][ T4814]  folio_alloc_mpol_noprof+0x36/0x80
[   51.050579][ T4814]  shmem_get_folio_gfp+0x3d1/0xd90
[   51.050617][ T4814]  shmem_write_begin+0xa2/0x180
[   51.050666][ T4814]  generic_perform_write+0x1a8/0x4a0
[   51.050714][ T4814]  shmem_file_write_iter+0xc2/0xe0
[   51.050741][ T4814]  vfs_write+0x77b/0x920
[   51.050763][ T4814]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   51.050789][ T4814]  ksys_write+0xe8/0x1b0
[   51.050812][ T4814]  __x64_sys_write+0x42/0x50
[   51.050854][ T4814]  x64_sys_call+0x287e/0x2dc0
[   51.050884][ T4814]  do_syscall_64+0xc9/0x1c0
[   51.050913][ T4814]  ? clear_bhb_loop+0x55/0xb0
[   51.050947][ T4814]  ? clear_bhb_loop+0x55/0xb0
[   51.050979][ T4814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.051043][ T4814] RIP: 0033:0x7fd20a3ecde9
[   51.051060][ T4814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.051079][ T4814] RSP: 002b:00007fd208a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   51.051175][ T4814] RAX: ffffffffffffffda RBX: 00007fd20a605fa0 RCX: 00007fd20a3ecde9
[   51.051189][ T4814] RDX: 0000000000040010 RSI: 0000400000000180 RDI: 0000000000000007
[   51.051202][ T4814] RBP: 00007fd208a57090 R08: 0000000000000000 R09: 0000000000000000
[   51.051215][ T4814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.051231][ T4814] R13: 0000000000000000 R14: 00007fd20a605fa0 R15: 00007ffd9f819e78
[   51.051248][ T4814]  </TASK>
[   51.263982][ T4815] xt_CT: You must specify a L4 protocol and not use inversions on it
[   51.295536][ T4819] netlink: 16 bytes leftover after parsing attributes in process `syz.1.510'.
[   51.324530][ T4822] loop1: detected capacity change from 0 to 256
[   51.344576][ T4824] tmpfs: Unsupported parameter 'huge'
[   51.388460][ T4830] loop2: detected capacity change from 0 to 764
[   51.397102][ T4826] loop1: detected capacity change from 0 to 8192
[   51.404440][ T4830] Symlink component flag not implemented
[   51.410177][ T4830] Symlink component flag not implemented (101)
[   51.438265][ T4826]  loop1: p2 p3 p4[EZD]
[   51.442734][ T4832] loop2: detected capacity change from 0 to 2048
[   51.443038][ T4826] loop1: p3 start 4294639647 is beyond EOD, truncated
[   51.455957][ T4826] loop1: p4 size 65536 extends beyond EOD, truncated
[   51.524621][ T4838] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   51.532911][ T4838] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   51.583866][ T4845] loop4: detected capacity change from 0 to 256
[   51.621543][ T4852] loop1: detected capacity change from 0 to 128
[   51.638963][ T4856] tmpfs: Unsupported parameter 'huge'
[   51.642660][ T4852] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   51.655298][ T4852] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[   51.684724][ T3297] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   51.713145][ T4863] loop4: detected capacity change from 0 to 2048
[   51.799416][ T4878] siw: device registration error -23
[   51.816669][ T4878] lo speed is unknown, defaulting to 1000
[   51.856090][ T4884] IPv6: Can't replace route, no match found
[   51.956386][   T29] kauditd_printk_skb: 335 callbacks suppressed
[   51.956404][   T29] audit: type=1326 audit(1739467940.372:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   51.991986][ T4894] loop2: detected capacity change from 0 to 8192
[   52.006949][ T4898] loop4: detected capacity change from 0 to 2048
[   52.021058][   T29] audit: type=1326 audit(1739467940.372:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   52.044592][   T29] audit: type=1326 audit(1739467940.401:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   52.068274][   T29] audit: type=1326 audit(1739467940.401:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5aa2c8ce23 code=0x7ffc0000
[   52.081305][ T4910] loop1: detected capacity change from 0 to 2048
[   52.091515][   T29] audit: type=1326 audit(1739467940.401:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5aa2c8b89f code=0x7ffc0000
[   52.121719][   T29] audit: type=1400 audit(1739467940.401:1703): avc:  denied  { read write } for  pid=4901 comm="syz.0.544" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   52.128898][ T4894]  loop2: p2 p3 p4[EZD]
[   52.145131][   T29] audit: type=1400 audit(1739467940.401:1704): avc:  denied  { open } for  pid=4901 comm="syz.0.544" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   52.173386][   T29] audit: type=1326 audit(1739467940.421:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5aa2c8ce77 code=0x7ffc0000
[   52.196708][   T29] audit: type=1326 audit(1739467940.421:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5aa2c8b750 code=0x7ffc0000
[   52.220188][   T29] audit: type=1326 audit(1739467940.421:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5aa2c8c9eb code=0x7ffc0000
[   52.220435][ T4894] loop2: p3 start 4294639647 is beyond EOD, truncated
[   52.250282][ T4894] loop2: p4 size 65536 extends beyond EOD, truncated
[   52.280862][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.327246][ T4922] IPv6: Can't replace route, no match found
[   52.341764][ T4920] siw: device registration error -23
[   52.359417][ T4920] lo speed is unknown, defaulting to 1000
[   52.511563][ T4929] loop3: detected capacity change from 0 to 8192
[   52.552971][ T4929]  loop3: p2 p3 p4[EZD]
[   52.563763][ T4929] loop3: p3 start 4294639647 is beyond EOD, truncated
[   52.570616][ T4929] loop3: p4 size 65536 extends beyond EOD, truncated
[   52.576355][ T4945] loop2: detected capacity change from 0 to 2048
[   52.599249][ T4947] loop1: detected capacity change from 0 to 4096
[   52.673370][ T4950] lo speed is unknown, defaulting to 1000
[   52.704315][ T4953] IPv6: Can't replace route, no match found
[   52.795263][ T4962] loop3: detected capacity change from 0 to 2048
[   52.924323][ T4973] loop2: detected capacity change from 0 to 764
[   52.960779][ T4973] Symlink component flag not implemented
[   52.966507][ T4973] Symlink component flag not implemented (101)
[   52.974328][ T4976] loop1: detected capacity change from 0 to 512
[   53.206389][ T4987] siw: device registration error -23
[   53.241504][ T4987] lo speed is unknown, defaulting to 1000
[   53.268151][ T4989] loop3: detected capacity change from 0 to 2048
[   53.277867][ T4991] IPv6: Can't replace route, no match found
[   53.358601][ T4996] __nla_validate_parse: 2 callbacks suppressed
[   53.358619][ T4996] netlink: 16 bytes leftover after parsing attributes in process `syz.4.580'.
[   53.374894][ T4994] xt_CT: No such helper "netbios-ns"
[   53.427410][ T4994] loop2: detected capacity change from 0 to 512
[   53.453613][ T5003] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   53.461857][ T5003] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   53.483916][ T4994] loop2: detected capacity change from 0 to 512
[   53.533573][ T4994] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.609459][ T5017] siw: device registration error -23
[   53.640728][ T5021] loop2: detected capacity change from 0 to 512
[   53.648719][ T5019] IPv6: Can't replace route, no match found
[   53.659820][ T5017] lo speed is unknown, defaulting to 1000
[   53.714088][ T5026] loop1: detected capacity change from 0 to 1024
[   53.728536][ T5026] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   53.741286][ T5026] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   53.761097][ T5026] EXT4-fs (loop1): orphan cleanup on readonly fs
[   53.768235][ T5031] loop2: detected capacity change from 0 to 1024
[   53.775175][ T5026] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   53.786244][ T5026] EXT4-fs (loop1): Remounting filesystem read-only
[   53.793353][ T5026] EXT4-fs (loop1): 1 orphan inode deleted
[   53.799527][ T5026] SELinux: (dev loop1, type ext4) getxattr errno 5
[   53.803837][ T5031] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   53.840201][ T5031] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   53.852450][ T5031] EXT4-fs (loop2): orphan cleanup on readonly fs
[   53.887215][ T5031] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   53.937701][ T5031] EXT4-fs (loop2): Remounting filesystem read-only
[   53.950644][ T5042] loop1: detected capacity change from 0 to 2048
[   53.955599][ T5031] EXT4-fs (loop2): 1 orphan inode deleted
[   53.969651][ T5031] SELinux: (dev loop2, type ext4) getxattr errno 5
[   54.014025][ T5046] loop4: detected capacity change from 0 to 4096
[   54.046424][ T5044] loop3: detected capacity change from 0 to 8192
[   54.098063][ T5036] loop7: detected capacity change from 0 to 63
[   54.104403][ T5044]  loop3: p2 p3 p4[EZD]
[   54.120611][ T5044] loop3: p3 start 4294639647 is beyond EOD, truncated
[   54.127561][ T5044] loop3: p4 size 65536 extends beyond EOD, truncated
[   54.152835][ T5055] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   54.161199][ T5055] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   54.253596][ T5061] block device autoloading is deprecated and will be removed.
[   54.261209][ T5061] syz.1.608: attempt to access beyond end of device
[   54.261209][ T5061] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   54.284518][ T5063] loop3: detected capacity change from 0 to 2048
[   54.363414][ T5063]  loop3: p1 < > p4
[   54.367463][ T5071] netlink: 'syz.2.612': attribute type 1 has an invalid length.
[   54.373991][ T5063] loop3: p4 size 8388608 extends beyond EOD, truncated
[   54.397550][ T5071] netlink: 12 bytes leftover after parsing attributes in process `syz.2.612'.
[   54.420276][ T5073] loop1: detected capacity change from 0 to 2048
[   54.435545][ T5075] loop3: detected capacity change from 0 to 512
[   54.509634][ T5082] loop1: detected capacity change from 0 to 2048
[   54.662616][ T5094] netlink: 20 bytes leftover after parsing attributes in process `syz.2.621'.
[   54.709109][ T5100] loop0: detected capacity change from 0 to 512
[   54.722147][ T5094] loop2: detected capacity change from 0 to 2048
[   54.729183][ T5100] EXT4-fs: Ignoring removed orlov option
[   54.744206][ T5100] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.765967][ T5103] xt_CT: You must specify a L4 protocol and not use inversions on it
[   54.779958][ T5100] EXT4-fs (loop0): orphan cleanup on readonly fs
[   54.802159][ T5100] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.623: bg 0: block 248: padding at end of block bitmap is not set
[   54.819980][ T5106] bridge: RTM_NEWNEIGH with invalid ether address
[   54.845043][ T5100] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.623: Failed to acquire dquot type 1
[   54.888881][ T5100] EXT4-fs (loop0): 1 truncate cleaned up
[   54.917891][ T5100] EXT4-fs: Ignoring removed orlov option
[   54.924619][ T5100] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.940348][ T5112] loop1: detected capacity change from 0 to 2048
[   54.943307][ T5100] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   54.968186][ T5100] EXT4-fs error (device loop0): __ext4_remount:6738: comm syz.0.623: Abort forced by user
[   54.988208][ T5100] EXT4-fs (loop0): Remounting filesystem read-only
[   54.994861][ T5100] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   55.005364][ T5100] ext4 filesystem being remounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   55.070173][ T5100] syz.0.623 (5100) used greatest stack depth: 9272 bytes left
[   55.167766][ T5135] loop0: detected capacity change from 0 to 1024
[   55.185044][ T5135] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   55.199261][ T5139] loop4: detected capacity change from 0 to 764
[   55.210056][ T5136] xt_CT: You must specify a L4 protocol and not use inversions on it
[   55.223764][ T5140] bridge: RTM_NEWNEIGH with invalid ether address
[   55.229853][ T5135] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   55.239227][ T5135] EXT4-fs (loop0): orphan cleanup on readonly fs
[   55.249421][ T5135] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   55.254096][ T5139] Symlink component flag not implemented
[   55.273353][ T5135] EXT4-fs (loop0): Remounting filesystem read-only
[   55.280794][ T5135] EXT4-fs (loop0): 1 orphan inode deleted
[   55.287570][ T5139] Symlink component flag not implemented (101)
[   55.296965][ T5144] loop2: detected capacity change from 0 to 512
[   55.303722][ T5135] SELinux: (dev loop0, type ext4) getxattr errno 5
[   55.392219][ T5151] loop1: detected capacity change from 0 to 8192
[   55.405834][ T5147] loop4: detected capacity change from 0 to 2048
[   55.462246][ T5156] netlink: 16 bytes leftover after parsing attributes in process `syz.1.645'.
[   55.528945][ T5164] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   55.537473][ T5164] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   55.541745][ T5154] loop3: detected capacity change from 0 to 8192
[   55.570350][ T5169] tmpfs: Unsupported parameter 'huge'
[   55.576010][ T5167] loop4: detected capacity change from 0 to 256
[   55.613505][ T5154]  loop3: p2 p3 p4[EZD]
[   55.615515][ T5173] loop0: detected capacity change from 0 to 764
[   55.622417][ T5154] loop3: p3 start 4294639647 is beyond EOD, truncated
[   55.630860][ T5154] loop3: p4 size 65536 extends beyond EOD, truncated
[   55.663494][ T5173] Symlink component flag not implemented
[   55.679797][ T5173] Symlink component flag not implemented (101)
[   55.731004][ T5178] xt_CT: You must specify a L4 protocol and not use inversions on it
[   55.761035][ T5182] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   55.769382][ T5182] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   55.907711][ T5191] bridge: RTM_NEWNEIGH with invalid ether address
[   55.916606][ T5193] tmpfs: Unsupported parameter 'huge'
[   55.968536][ T5195] loop2: detected capacity change from 0 to 8192
[   55.980580][ T5199] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   55.988882][ T5199] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   56.011644][ T5203] loop1: detected capacity change from 0 to 764
[   56.017025][ T5195]  loop2: p2 p3 p4[EZD]
[   56.032406][ T5195] loop2: p3 start 4294639647 is beyond EOD, truncated
[   56.039241][ T5195] loop2: p4 size 65536 extends beyond EOD, truncated
[   56.047378][ T5207] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   56.055838][ T5207] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   56.071285][ T5209] loop4: detected capacity change from 0 to 512
[   56.078149][ T5203] Symlink component flag not implemented
[   56.085426][ T5203] Symlink component flag not implemented (101)
[   56.133788][ T5216] tmpfs: Unsupported parameter 'huge'
[   56.171143][ T5220] bridge: RTM_NEWNEIGH with invalid ether address
[   56.177933][ T5222] loop3: detected capacity change from 0 to 1024
[   56.189575][ T5222] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   56.207063][ T5222] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   56.218143][ T5222] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   56.229028][ T5222] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   56.281258][ T5234] loop2: detected capacity change from 0 to 256
[   56.296587][ T5228] infiniband syz!: set active
[   56.301403][ T5228] infiniband syz!: added team_slave_0
[   56.302624][ T5237] netlink: 36 bytes leftover after parsing attributes in process `syz.4.677'.
[   56.344524][ T5228] RDS/IB: syz!: added
[   56.348626][ T5228] smc: adding ib device syz! with port count 1
[   56.354948][ T5228] smc:    ib device syz! port 1 has pnetid 
[   56.534980][ T5252] loop2: detected capacity change from 0 to 8192
[   56.553063][ T5252]  loop2: p2 p3 p4[EZD]
[   56.557733][ T5252] loop2: p3 start 4294639647 is beyond EOD, truncated
[   56.564545][ T5252] loop2: p4 size 65536 extends beyond EOD, truncated
[   56.622243][ T5255] loop1: detected capacity change from 0 to 1024
[   56.629984][ T5255] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   56.642108][ T5255] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   56.651055][ T5255] EXT4-fs (loop1): orphan cleanup on readonly fs
[   56.667851][ T5255] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   56.682498][ T5255] EXT4-fs (loop1): Remounting filesystem read-only
[   56.689521][ T5255] EXT4-fs (loop1): 1 orphan inode deleted
[   56.696088][ T5255] SELinux: (dev loop1, type ext4) getxattr errno 5
[   56.735791][ T5262] netlink: 16 bytes leftover after parsing attributes in process `syz.2.687'.
[   56.766139][ T5264] loop1: detected capacity change from 0 to 512
[   56.789232][ T5271] bridge: RTM_NEWNEIGH with invalid ether address
[   56.832285][ T5275] loop3: detected capacity change from 0 to 4096
[   56.883098][ T5279] xt_CT: You must specify a L4 protocol and not use inversions on it
[   56.965326][ T5283] tmpfs: Unsupported parameter 'huge'
[   56.992586][ T5286] netlink: 20 bytes leftover after parsing attributes in process `syz.2.696'.
[   57.016760][ T5286] loop2: detected capacity change from 0 to 2048
[   57.108791][   T29] kauditd_printk_skb: 554 callbacks suppressed
[   57.108805][   T29] audit: type=1400 audit(1739467945.400:2244): avc:  denied  { read append } for  pid=5294 comm="syz.4.699" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   57.139383][ T5298] loop2: detected capacity change from 0 to 1024
[   57.150353][ T5298] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   57.160371][ T5298] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   57.171336][ T5298] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   57.186606][ T5298] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   57.203072][ T5303] bridge: RTM_NEWNEIGH with invalid ether address
[   57.223544][ T5304] xt_CT: You must specify a L4 protocol and not use inversions on it
[   57.291058][   T29] audit: type=1326 audit(1739467945.577:2245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.332712][ T5308] netlink: 'syz.0.705': attribute type 4 has an invalid length.
[   57.340647][ T5308] netlink: 'syz.0.705': attribute type 2 has an invalid length.
[   57.403100][   T29] audit: type=1326 audit(1739467945.606:2246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.426468][   T29] audit: type=1326 audit(1739467945.606:2247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.449961][   T29] audit: type=1326 audit(1739467945.606:2248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.473473][   T29] audit: type=1326 audit(1739467945.606:2249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.497218][   T29] audit: type=1326 audit(1739467945.606:2250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.520578][   T29] audit: type=1326 audit(1739467945.606:2251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.544043][   T29] audit: type=1326 audit(1739467945.606:2252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.567447][   T29] audit: type=1326 audit(1739467945.645:2253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5309 comm="syz.1.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd20a3ecde9 code=0x7ffc0000
[   57.819517][ T5321] loop1: detected capacity change from 0 to 764
[   57.828332][ T5321] Symlink component flag not implemented
[   57.834280][ T5321] Symlink component flag not implemented (101)
[   57.889952][ T5326] tmpfs: Unsupported parameter 'huge'
[   57.952184][ T5331] xt_CT: You must specify a L4 protocol and not use inversions on it
[   57.962129][ T5330] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   58.023052][ T5337] bridge: RTM_NEWNEIGH with invalid ether address
[   58.269631][ T5356] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   58.331115][ T5363] loop0: detected capacity change from 0 to 764
[   58.354764][ T5363] FAULT_INJECTION: forcing a failure.
[   58.354764][ T5363] name failslab, interval 1, probability 0, space 0, times 0
[   58.367469][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.723 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   58.367556][ T5363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   58.367570][ T5363] Call Trace:
[   58.367658][ T5363]  <TASK>
[   58.367666][ T5363]  dump_stack_lvl+0xf2/0x150
[   58.367699][ T5363]  dump_stack+0x15/0x1a
[   58.367721][ T5363]  should_fail_ex+0x24a/0x260
[   58.367759][ T5363]  should_failslab+0x8f/0xb0
[   58.367811][ T5363]  kmem_cache_alloc_noprof+0x52/0x320
[   58.367966][ T5363]  ? getname_flags+0x81/0x3b0
[   58.368001][ T5363]  ? vfs_write+0x644/0x920
[   58.368032][ T5363]  getname_flags+0x81/0x3b0
[   58.368065][ T5363]  user_path_at+0x26/0x120
[   58.368087][ T5363]  __se_sys_utime+0xc6/0x1c0
[   58.368163][ T5363]  __x64_sys_utime+0x31/0x40
[   58.368194][ T5363]  x64_sys_call+0x2996/0x2dc0
[   58.368226][ T5363]  do_syscall_64+0xc9/0x1c0
[   58.368254][ T5363]  ? clear_bhb_loop+0x55/0xb0
[   58.368410][ T5363]  ? clear_bhb_loop+0x55/0xb0
[   58.368440][ T5363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.368478][ T5363] RIP: 0033:0x7f4ff051cde9
[   58.368495][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.368516][ T5363] RSP: 002b:00007f4feeb87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084
[   58.368538][ T5363] RAX: ffffffffffffffda RBX: 00007f4ff0735fa0 RCX: 00007f4ff051cde9
[   58.368550][ T5363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00004000000000c0
[   58.368564][ T5363] RBP: 00007f4feeb87090 R08: 0000000000000000 R09: 0000000000000000
[   58.368578][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.368666][ T5363] R13: 0000000000000000 R14: 00007f4ff0735fa0 R15: 00007ffc1028d308
[   58.368687][ T5363]  </TASK>
[   58.580809][ T5367] bridge: RTM_NEWNEIGH with invalid ether address
[   58.649716][ T5374] IPv6: Can't replace route, no match found
[   58.676378][ T5369] loop4: detected capacity change from 0 to 8192
[   58.716051][ T5369]  loop4: p2 p3 p4[EZD]
[   58.728019][ T5369] loop4: p3 start 4294639647 is beyond EOD, truncated
[   58.729293][ T5379] xt_CT: You must specify a L4 protocol and not use inversions on it
[   58.734846][ T5369] loop4: p4 size 65536 extends beyond EOD, truncated
[   58.816211][ T5389] loop0: detected capacity change from 0 to 764
[   58.822000][ T5390] loop4: detected capacity change from 0 to 764
[   58.835947][ T5389] Symlink component flag not implemented
[   58.843250][ T5389] Symlink component flag not implemented (101)
[   58.854949][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'.
[   58.864570][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.734'.
[   58.880489][ T5390] Symlink component flag not implemented
[   58.889162][ T5390] Symlink component flag not implemented (101)
[   58.906215][ T5394] FAULT_INJECTION: forcing a failure.
[   58.906215][ T5394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.919341][ T5394] CPU: 1 UID: 0 PID: 5394 Comm: syz.1.735 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   58.919389][ T5394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   58.919404][ T5394] Call Trace:
[   58.919412][ T5394]  <TASK>
[   58.919421][ T5394]  dump_stack_lvl+0xf2/0x150
[   58.919453][ T5394]  dump_stack+0x15/0x1a
[   58.919562][ T5394]  should_fail_ex+0x24a/0x260
[   58.919603][ T5394]  should_fail+0xb/0x10
[   58.919638][ T5394]  should_fail_usercopy+0x1a/0x20
[   58.919665][ T5394]  _copy_from_user+0x1c/0xa0
[   58.919692][ T5394]  kstrtouint_from_user+0x76/0xe0
[   58.919756][ T5394]  ? 0xffffffff81000000
[   58.919770][ T5394]  ? selinux_file_permission+0x22a/0x360
[   58.919813][ T5394]  proc_fail_nth_write+0x4f/0x150
[   58.919841][ T5394]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   58.919865][ T5394]  vfs_write+0x27d/0x920
[   58.919884][ T5394]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   58.919950][ T5394]  ? __fget_files+0x17c/0x1c0
[   58.919998][ T5394]  ksys_write+0xe8/0x1b0
[   58.920021][ T5394]  __x64_sys_write+0x42/0x50
[   58.920042][ T5394]  x64_sys_call+0x287e/0x2dc0
[   58.920070][ T5394]  do_syscall_64+0xc9/0x1c0
[   58.920098][ T5394]  ? clear_bhb_loop+0x55/0xb0
[   58.920218][ T5394]  ? clear_bhb_loop+0x55/0xb0
[   58.920250][ T5394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.920358][ T5394] RIP: 0033:0x7fd20a3eb89f
[   58.920375][ T5394] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   58.920397][ T5394] RSP: 002b:00007fd208a57030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   58.920416][ T5394] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd20a3eb89f
[   58.920427][ T5394] RDX: 0000000000000001 RSI: 00007fd208a570a0 RDI: 0000000000000008
[   58.920438][ T5394] RBP: 00007fd208a57090 R08: 0000000000000000 R09: 0000000000000000
[   58.920449][ T5394] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   58.920459][ T5394] R13: 0000000000000000 R14: 00007fd20a605fa0 R15: 00007ffd9f819e78
[   58.920515][ T5394]  </TASK>
[   59.232050][ T5404] xt_CT: You must specify a L4 protocol and not use inversions on it
[   59.241105][ T5399] loop0: detected capacity change from 0 to 8192
[   59.308310][ T5387] lo speed is unknown, defaulting to 1000
[   59.317908][ T5399]  loop0: p2 p3 p4[EZD]
[   59.323250][ T5399] loop0: p3 start 4294639647 is beyond EOD, truncated
[   59.330080][ T5399] loop0: p4 size 65536 extends beyond EOD, truncated
[   59.424419][ T5406] lo speed is unknown, defaulting to 1000
[   59.790366][ T5416] loop0: detected capacity change from 0 to 1024
[   59.824770][ T5416] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.836189][ T5416] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   59.866649][ T5416] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.885811][ T5416] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   59.901253][ T5416] EXT4-fs (loop0): Remounting filesystem read-only
[   59.971787][ T5416] EXT4-fs (loop0): 1 orphan inode deleted
[   60.036871][ T5416] SELinux: (dev loop0, type ext4) getxattr errno 5
[   60.109882][ T5425] xt_CT: You must specify a L4 protocol and not use inversions on it
[   60.120475][ T5427] netlink: 'syz.3.747': attribute type 21 has an invalid length.
[   60.128251][ T5427] netlink: 'syz.3.747': attribute type 20 has an invalid length.
[   60.136122][ T5427] IPv6: NLM_F_CREATE should be specified when creating new route
[   60.182306][ T5431] IPv6: Can't replace route, no match found
[   60.221949][ T5429] loop0: detected capacity change from 0 to 2048
[   60.314602][ T5434] loop3: detected capacity change from 0 to 8192
[   60.392014][ T5436] loop1: detected capacity change from 0 to 8192
[   60.404848][ T5434]  loop3: p2 p3 p4[EZD]
[   60.413414][ T5434] loop3: p3 start 4294639647 is beyond EOD, truncated
[   60.420215][ T5434] loop3: p4 size 65536 extends beyond EOD, truncated
[   60.486085][ T5436]  loop1: p2 p3 p4[EZD]
[   60.492006][ T5436] loop1: p3 start 4294639647 is beyond EOD, truncated
[   60.498962][ T5436] loop1: p4 size 65536 extends beyond EOD, truncated
[   60.563779][ T5444] loop3: detected capacity change from 0 to 764
[   60.595102][ T5447] 9p: Unknown access argument c: -22
[   60.603085][ T5444] Symlink component flag not implemented
[   60.611534][ T5444] Symlink component flag not implemented (101)
[   60.651353][ T5451] loop3: detected capacity change from 0 to 2048
[   60.737874][ T5453] loop1: detected capacity change from 0 to 512
[   60.767298][ T5453] EXT4-fs: Ignoring removed orlov option
[   60.783096][ T5453] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   60.794680][ T5453] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it
[   60.804989][ T5453] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.758: Corrupt directory, running e2fsck is recommended
[   60.867101][ T5453] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   60.897807][ T5453] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.758: corrupted in-inode xattr: invalid ea_ino
[   60.929825][ T5468] loop3: detected capacity change from 0 to 512
[   60.931556][ T5453] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.758: couldn't read orphan inode 15 (err -117)
[   60.993303][ T5471] lo speed is unknown, defaulting to 1000
[   61.042256][ T5475] syz!: rxe_newlink: already configured on team_slave_0
[   61.083486][ T5476] loop3: detected capacity change from 0 to 8192
[   61.115004][ T5476]  loop3: p2 p3 p4[EZD]
[   61.124574][ T5476] loop3: p3 start 4294639647 is beyond EOD, truncated
[   61.131375][ T5476] loop3: p4 size 65536 extends beyond EOD, truncated
[   61.173777][ T5483] loop4: detected capacity change from 0 to 764
[   61.194731][ T5487] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   61.208350][ T5486] netlink: 'syz.1.771': attribute type 21 has an invalid length.
[   61.216287][ T5486] netlink: 'syz.1.771': attribute type 20 has an invalid length.
[   61.224025][ T5486] IPv6: NLM_F_CREATE should be specified when creating new route
[   61.235508][ T5483] Symlink component flag not implemented
[   61.242215][ T5483] Symlink component flag not implemented (101)
[   61.285057][ T5493] netlink: 20 bytes leftover after parsing attributes in process `syz.3.773'.
[   61.321630][ T5494] loop2: detected capacity change from 0 to 4096
[   61.321904][ T5493] loop3: detected capacity change from 0 to 2048
[   61.342420][ T5500] loop0: detected capacity change from 0 to 256
[   61.423351][ T5507] loop3: detected capacity change from 0 to 4096
[   61.544986][ T5511] loop4: detected capacity change from 0 to 8192
[   61.599591][ T5520] tmpfs: Unsupported parameter 'huge'
[   61.618603][ T5511]  loop4: p2 p3 p4[EZD]
[   61.625159][ T5511] loop4: p3 start 4294639647 is beyond EOD, truncated
[   61.632003][ T5511] loop4: p4 size 65536 extends beyond EOD, truncated
[   61.674817][ T5524] bridge: RTM_NEWNEIGH with invalid ether address
[   61.695331][ T5526] loop0: detected capacity change from 0 to 1024
[   61.724270][ T5526] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   61.767524][ T5526] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   61.792868][ T5526] EXT4-fs (loop0): orphan cleanup on readonly fs
[   61.821060][ T5542] loop3: detected capacity change from 0 to 2048
[   61.826993][ T5545] tmpfs: Unsupported parameter 'huge'
[   61.842225][ T5526] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   61.860904][ T5547] loop2: detected capacity change from 0 to 1024
[   61.915042][ T5547] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   61.925937][ T5526] EXT4-fs (loop0): Remounting filesystem read-only
[   61.933689][ T5555] netlink: 16 bytes leftover after parsing attributes in process `syz.1.799'.
[   61.948033][ T5526] EXT4-fs (loop0): 1 orphan inode deleted
[   61.957212][ T5547] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   61.967825][ T5526] SELinux: (dev loop0, type ext4) getxattr errno 5
[   61.979741][ T5547] EXT4-fs (loop2): orphan cleanup on readonly fs
[   62.017452][ T5547] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   62.061951][ T5563] bridge: RTM_NEWNEIGH with invalid ether address
[   62.087848][ T5547] EXT4-fs (loop2): Remounting filesystem read-only
[   62.122294][ T5547] EXT4-fs (loop2): 1 orphan inode deleted
[   62.144616][ T5547] SELinux: (dev loop2, type ext4) getxattr errno 5
[   62.189790][ T5577] loop4: detected capacity change from 0 to 256
[   62.196878][ T5575] tmpfs: Unsupported parameter 'huge'
[   62.223900][   T29] kauditd_printk_skb: 371 callbacks suppressed
[   62.223918][   T29] audit: type=1400 audit(1739467950.432:2613): avc:  granted  { setsecparam } for  pid=5578 comm="syz.0.809" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   62.253228][ T5581] netlink: 16 bytes leftover after parsing attributes in process `syz.2.810'.
[   62.275426][ T5585] loop3: detected capacity change from 0 to 1024
[   62.289243][ T5585] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   62.301272][ T5585] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   62.309404][ T5583] loop1: detected capacity change from 0 to 8192
[   62.316011][ T5585] EXT4-fs (loop3): orphan cleanup on readonly fs
[   62.344130][ T5583]  loop1: p2 p3 p4[EZD]
[   62.351549][ T5583] loop1: p3 start 4294639647 is beyond EOD, truncated
[   62.358549][ T5583] loop1: p4 size 65536 extends beyond EOD, truncated
[   62.380214][ T5590] bridge: RTM_NEWNEIGH with invalid ether address
[   62.396327][ T5585] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   62.433952][ T5585] EXT4-fs (loop3): Remounting filesystem read-only
[   62.445837][ T5585] Quota error (device loop3): write_blk: dquota write failed
[   62.453297][ T5585] Quota error (device loop3): write_blk: dquota write failed
[   62.460873][ T5585] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[   62.507987][ T5585] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   62.520508][   T29] audit: type=1326 audit(1739467950.718:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5599 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   62.528419][ T5598] loop1: detected capacity change from 0 to 2048
[   62.545978][ T5585] EXT4-fs (loop3): 1 orphan inode deleted
[   62.576533][ T5585] SELinux: (dev loop3, type ext4) getxattr errno 5
[   62.594160][   T29] audit: type=1326 audit(1739467950.748:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5599 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   62.617704][   T29] audit: type=1326 audit(1739467950.758:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5599 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   62.641118][   T29] audit: type=1326 audit(1739467950.758:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5599 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   62.664930][   T29] audit: type=1326 audit(1739467950.758:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5599 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   62.764677][ T5616] netlink: 20 bytes leftover after parsing attributes in process `syz.2.826'.
[   62.780577][ T5617] FAULT_INJECTION: forcing a failure.
[   62.780577][ T5617] name failslab, interval 1, probability 0, space 0, times 0
[   62.793388][ T5617] CPU: 1 UID: 0 PID: 5617 Comm: syz.3.825 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   62.793458][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   62.793470][ T5617] Call Trace:
[   62.793476][ T5617]  <TASK>
[   62.793483][ T5617]  dump_stack_lvl+0xf2/0x150
[   62.793545][ T5617]  dump_stack+0x15/0x1a
[   62.793570][ T5617]  should_fail_ex+0x24a/0x260
[   62.793605][ T5617]  should_failslab+0x8f/0xb0
[   62.793629][ T5617]  kmem_cache_alloc_noprof+0x52/0x320
[   62.793709][ T5617]  ? radix_tree_node_alloc+0x8b/0x1e0
[   62.793777][ T5617]  radix_tree_node_alloc+0x8b/0x1e0
[   62.793874][ T5617]  radix_tree_extend+0xd4/0x350
[   62.793895][ T5617]  idr_get_free+0x132/0x550
[   62.793918][ T5617]  idr_alloc_u32+0xcb/0x180
[   62.793960][ T5617]  idr_alloc+0x6a/0xd0
[   62.793984][ T5617]  loop_add+0x143/0x590
[   62.794011][ T5617]  ? ioctl_has_perm+0x28d/0x2e0
[   62.794051][ T5617]  loop_control_ioctl+0xc8/0x440
[   62.794076][ T5617]  ? __pfx_loop_control_ioctl+0x10/0x10
[   62.794100][ T5617]  __se_sys_ioctl+0xc9/0x140
[   62.794119][ T5617]  __x64_sys_ioctl+0x43/0x50
[   62.794161][ T5617]  x64_sys_call+0x1690/0x2dc0
[   62.794229][ T5617]  do_syscall_64+0xc9/0x1c0
[   62.794258][ T5617]  ? clear_bhb_loop+0x55/0xb0
[   62.794341][ T5617]  ? clear_bhb_loop+0x55/0xb0
[   62.794367][ T5617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.794401][ T5617] RIP: 0033:0x7f5fdac2cde9
[   62.794496][ T5617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.794517][ T5617] RSP: 002b:00007f5fd9291038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   62.794539][ T5617] RAX: ffffffffffffffda RBX: 00007f5fdae45fa0 RCX: 00007f5fdac2cde9
[   62.794552][ T5617] RDX: 0000000007000000 RSI: 0000000000004c80 RDI: 0000000000000006
[   62.794563][ T5617] RBP: 00007f5fd9291090 R08: 0000000000000000 R09: 0000000000000000
[   62.794577][ T5617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.794591][ T5617] R13: 0000000000000000 R14: 00007f5fdae45fa0 R15: 00007ffe5387e908
[   62.794627][ T5617]  </TASK>
[   63.008611][ T5616] loop2: detected capacity change from 0 to 2048
[   63.060851][ T5629] siw: device registration error -23
[   63.066412][ T5624] loop0: detected capacity change from 0 to 2048
[   63.083724][ T5625] netlink: 16 bytes leftover after parsing attributes in process `syz.4.823'.
[   63.096289][ T5636] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[   63.103731][ T5631] netlink: 16 bytes leftover after parsing attributes in process `syz.3.832'.
[   63.280790][ T5652] loop2: detected capacity change from 0 to 2048
[   63.349996][ T5656] netlink: 20 bytes leftover after parsing attributes in process `syz.2.841'.
[   63.375746][ T5656] loop2: detected capacity change from 0 to 2048
[   63.400564][ T5662] siw: device registration error -23
[   63.421172][ T5665] netlink: 'syz.3.844': attribute type 29 has an invalid length.
[   63.431235][ T5665] netlink: 'syz.3.844': attribute type 29 has an invalid length.
[   63.504419][ T5669] loop0: detected capacity change from 0 to 4096
[   63.554707][ T5684] loop2: detected capacity change from 0 to 256
[   63.595133][ T5682] loop3: detected capacity change from 0 to 8192
[   63.652283][ T5682]  loop3: p2 p3 p4[EZD]
[   63.657096][ T5682] loop3: p3 start 4294639647 is beyond EOD, truncated
[   63.663946][ T5682] loop3: p4 size 65536 extends beyond EOD, truncated
[   63.689120][ T5687] siw: device registration error -23
[   63.857399][ T5692] loop0: detected capacity change from 0 to 1024
[   63.864497][ T5692] EXT4-fs: Ignoring removed i_version option
[   63.871258][ T5692] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   63.882395][ T5692] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   63.892481][ T5692] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   63.906593][ T5692] EXT4-fs (loop0): invalid journal inode
[   63.912398][ T5692] EXT4-fs (loop0): can't get journal size
[   63.918730][ T5692] EXT4-fs error (device loop0): ext4_protect_reserved_inode:182: inode #3: comm syz.0.856: blocks 2-2 from inode overlap system zone
[   63.933181][ T5692] EXT4-fs (loop0): failed to initialize system zone (-117)
[   63.940866][ T5692] EXT4-fs (loop0): mount failed
[   63.950480][ T5699] loop2: detected capacity change from 0 to 764
[   63.969513][ T5699] Symlink component flag not implemented
[   63.981582][ T5699] Symlink component flag not implemented (101)
[   64.021196][ T5704] loop4: detected capacity change from 0 to 764
[   64.059510][ T5704] Symlink component flag not implemented
[   64.070984][ T5704] Symlink component flag not implemented (101)
[   64.097256][ T5713] loop0: detected capacity change from 0 to 512
[   64.104229][ T5713] EXT4-fs: Ignoring removed nobh option
[   64.112818][ T5718] __nla_validate_parse: 4 callbacks suppressed
[   64.112835][ T5718] netlink: 20 bytes leftover after parsing attributes in process `syz.4.865'.
[   64.146596][ T5713] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[   64.155180][ T5713] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #13: comm syz.0.863: casefold flag without casefold feature
[   64.180042][ T5713] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.863: couldn't read orphan inode 13 (err -117)
[   64.198301][ T5718] loop4: detected capacity change from 0 to 2048
[   64.212826][ T5723] siw: device registration error -23
[   64.266135][ T5723] lo speed is unknown, defaulting to 1000
[   64.276941][ T5725] loop0: detected capacity change from 0 to 764
[   64.279071][ T5727] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   64.291458][ T5727] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   64.311116][ T5725] Symlink component flag not implemented
[   64.321319][ T5725] Symlink component flag not implemented (101)
[   64.708142][ T5754] netlink: 20 bytes leftover after parsing attributes in process `syz.1.879'.
[   64.742732][ T5754] loop1: detected capacity change from 0 to 2048
[   64.806816][ T5758] siw: device registration error -23
[   64.843492][ T5760] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   64.851760][ T5760] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   64.857888][ T5758] lo speed is unknown, defaulting to 1000
[   64.895515][ T5767] loop3: detected capacity change from 0 to 1024
[   64.904457][ T5767] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[   64.904457][ T5767] 
[   64.915257][ T5767] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   65.003715][ T5764] loop1: detected capacity change from 0 to 8192
[   65.059111][ T5764]  loop1: p2 p3 p4[EZD]
[   65.066507][ T5764] loop1: p3 start 4294639647 is beyond EOD, truncated
[   65.067429][ T5782] xt_CT: You must specify a L4 protocol and not use inversions on it
[   65.073453][ T5764] loop1: p4 size 65536 extends beyond EOD, truncated
[   65.251311][ T5791] loop4: detected capacity change from 0 to 2048
[   65.262490][ T5794] IPv6: Can't replace route, no match found
[   65.551745][ T5809] syz!: rxe_newlink: already configured on team_slave_0
[   65.770048][ T5812] xt_CT: You must specify a L4 protocol and not use inversions on it
[   65.923571][ T5815] loop2: detected capacity change from 0 to 512
[   66.055895][ T5822] loop1: detected capacity change from 0 to 512
[   66.101684][ T5825] netlink: 16 bytes leftover after parsing attributes in process `syz.4.906'.
[   66.224380][ T5838] loop3: detected capacity change from 0 to 256
[   66.255474][ T5835] loop4: detected capacity change from 0 to 256
[   66.355310][ T5843] xt_CT: You must specify a L4 protocol and not use inversions on it
[   66.381520][ T5840] loop2: detected capacity change from 0 to 8192
[   66.426138][ T5840]  loop2: p2 p3 p4[EZD]
[   66.432136][ T5849] loop3: detected capacity change from 0 to 512
[   66.438643][ T5840] loop2: p3 start 4294639647 is beyond EOD, truncated
[   66.445515][ T5840] loop2: p4 size 65536 extends beyond EOD, truncated
[   66.585777][ T5855] IPv6: Can't replace route, no match found
[   66.665882][ T5863] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   66.674422][ T5863] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   66.781524][ T5868] loop3: detected capacity change from 0 to 2048
[   66.835350][ T5870] loop0: detected capacity change from 0 to 1024
[   66.855712][ T5870] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   66.876640][ T5870] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   66.890713][ T5870] EXT4-fs (loop0): orphan cleanup on readonly fs
[   66.908050][ T5870] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   66.929066][ T5870] EXT4-fs (loop0): Remounting filesystem read-only
[   66.937119][ T5870] EXT4-fs (loop0): 1 orphan inode deleted
[   66.949323][ T5870] SELinux: (dev loop0, type ext4) getxattr errno 5
[   67.105298][ T5882] loop0: detected capacity change from 0 to 8192
[   67.120367][ T5885] loop3: detected capacity change from 0 to 512
[   67.153220][ T5882]  loop0: p2 p3 p4[EZD]
[   67.157953][ T5882] loop0: p3 start 4294639647 is beyond EOD, truncated
[   67.164788][ T5882] loop0: p4 size 65536 extends beyond EOD, truncated
[   67.290356][ T5897] syz!: rxe_newlink: already configured on team_slave_0
[   67.303550][   T29] kauditd_printk_skb: 750 callbacks suppressed
[   67.303566][   T29] audit: type=1326 audit(1739467955.450:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5895 comm="syz.4.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   67.345759][   T29] audit: type=1326 audit(1739467955.479:3366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5895 comm="syz.4.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   67.396164][   T29] audit: type=1326 audit(1739467955.509:3367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.419677][   T29] audit: type=1326 audit(1739467955.509:3368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.443006][   T29] audit: type=1326 audit(1739467955.509:3369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.466389][   T29] audit: type=1326 audit(1739467955.509:3370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.489706][   T29] audit: type=1326 audit(1739467955.509:3371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.513090][   T29] audit: type=1326 audit(1739467955.509:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.536560][   T29] audit: type=1326 audit(1739467955.509:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.559876][   T29] audit: type=1326 audit(1739467955.509:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5899 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ff051cde9 code=0x7ffc0000
[   67.648745][ T5919] loop2: detected capacity change from 0 to 512
[   67.661416][ T5916] loop3: detected capacity change from 0 to 1024
[   67.698645][ T5916] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   67.761363][ T5916] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   67.771506][ T5930] netlink: 20 bytes leftover after parsing attributes in process `syz.2.945'.
[   67.807308][ T5916] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.831981][ T5916] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   67.854032][ T5916] EXT4-fs (loop3): Remounting filesystem read-only
[   67.872019][ T5916] EXT4-fs (loop3): 1 orphan inode deleted
[   67.885702][ T5916] EXT4-fs mount: 56 callbacks suppressed
[   67.885722][ T5916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   67.949250][ T5916] SELinux: (dev loop3, type ext4) getxattr errno 5
[   67.966747][ T5916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.032095][ T5938] IPv6: Can't replace route, no match found
[   68.055972][ T5940] loop3: detected capacity change from 0 to 1024
[   68.076732][ T5940] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   68.091317][ T5940] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   68.117034][ T5940] EXT4-fs (loop3): orphan cleanup on readonly fs
[   68.184629][ T5947] loop1: detected capacity change from 0 to 512
[   68.195405][ T5940] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   68.205600][ T5940] EXT4-fs (loop3): Remounting filesystem read-only
[   68.212409][ T5940] EXT4-fs (loop3): 1 orphan inode deleted
[   68.295048][ T5940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   68.304519][ T5947] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.308376][ T5940] SELinux: (dev loop3, type ext4) getxattr errno 5
[   68.346954][ T5940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.374270][ T5954] bridge: RTM_NEWNEIGH with invalid ether address
[   68.453467][ T3297] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   68.502577][ T5963] tmpfs: Unsupported parameter 'huge'
[   68.558630][ T5972] IPv6: Can't replace route, no match found
[   68.664844][ T5976] loop4: detected capacity change from 0 to 764
[   68.698359][ T5974] xt_CT: You must specify a L4 protocol and not use inversions on it
[   68.730193][ T5976] Symlink component flag not implemented
[   68.736005][ T5976] Symlink component flag not implemented (101)
[   68.796239][ T5986] loop3: detected capacity change from 0 to 8192
[   68.847697][ T5997] tmpfs: Unsupported parameter 'huge'
[   68.860217][ T5986]  loop3: p2 p3 p4[EZD]
[   68.877770][ T5986] loop3: p3 start 4294639647 is beyond EOD, truncated
[   68.884625][ T5986] loop3: p4 size 65536 extends beyond EOD, truncated
[   68.895848][ T5999] IPv6: Can't replace route, no match found
[   68.905762][ T6002] netlink: 20 bytes leftover after parsing attributes in process `syz.4.974'.
[   68.986612][ T6011] loop3: detected capacity change from 0 to 256
[   69.114710][ T6022] tmpfs: Unsupported parameter 'huge'
[   69.162826][ T6031] IPv6: Can't replace route, no match found
[   69.210680][ T6037] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   69.310499][ T6051] loop3: detected capacity change from 0 to 512
[   69.320580][ T6051] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.411085][ T3307] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   69.438879][ T6057] loop1: detected capacity change from 0 to 8192
[   69.448434][ T6060] loop3: detected capacity change from 0 to 256
[   69.458845][ T6061] tmpfs: Unsupported parameter 'huge'
[   69.530333][ T6065] loop1: detected capacity change from 0 to 256
[   69.533789][ T6067] IPv6: Can't replace route, no match found
[   69.581447][ T6069] loop3: detected capacity change from 0 to 2048
[   69.608011][ T6073] loop0: detected capacity change from 0 to 2048
[   69.768606][ T6084] loop1: detected capacity change from 0 to 512
[   69.786822][ T6087] tmpfs: Unsupported parameter 'huge'
[   69.803658][ T6084] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.901791][ T3297] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   69.946224][ T6106] IPv6: Can't replace route, no match found
[   69.954803][ T6105] loop0: detected capacity change from 0 to 512
[   69.983302][ T6101] loop4: detected capacity change from 0 to 8192
[   70.008992][ T6109] xt_CT: You must specify a L4 protocol and not use inversions on it
[   70.020476][ T6101]  loop4: p2 p3 p4[EZD]
[   70.039139][ T6101] loop4: p3 start 4294639647 is beyond EOD, truncated
[   70.046032][ T6101] loop4: p4 size 65536 extends beyond EOD, truncated
[   70.059266][ T6115] tmpfs: Unsupported parameter 'huge'
[   70.231174][ T6127] xt_CT: You must specify a L4 protocol and not use inversions on it
[   70.363499][ T6134] loop2: detected capacity change from 0 to 8192
[   70.445706][ T6134]  loop2: p2 p3 p4[EZD]
[   70.450546][ T6134] loop2: p3 start 4294639647 is beyond EOD, truncated
[   70.457445][ T6134] loop2: p4 size 65536 extends beyond EOD, truncated
[   70.518000][ T6144] loop4: detected capacity change from 0 to 512
[   70.662830][ T6152] loop2: detected capacity change from 0 to 2048
[   70.708062][ T6146] loop0: detected capacity change from 0 to 8192
[   70.723347][ T6152] Alternate GPT is invalid, using primary GPT.
[   70.729739][ T6152]  loop2: p2 p3 p7
[   70.766464][ T6146]  loop0: p2 p3 p4[EZD]
[   70.779815][ T6146] loop0: p3 start 4294639647 is beyond EOD, truncated
[   70.786720][ T6146] loop0: p4 size 65536 extends beyond EOD, truncated
[   70.901602][ T6162] loop2: detected capacity change from 0 to 2048
[   70.929945][ T6166] IPv6: Can't replace route, no match found
[   70.936868][ T6164] loop4: detected capacity change from 0 to 2048
[   71.067008][ T6173] loop4: detected capacity change from 0 to 256
[   71.101432][ T6177] loop0: detected capacity change from 0 to 512
[   71.116633][ T6177] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   71.203698][ T3301] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   71.312304][ T6181] loop4: detected capacity change from 0 to 256
[   71.601631][ T6202] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1056'.
[   71.610735][ T6194] loop2: detected capacity change from 0 to 8192
[   71.663141][ T6194]  loop2: p2 p3 p4[EZD]
[   71.676011][ T6194] loop2: p3 start 4294639647 is beyond EOD, truncated
[   71.683078][ T6194] loop2: p4 size 65536 extends beyond EOD, truncated
[   71.764845][ T6204] loop4: detected capacity change from 0 to 8192
[   71.822337][ T6204]  loop4: p2 p3 p4[EZD]
[   71.840604][ T6204] loop4: p3 start 4294639647 is beyond EOD, truncated
[   71.847537][ T6204] loop4: p4 size 65536 extends beyond EOD, truncated
[   71.870132][ T6206] x_tables: ip_tables: ah match: only valid for protocol 51
[   71.932344][ T6206] loop2: detected capacity change from 0 to 128
[   71.956315][ T6206] EXT4-fs: Ignoring removed nobh option
[   71.963994][ T6209] bridge: RTM_NEWNEIGH with invalid ether address
[   71.990346][ T6206] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   72.009121][ T6215] loop4: detected capacity change from 0 to 256
[   72.066936][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.082645][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 0
[   72.110260][ T6219] loop1: detected capacity change from 0 to 1024
[   72.118278][ T6219] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   72.124101][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 1024
[   72.129149][ T6219] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   72.152079][ T6219] EXT4-fs (loop1): orphan cleanup on readonly fs
[   72.159242][ T6219] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   72.168979][ T6219] EXT4-fs (loop1): Remounting filesystem read-only
[   72.183908][ T6219] EXT4-fs (loop1): 1 orphan inode deleted
[   72.190395][ T6219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   72.201746][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.202754][ T6219] SELinux: (dev loop1, type ext4) getxattr errno 5
[   72.217899][ T3298] EXT4-fs error (device loop2): ext4_empty_dir:3097: inode #11: comm syz-executor: Directory block failed checksum
[   72.225319][ T6219] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.247574][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.263257][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 0
[   72.278726][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 1024
[   72.295031][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.310735][ T3298] EXT4-fs error (device loop2): ext4_empty_dir:3097: inode #11: comm syz-executor: Directory block failed checksum
[   72.323413][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.339142][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 0
[   72.371308][   T29] kauditd_printk_skb: 365 callbacks suppressed
[   72.371325][   T29] audit: type=1326 audit(15378551.466:3728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.400914][   T29] audit: type=1326 audit(15378551.466:3729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.437148][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 1024
[   72.452522][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.468166][ T3298] EXT4-fs error (device loop2): ext4_empty_dir:3097: inode #11: comm syz-executor: Directory block failed checksum
[   72.480378][   T29] audit: type=1326 audit(15378551.466:3730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.485479][ T6232] IPv6: Can't replace route, no match found
[   72.503750][   T29] audit: type=1326 audit(15378551.476:3731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.532998][   T29] audit: type=1326 audit(15378551.476:3732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.556270][   T29] audit: type=1326 audit(15378551.476:3733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.558389][ T6230] loop0: detected capacity change from 0 to 764
[   72.579587][   T29] audit: type=1326 audit(15378551.536:3734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.609271][   T29] audit: type=1326 audit(15378551.536:3735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.624533][ T6234] loop3: detected capacity change from 0 to 256
[   72.633031][   T29] audit: type=1326 audit(15378551.536:3736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.662458][   T29] audit: type=1326 audit(15378551.536:3737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6226 comm="syz.4.1065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aa2c8cde9 code=0x7ffc0000
[   72.687188][ T6227] syz!: rxe_newlink: already configured on team_slave_0
[   72.697890][ T6230] Symlink component flag not implemented
[   72.700066][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.719202][ T3298] EXT4-fs error (device loop2): ext4_readdir:221: inode #11: comm syz-executor: path /222/mnt/lost+found: directory fails checksum at offset 0
[   72.733978][ T6230] Symlink component flag not implemented (101)
[   72.741384][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.773702][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.800154][ T6241] bridge: RTM_NEWNEIGH with invalid ether address
[   72.803784][ T3298] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[   72.929661][ T6257] loop3: detected capacity change from 0 to 1024
[   72.944828][ T6257] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   72.971530][ T6257] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   72.983667][ T6257] EXT4-fs (loop3): orphan cleanup on readonly fs
[   73.033838][ T6257] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   73.043872][ T6257] EXT4-fs (loop3): Remounting filesystem read-only
[   73.050589][ T6257] EXT4-fs (loop3): 1 orphan inode deleted
[   73.226015][ T6257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   73.240051][ T5637] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   73.250408][ T6257] SELinux: (dev loop3, type ext4) getxattr errno 5
[   73.287532][ T6257] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.351646][ T6273] xt_CT: You must specify a L4 protocol and not use inversions on it
[   73.419591][ T6280] bridge: RTM_NEWNEIGH with invalid ether address
[   73.523073][   T37] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.585137][   T37] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.634318][   T37] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.695916][   T37] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.716015][ T6305] loop3: detected capacity change from 0 to 8192
[   73.743052][ T6291] lo speed is unknown, defaulting to 1000
[   73.764303][ T6311] loop4: detected capacity change from 0 to 512
[   73.792501][ T6305]  loop3: p2 p3 p4[EZD]
[   73.803009][ T6305] loop3: p3 start 4294639647 is beyond EOD, truncated
[   73.809892][ T6305] loop3: p4 size 65536 extends beyond EOD, truncated
[   73.828326][   T37] bridge_slave_1: left allmulticast mode
[   73.834063][   T37] bridge_slave_1: left promiscuous mode
[   73.839801][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.864677][   T37] bridge_slave_0: left allmulticast mode
[   73.870508][   T37] bridge_slave_0: left promiscuous mode
[   73.876275][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.889276][ T6309] loop1: detected capacity change from 0 to 8192
[   73.969067][   T37] ip6gretap0 (unregistering): left promiscuous mode
[   73.977220][ T6309]  loop1: p2 p3 p4[EZD]
[   73.996764][ T6309] loop1: p3 start 4294639647 is beyond EOD, truncated
[   74.003624][ T6309] loop1: p4 size 65536 extends beyond EOD, truncated
[   74.055805][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   74.087841][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   74.104858][   T37] bond0 (unregistering): Released all slaves
[   74.112873][ T6337] loop4: detected capacity change from 0 to 1024
[   74.119705][ T6337] EXT4-fs (loop4): Can't support bigalloc feature without extents feature
[   74.119705][ T6337] 
[   74.130515][ T6337] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[   74.219787][ T6337] loop4: detected capacity change from 0 to 764
[   74.245443][   T37] batadv_slave_1: left promiscuous mode
[   74.260105][   T37] hsr_slave_0: left promiscuous mode
[   74.260254][ T6337] iso9660: Unknown parameter 'üÿÿÿd_switch'
[   74.271528][   T37] hsr_slave_1: left promiscuous mode
[   74.277448][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   74.284952][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[   74.302520][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   74.309953][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[   74.331979][   T37] veth1_macvtap: left promiscuous mode
[   74.356896][ T6349] netlink: 'syz.1.1110': attribute type 4 has an invalid length.
[   74.360813][   T37] veth0_macvtap: left promiscuous mode
[   74.364795][ T6349] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1110'.
[   74.383174][   T37] veth1_vlan: left promiscuous mode
[   74.388483][   T37] veth0_vlan: left promiscuous mode
[   74.404690][ T6346] loop0: detected capacity change from 0 to 8192
[   74.452297][ T6346]  loop0: p2 p3 p4[EZD]
[   74.457328][ T6346] loop0: p3 start 4294639647 is beyond EOD, truncated
[   74.464295][ T6346] loop0: p4 size 65536 extends beyond EOD, truncated
[   74.477847][ T6356] loop3: detected capacity change from 0 to 2048
[   74.561651][   T37] team0 (unregistering): Port device team_slave_1 removed
[   74.571031][ T6371] FAULT_INJECTION: forcing a failure.
[   74.571031][ T6371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.584230][ T6371] CPU: 1 UID: 0 PID: 6371 Comm: syz.3.1118 Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   74.584255][ T6371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   74.584267][ T6371] Call Trace:
[   74.584273][ T6371]  <TASK>
[   74.584293][ T6371]  dump_stack_lvl+0xf2/0x150
[   74.584325][ T6371]  dump_stack+0x15/0x1a
[   74.584345][ T6371]  should_fail_ex+0x24a/0x260
[   74.584418][ T6371]  should_fail+0xb/0x10
[   74.584449][ T6371]  should_fail_usercopy+0x1a/0x20
[   74.584469][ T6371]  _copy_from_user+0x1c/0xa0
[   74.584493][ T6371]  copy_msghdr_from_user+0x54/0x2a0
[   74.584518][ T6371]  ? __fget_files+0x17c/0x1c0
[   74.584581][ T6371]  __sys_sendmsg+0x13e/0x230
[   74.584622][ T6371]  __x64_sys_sendmsg+0x46/0x50
[   74.584650][ T6371]  x64_sys_call+0x2734/0x2dc0
[   74.584697][ T6371]  do_syscall_64+0xc9/0x1c0
[   74.584720][ T6371]  ? clear_bhb_loop+0x55/0xb0
[   74.584746][ T6371]  ? clear_bhb_loop+0x55/0xb0
[   74.584771][ T6371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.584850][ T6371] RIP: 0033:0x7f5fdac2cde9
[   74.584863][ T6371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.584880][ T6371] RSP: 002b:00007f5fd9291038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.584898][ T6371] RAX: ffffffffffffffda RBX: 00007f5fdae45fa0 RCX: 00007f5fdac2cde9
[   74.584909][ T6371] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000004
[   74.584920][ T6371] RBP: 00007f5fd9291090 R08: 0000000000000000 R09: 0000000000000000
[   74.584931][ T6371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.584942][ T6371] R13: 0000000000000000 R14: 00007f5fdae45fa0 R15: 00007ffe5387e908
[   74.584962][ T6371]  </TASK>
[   74.589074][   T37] team0 (unregistering): Port device team_slave_0 removed
[   74.668372][ T3374] IPVS: starting estimator thread 0...
[   74.778780][ T6378] netlink: 'syz.3.1121': attribute type 4 has an invalid length.
[   74.786613][ T6378] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1121'.
[   74.795853][ T6291] chnl_net:caif_netlink_parms(): no params data found
[   74.847209][ T6380] loop4: detected capacity change from 0 to 4096
[   74.862329][ T6376] IPVS: using max 2400 ests per chain, 120000 per kthread
[   74.871590][ T6380] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.885285][ T6384] loop0: detected capacity change from 0 to 4096
[   74.901717][ T6291] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.909007][ T6291] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.916382][ T6291] bridge_slave_0: entered allmulticast mode
[   74.922982][ T6291] bridge_slave_0: entered promiscuous mode
[   74.930184][ T6291] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.937355][ T6291] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.945121][ T6384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.963521][ T6389] loop3: detected capacity change from 0 to 8192
[   74.976951][ T6291] bridge_slave_1: entered allmulticast mode
[   74.983660][ T6291] bridge_slave_1: entered promiscuous mode
[   75.027261][ T6291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.046923][ T6389]  loop3: p2 p3 p4[EZD]
[   75.052171][ T6291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.063152][ T6389] loop3: p3 start 4294639647 is beyond EOD, truncated
[   75.070040][ T6389] loop3: p4 size 65536 extends beyond EOD, truncated
[   75.096443][ T6291] team0: Port device team_slave_0 added
[   75.114289][ T6291] team0: Port device team_slave_1 added
[   75.370015][ T6291] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.377047][ T6291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.403150][ T6291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.424140][ T6291] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.431148][ T6291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.457249][ T6291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.522458][ T6291] hsr_slave_0: entered promiscuous mode
[   75.529265][ T6291] hsr_slave_1: entered promiscuous mode
[   75.535281][ T6417] netlink: 'syz.1.1134': attribute type 4 has an invalid length.
[   75.538370][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.543084][ T6417] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1134'.
[   75.545310][ T6291] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.568729][ T6291] Cannot create hsr debugfs directory
[   75.692297][ T6431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.702888][ T6431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.712814][ T6431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.723297][ T6431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.733158][ T6431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.743654][ T6431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.766390][ T6291] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   75.779321][ T6291] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   75.788693][ T6291] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   75.798021][ T6291] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   75.819452][ T6291] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.826553][ T6291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   75.833906][ T6291] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.841056][ T6291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   75.880044][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.889433][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.931568][ T6291] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.951436][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.953790][ T6291] 8021q: adding VLAN 0 to HW filter on device team0
[   75.997116][ T6444] netlink: 'syz.3.1146': attribute type 4 has an invalid length.
[   76.004965][ T6444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1146'.
[   76.009671][ T6440] loop4: detected capacity change from 0 to 4096
[   76.047063][  T168] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.054178][  T168] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.055303][ T6448] netlink: 'syz.0.1147': attribute type 4 has an invalid length.
[   76.069161][ T6448] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1147'.
[   76.073189][  T168] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.085190][  T168] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.095072][ T6440] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.121837][ T6291] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   76.132243][ T6291] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   76.225285][ T6291] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.267606][ T6461] loop0: detected capacity change from 0 to 512
[   76.290818][ T6461] EXT4-fs: inline encryption not supported
[   76.300963][ T6461] EXT4-fs (loop0): blocks per group (95) and clusters per group (32768) inconsistent
[   76.356933][ T6464] loop1: detected capacity change from 0 to 8192
[   76.377943][ T6461] lo speed is unknown, defaulting to 1000
[   76.402212][ T6464]  loop1: p2 p3 p4[EZD]
[   76.405999][ T6291] veth0_vlan: entered promiscuous mode
[   76.407020][ T6464] loop1: p3 start 4294639647 is beyond EOD, truncated
[   76.418743][ T6464] loop1: p4 size 65536 extends beyond EOD, truncated
[   76.504299][ T6291] veth1_vlan: entered promiscuous mode
[   76.549378][ T6291] veth0_macvtap: entered promiscuous mode
[   76.570172][ T6482] loop1: detected capacity change from 0 to 1024
[   76.579186][ T6291] veth1_macvtap: entered promiscuous mode
[   76.594520][ T6482] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   76.595144][ T6480] loop0: detected capacity change from 0 to 8192
[   76.613475][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.623981][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.633872][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.643418][ T6482] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   76.644320][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.652448][ T6482] EXT4-fs (loop1): orphan cleanup on readonly fs
[   76.662040][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.678943][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.688843][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.689422][ T6482] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5838: Corrupt filesystem
[   76.699281][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.719765][ T6291] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.732678][ T6482] EXT4-fs (loop1): Remounting filesystem read-only
[   76.740573][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.741929][ T6482] EXT4-fs (loop1): 1 orphan inode deleted
[   76.751052][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.766757][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.777223][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.777257][ T6480]  loop0: p2 p3 p4[EZD]
[   76.777872][ T6480] loop0: p3 start 4294639647 is beyond EOD, 
[   76.787116][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.791280][ T6480] truncated
[   76.797445][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.807731][ T6480] loop0: p4 size 65536 extends beyond EOD, truncated
[   76.810872][ T6291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.838080][ T6291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.849008][ T6482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   76.877909][ T6482] SELinux: (dev loop1, type ext4) getxattr errno 5
[   76.882519][ T6291] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.893025][    T9] kernel write not supported for file /475/attr/exec (pid: 9 comm: kworker/0:1)
[   76.893472][ T6482] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.928813][ T6291] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.937656][ T6291] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.946455][ T6291] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.955374][ T6291] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.012405][ T6494] netlink: 'syz.3.1160': attribute type 4 has an invalid length.
[   77.020246][ T6494] netlink: 'syz.3.1160': attribute type 2 has an invalid length.
[   77.063943][ T6498] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   77.072401][ T6498] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   77.173413][ T6510] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1167'.
[   77.210808][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.277501][ T6520] loop5: detected capacity change from 0 to 512
[   77.286400][ T6518] loop4: detected capacity change from 0 to 1764
[   77.300376][ T6518] netlink: 'syz.4.1169': attribute type 1 has an invalid length.
[   77.308237][ T6518] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1169'.
[   78.276364][ T6506] loop1: detected capacity change from 0 to 512
[   78.294940][ T6520] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.317803][ T6506] EXT4-fs (loop1): orphan cleanup on readonly fs
[   78.324790][ T6506] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   78.340409][ T6506] EXT4-fs (loop1): Cannot turn on quotas: error -22
[   78.347432][ T6506] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.1164: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   78.368326][ T6506] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.1164: couldn't read orphan inode 13 (err -117)
[   78.380930][ T6506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   78.442054][ T6520] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1170: bg 0: block 280: padding at end of block bitmap is not set
[   78.457775][ T6520] EXT4-fs (loop5): Remounting filesystem read-only
[   78.486073][ T6528] loop4: detected capacity change from 0 to 512
[   78.494690][ T6520] __quota_error: 206 callbacks suppressed
[   78.494707][ T6520] Quota error (device loop5): write_blk: dquota write failed
[   78.507917][ T6520] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[   78.516986][ T6520] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   78.598439][ T6535] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   78.606696][ T6535] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   78.658590][ T6537] loop4: detected capacity change from 0 to 4096
[   78.668715][ T6520] syz.5.1170 (6520) used greatest stack depth: 9056 bytes left
[   78.699135][ T6537] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.714343][ T6291] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.742276][ T6543] tmpfs: Unknown parameter 'grpquota_block_hardlimit'
[   78.854159][ T6548] loop0: detected capacity change from 0 to 2048
[   78.969394][ T6552] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1183'.
[   79.238621][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.251194][ T6291] ==================================================================
[   79.259320][ T6291] BUG: KCSAN: data-race in folios_put_refs / need_mlock_drain
[   79.266815][ T6291] 
[   79.269145][ T6291] write to 0xffff888237c2b4a8 of 1 bytes by task 6537 on cpu 0:
[   79.276789][ T6291]  folios_put_refs+0x26d/0x2b0
[   79.281590][ T6291]  mlock_folio_batch+0x3292/0x32c0
[   79.286722][ T6291]  mlock_folio+0x1b7/0x210
[   79.291151][ T6291]  folio_add_file_rmap_ptes+0x1a0/0x1b0
[   79.296721][ T6291]  set_pte_range+0x206/0x430
[   79.301344][ T6291]  filemap_map_pages+0x681/0xb30
[   79.306331][ T6291]  handle_mm_fault+0x113d/0x2ac0
[   79.311301][ T6291]  __get_user_pages+0xf6a/0x2350
[   79.316263][ T6291]  __mm_populate+0x25b/0x3b0
[   79.320868][ T6291]  __se_sys_mlockall+0x36d/0x3d0
[   79.325808][ T6291]  __x64_sys_mlockall+0x1f/0x30
[   79.330662][ T6291]  x64_sys_call+0x2bf8/0x2dc0
[   79.335352][ T6291]  do_syscall_64+0xc9/0x1c0
[   79.339872][ T6291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.346212][ T6291] 
[   79.348534][ T6291] read to 0xffff888237c2b4a8 of 1 bytes by task 6291 on cpu 1:
[   79.356162][ T6291]  need_mlock_drain+0x30/0x50
[   79.360855][ T6291]  __lru_add_drain_all+0x22a/0x3f0
[   79.365982][ T6291]  lru_add_drain_all+0x10/0x20
[   79.370763][ T6291]  invalidate_bdev+0x47/0x70
[   79.375368][ T6291]  ext4_put_super+0x571/0x810
[   79.380056][ T6291]  generic_shutdown_super+0xe5/0x220
[   79.385383][ T6291]  kill_block_super+0x2a/0x70
[   79.390073][ T6291]  ext4_kill_sb+0x44/0x80
[   79.394419][ T6291]  deactivate_locked_super+0x7d/0x1c0
[   79.399816][ T6291]  deactivate_super+0x9f/0xb0
[   79.404514][ T6291]  cleanup_mnt+0x268/0x2e0
[   79.408965][ T6291]  __cleanup_mnt+0x19/0x20
[   79.413408][ T6291]  task_work_run+0x13a/0x1a0
[   79.418034][ T6291]  syscall_exit_to_user_mode+0xa8/0x120
[   79.423595][ T6291]  do_syscall_64+0xd6/0x1c0
[   79.428109][ T6291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.434013][ T6291] 
[   79.436337][ T6291] value changed: 0x1f -> 0x0a
[   79.441011][ T6291] 
[   79.443331][ T6291] Reported by Kernel Concurrency Sanitizer on:
[   79.449479][ T6291] CPU: 1 UID: 0 PID: 6291 Comm: syz-executor Not tainted 6.14.0-rc2-syzkaller-00041-g4dc1d1bec898 #0
[   79.460351][ T6291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   79.470439][ T6291] ==================================================================
[   79.627567][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.