last executing test programs:

5.078008927s ago: executing program 3 (id=3033):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x8d, 0x40)
ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f00000003c0)=0xf4)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)
inotify_init()
msgrcv(0x0, &(0x7f0000000200)={0x0, ""/1}, 0x9, 0x1, 0x3000)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0xb, 0x6f76, 0x7, 0xb1, 0x1, 0x8, 0x7f, 0x3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x800005, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ptrace$ARCH_SET_CPUID(0x1e, 0xffffffffffffffff, 0x1, 0x1012)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@usrjquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4d9, &(0x7f0000000900)="$eJzs3M1vFOUfAPDvTOkLry38yO/340WporERbWlB5eBBjSZcNCZ6wGMtlSALGFoTIUSKMXg0/gXq0cTEkxdPmhijXtR41bsxIYYL6MGsmd2Zdpd96W4LrbCfTzK7zzPzzMv3mXlmn9nZnQB61mj2kkRsiYhfImK4mq0vMFp9u3Ht4syf1y7OJFEuv/RHUil3/drFmaJoMd/mPDOWRqTvJrGnyXrnzl84NV0qzZ7L8xPzp9+YmDt/4dGTp6dPzJ6YPTN15MjhQ5NPPD71WEdxXFpmehbX9d1vn9276+grHzw/U45Xv/s0294t+fTaOKpGOlpvO6MxGuXc0tiByuuDq176v8vWiBjM08mGdd4YOtYXEdnu6q+0/+Hoi6WdNxzPvbOY+XqdNhC4bbLPpu0NY/vy93Tx8wu4GyXaOPSo4hM/u/4thrXsf6y3q09nr7OV+G/kww8vVOsmza5lR6pX7H0t5v9vk3E1l7/l4WXWvyUiji389WE2RNPvIdpIOi4JALDoy6z/80iz/l9a17fZlt9DGYmIAxGxIyL+ExE7I10s87+I+H+X6x+9Kd/Y//lpY5eL7ErW/3syv7dVDNUpRVzJYm5rJf7+5LWTpdmDeZ2MRf9glp9ss46vnv35/VbTRmv6f9mQrb/oC+bb8fuGwfp5jk/PT68i5DpXL0eSdVgb408W+7FZDeyKiN0rWH5WZycf/mRvlt62uXH68vG3cQvuM5U/jniouv8X4qb4C0l1Ta3uT04MRWn24ERxVDT6/scrL9bm+2vSdfEPdRbT0EqDbeLq5YhNTY//PP6iGRT3a+e6X8eVX99reU3TuP+TOLZQWyI//jcuVVt2/A8kL1fSA/m4t6bn589NRgzkI+rGTy0trcgX5bP4x/bXx1+9Lk6zc9zfH+Xz7YmI7CC+JyLujYh9+bbfFxH3R8T+NvF/+8wDr7evoRUe/7dAFv/xdvs/YiSpvV+/gkTfqW++aLX+zs5/hyupsXxM7flvoMVyO93A1dYfAAAA3AnSyj3oJB2v+f12YWdsSktn5+YPjMabZ45X71WPRH9afNM1XPN96GT+3XCRn7opfygitld+abSxkh+fOVvauk4xA1Wba9p/9VyQpuPj1Wm/tfrRC3D36Oo+Wu2Pzj77/NZvDLCm/F8Tepf2D71L+4fepf1D72rW/i9F3FiHTQHWmM9/6F3aP/Qu7R96l/YPPanxL/H541ayc8LK//Jf2nF0NU8MuP2J8vDKZ4/Wkxa6X2BfZ4WLp190vOTOCicRbcJpl4i0fZmBzjd17RPpsmWeWq5a+rt6JsZQk9rYlycGI6LT5Vxas1otzhCJp0wCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3tH8CAAD//9DQ4lI=")
syz_pidfd_open(0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x1f, 0x0, @thr={&(0x7f0000000140)="437299b884ea2636436bb6317ead8f56d31854836505b952e3908af309ca1c0014c187414cdcbcb1bee876daed9f9e19a2d7f10c", &(0x7f0000000640)="5b1ed6aaa8a53053059fbea55bc958dd0a0abb2f804962e5ee025fe6be3e4439a2147bf97f51ba48c40cd8c65c4acd201e74584ebacf25146e0a85e17890a63730edc838f8960703a519127e8d9ca5b062cd4a074ec534b23a0732141c303d4b3aa202a6b71a7133b7222cc16857114b7e7c6096366875a8ab79e72319eb0af5872b1cf1e4a2972624b2bb293ad24a8b8067d0d0645200a38e3a69808ef6ae2a32a54c19bff6e0fe52fc0e541190ec865f0dece5aa75acd85688085d69f39f49addbec1caddb30ae83621b9e0e571f5714fdd07f254a0000"}}, &(0x7f0000000180)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x20)
fadvise64(r4, 0xfcff, 0x20000, 0x3)

4.131164574s ago: executing program 3 (id=3053):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r3, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r2, 0xffffffffffffffff, 0x0)

3.823207165s ago: executing program 3 (id=3058):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000004c0), 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
perf_event_open(&(0x7f0000000140)={0x7, 0x80, 0x29, 0x7e, 0x0, 0x0, 0x0, 0x92, 0x42719, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbffffffe, 0x1, @perf_config_ext={0xd07, 0x42}, 0x100a28, 0x9, 0x10001, 0x1, 0x8, 0x20005, 0x77bc, 0x0, 0x3, 0x0, 0x2000000a}, 0x0, 0x4, 0xffffffffffffffff, 0x2)
getpid()
r0 = gettid()
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r1, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r2, 0x1000}], 0x1, 0x0, 0x0, 0x0)
r3 = dup2(r1, r2)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0xf, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0xfffffdcc}, 0x1, 0x0, 0x0, 0x804}, 0x44800)
fcntl$setown(r2, 0x8, r0)
tkill(r0, 0x13)
stat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780))
mknod$loop(&(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, 0x0)
openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='mm_collapse_huge_page\x00', r5, 0x0, 0x101}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b040000030000000000020000003800048034000180090001fb6861736800000000240002800800074000000001080004"], 0x8c}}, 0x0)
socket(0x14, 0x800, 0x9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)=@newqdisc={0xf4, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0x2}, {0x5}}, [@TCA_STAB={0xd0, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xc, 0x3, 0x1ff, 0x1000, 0x1, 0x0, 0xfff, 0x1}}, {0x6, 0x2, [0xaec6]}}, {{0x1c, 0x1, {0x8, 0x1, 0x3ff, 0x80000000, 0x2, 0xe27f, 0x5, 0x3}}, {0xa, 0x2, [0x3, 0x0, 0x7]}}, {{0x1c, 0x1, {0x80, 0xa0, 0x3, 0x8000, 0x2, 0xe, 0x3, 0x4}}, {0xc, 0x2, [0x4, 0x200, 0x4904, 0xb80]}}, {{0x1c, 0x1, {0x10, 0x81, 0xfb, 0x8001, 0x1, 0x5, 0x2, 0x9}}, {0x16, 0x2, [0x0, 0x3, 0x4419, 0x1, 0xd, 0x103, 0x8001, 0x3, 0x34f]}}, {{0x1c, 0x1, {0x4e, 0xfd, 0x2, 0x0, 0x1, 0x5d29565c, 0x4, 0x1}}, {0x6, 0x2, [0x6]}}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.171265839s ago: executing program 2 (id=3062):
r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', 0xffffffffffffffff, 0x0, 0x401}, 0x11)
close(r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000580))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
io_uring_register$IORING_REGISTER_RING_FDS(0xffffffffffffffff, 0x14, &(0x7f0000001cc0)=[{0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0}, {0x2, 0x0, 0x0, &(0x7f0000001900)=[{0x0}, {0x0}], 0x0}, {0x3, 0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000001980)=""/135, 0x87}, {&(0x7f0000001a40)=""/248, 0xf8}, {&(0x7f0000001b40)=""/215, 0xd7}], &(0x7f0000001c80)=[0xc8bc, 0x7, 0xf, 0xffffffffffffff1b, 0x7fffffff, 0x3, 0x8]}], 0x3)
io_uring_enter(r3, 0x6e2, 0x3900, 0x3, 0x0, 0x0)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}]}]}], {0x14}}, 0x68}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={0x1}, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb01001800000000000000d0000000d0000000050000000d000000070000847f000000090000000400000006000000000000000400000032c700000900000001000000080000004a00000004000000020000000500000003000000010000800c000000050000000a0000000800000081ffffff000000000a00000000000001000000004d0006030c0000000000000a040000000e0000000300000604000000090000000400000000000000080000000d000000090000000d0000000000000a050000000300000001000004100f00000900000000000000000000000f000000000000100c0000000061610000"], &(0x7f0000000500)=""/30, 0xed, 0x1e, 0x0, 0x3, 0x10000}, 0x28)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r7 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
dup(r7)

3.027136731s ago: executing program 4 (id=3063):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x8d, 0x40)
ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f00000003c0)=0xf4)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)
inotify_init()
msgrcv(0x0, &(0x7f0000000200)={0x0, ""/1}, 0x9, 0x1, 0x3000)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0xb, 0x6f76, 0x7, 0xb1, 0x1, 0x8, 0x7f, 0x3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x800005, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ptrace$ARCH_SET_CPUID(0x1e, 0xffffffffffffffff, 0x1, 0x1012)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@usrjquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4d9, &(0x7f0000000900)="$eJzs3M1vFOUfAPDvTOkLry38yO/340WporERbWlB5eBBjSZcNCZ6wGMtlSALGFoTIUSKMXg0/gXq0cTEkxdPmhijXtR41bsxIYYL6MGsmd2Zdpd96W4LrbCfTzK7zzPzzMv3mXlmn9nZnQB61mj2kkRsiYhfImK4mq0vMFp9u3Ht4syf1y7OJFEuv/RHUil3/drFmaJoMd/mPDOWRqTvJrGnyXrnzl84NV0qzZ7L8xPzp9+YmDt/4dGTp6dPzJ6YPTN15MjhQ5NPPD71WEdxXFpmehbX9d1vn9276+grHzw/U45Xv/s0294t+fTaOKpGOlpvO6MxGuXc0tiByuuDq176v8vWiBjM08mGdd4YOtYXEdnu6q+0/+Hoi6WdNxzPvbOY+XqdNhC4bbLPpu0NY/vy93Tx8wu4GyXaOPSo4hM/u/4thrXsf6y3q09nr7OV+G/kww8vVOsmza5lR6pX7H0t5v9vk3E1l7/l4WXWvyUiji389WE2RNPvIdpIOi4JALDoy6z/80iz/l9a17fZlt9DGYmIAxGxIyL+ExE7I10s87+I+H+X6x+9Kd/Y//lpY5eL7ErW/3syv7dVDNUpRVzJYm5rJf7+5LWTpdmDeZ2MRf9glp9ss46vnv35/VbTRmv6f9mQrb/oC+bb8fuGwfp5jk/PT68i5DpXL0eSdVgb408W+7FZDeyKiN0rWH5WZycf/mRvlt62uXH68vG3cQvuM5U/jniouv8X4qb4C0l1Ta3uT04MRWn24ERxVDT6/scrL9bm+2vSdfEPdRbT0EqDbeLq5YhNTY//PP6iGRT3a+e6X8eVX99reU3TuP+TOLZQWyI//jcuVVt2/A8kL1fSA/m4t6bn589NRgzkI+rGTy0trcgX5bP4x/bXx1+9Lk6zc9zfH+Xz7YmI7CC+JyLujYh9+bbfFxH3R8T+NvF/+8wDr7evoRUe/7dAFv/xdvs/YiSpvV+/gkTfqW++aLX+zs5/hyupsXxM7flvoMVyO93A1dYfAAAA3AnSyj3oJB2v+f12YWdsSktn5+YPjMabZ45X71WPRH9afNM1XPN96GT+3XCRn7opfygitld+abSxkh+fOVvauk4xA1Wba9p/9VyQpuPj1Wm/tfrRC3D36Oo+Wu2Pzj77/NZvDLCm/F8Tepf2D71L+4fepf1D72rW/i9F3FiHTQHWmM9/6F3aP/Qu7R96l/YPPanxL/H541ayc8LK//Jf2nF0NU8MuP2J8vDKZ4/Wkxa6X2BfZ4WLp190vOTOCicRbcJpl4i0fZmBzjd17RPpsmWeWq5a+rt6JsZQk9rYlycGI6LT5Vxas1otzhCJp0wCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3tH8CAAD//9DQ4lI=")
syz_pidfd_open(0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x1f, 0x0, @thr={&(0x7f0000000140)="437299b884ea2636436bb6317ead8f56d31854836505b952e3908af309ca1c0014c187414cdcbcb1bee876daed9f9e19a2d7f10c", &(0x7f0000000640)="5b1ed6aaa8a53053059fbea55bc958dd0a0abb2f804962e5ee025fe6be3e4439a2147bf97f51ba48c40cd8c65c4acd201e74584ebacf25146e0a85e17890a63730edc838f8960703a519127e8d9ca5b062cd4a074ec534b23a0732141c303d4b3aa202a6b71a7133b7222cc16857114b7e7c6096366875a8ab79e72319eb0af5872b1cf1e4a2972624b2bb293ad24a8b8067d0d0645200a38e3a69808ef6ae2a32a54c19bff6e0fe52fc0e541190ec865f0dece5aa75acd85688085d69f39f49addbec1caddb30ae83621b9e0e571f5714fdd07f254a0000"}}, &(0x7f0000000180)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x20)
fadvise64(r4, 0xfcff, 0x20000, 0x3)

2.627906133s ago: executing program 0 (id=3068):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r3, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r2, 0xffffffffffffffff, 0x0)

2.468998954s ago: executing program 0 (id=3070):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYRES8, @ANYRESDEC, @ANYBLOB="8f0eede5e966f777ca359b3a25bdc7f644ae2d46cd63e0faf0080310fdbbd79501b03721821959148262e26b7c7fadc4dd1af03b238e8d69660875c4cd7a36cf147cfc1d4616f56b2936d7380177e804ffb7404d323ec7d80a6a28a23eb4136c98857fa65cf29f5aa4617225a725d706f27d29e57cbbe30f4e809866f4b60289b644fab7dc8e557ffd41581d362b58ec2f99c714f298361499a93380d344551e1706eec22da629ffd712218c7e4ea6a1133abc55772f9d9fe1eee1cabb387228cce3ca5473d3e2f0836bb820720c83a7ae875e95c6e156e5930837509308522c422b3c74c12d"], 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000900)=ANY=[@ANYBLOB="9feb0100180000000000000028010000280100000a000000000000000600000d000000000a000000000000000e000000030000000100000003000000050000000200000010000000050000000800000003000000000000000500008410000000090000000200000072e522690d00000003000000050000000b00000008000000020000000200000003000000030000000a00000002000000050000000b0000000000000e03000000020000000000000000000003000000000500000005000000000f00000000000000000001000000002b007707070000000900000604000000010000006b5f000009000000090000000d00000096e00000010000000400000007000000020000000f000000010000000a0000000400000006000000f0ffffff0c00000004000000000000000000000300000000020000000300000000000000005f615f612e305f"], &(0x7f0000000100)=""/234, 0x14a, 0xea, 0x0, 0x4, 0x10000}, 0x28)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0xffffffffffffff84, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r3}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x3, 0x0, 0x0, r5})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000e80)=ANY=[@ANYRES8=r4, @ANYRES32=r7, @ANYBLOB="c000aa000a00029d4984ca96d52dad6f6965de543ef34aa8103970e302b6982061f0ecba2b5442a2247c095bc11d42d493c5304a81fc8cd70734b32abe85e7990d4cda34f6e680cfba9dfeb016ed5d7bdaa8c831b3e04034405118688b15b84e803ce14bf06a874abcc8866554143c393416ae4c32c071c1052d1139db97c8fd867645fe25b450b07d9118f214baae15fbac0ddb528773aabb8678a8d88e78d66ae289600f522f7e599e553afe6a88a21d08c04b81d883a1ec5350c788afe0e6b3c57dc14a051852732cecc8844ddd4ffb955c49d540147070685c8db727b06fec"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r10, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000828bd7000fedbdf25080000001400018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r10, @ANYBLOB="2800018008000300010000000800030003000000140002007866726d300000000000000008000000d8c4618d0b97e7510da2bd6d4c5b1a915d6b11bba464e0b6fa3f27d20df03b8434eceb42b9d090fa3b466db523941c12238659f4177c7a1bd013788ea1151792a0816dd32772d4d438228294fb1c"], 0x50}, 0x1, 0x0, 0x0, 0x8044}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
acct(&(0x7f0000000040)='./file0\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000fc0)={@fallback, 0x1, 0x1, 0x6, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000600)=[0x0, 0x0], &(0x7f0000000c00)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000f80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)

2.276326166s ago: executing program 0 (id=3073):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0x81}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
io_setup(0x8, &(0x7f0000002740)=<r2=>0x0)
io_destroy(r2)

2.276005826s ago: executing program 2 (id=3074):
r0 = socket$inet6(0xa, 0x802, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af00000000", 0x17)

2.177714056s ago: executing program 2 (id=3075):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000001, 0x6031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000001240), 0x0, 0x0)
mmap$usbfs(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x12, r2, 0x0)

2.158983246s ago: executing program 0 (id=3076):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x0, 0x80, 0x2}}, 0x1c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r1, 0x58, &(0x7f0000000340)}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x100, 0x14, 0x193}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000180)=<r5=>0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
write$sndseq(r7, &(0x7f0000000180)=[{0xff, 0x0, 0x0, 0x0, @tick=0x4, {}, {}, @result={0x1, 0x2}}, {0x0, 0x0, 0xff, 0x3, @tick=0xf27, {0x1, 0x31}, {}, @addr={0x2a, 0x5}}], 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r8}, 0x10)
readv(r7, &(0x7f0000000540)=[{&(0x7f0000000880)=""/147, 0x93}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410884, &(0x7f00000001c0)={[{@nouid32}, {@acl}]}, 0x1, 0x77c, &(0x7f0000001900)="$eJzs3ctrXFUYAPDvTpKmTWsTQdC6CggaKJ2YGlsFFxUXIlgo6Np2mExDzSRTMpPShIAWEVwoqLgQdNO1j7pz62Or/4ULsVRNixVBidzJ3HbaTNIknWSi8/vBTc65jznnm/s4Z+Ye7gTQtYbTP7mIQxHxfhIx2JifRERfPdUbcWJlvZtLi8V0SmJ5+ZXfkvo6N5YWi9G0TWp/I/NIRHz3dsTh3Opyq/MLU4VyuTTbyI/Wps+PVucXjpybLkyWJkszx8bGx48ef/r4sfbF+sePCweufvDiE1+e+Outh6+8930SJ+JAY1lzHO0yHMON96QvfQvv8EK7C+uwpNMVYEvSU7Nn5SyPQzEYPfUUAPB/9kZELAMAXSbR/gNAl8m+B7ixtFjMps5+I7Gzrj0fEXtX4s/ub64s6W3cs9tbvw86cCO5485IEhFDbSh/OCI+/fq1z9Mptuk+JEArb16KiDNDw6uv/8mqMQub9eQ6y/Y0/g/fNd/1D3bON2n/55lW/b/crf5PtOj/9Lc4d7finuf/vjYUso60//dc09i2m03xNwz1NHIP1Pt8fcnZc+VSem07GBEj0def5sfWKWPk+j/X756XvXq9//f3Sv/v9w9f/ywtP/3ftOYvvf13bjtRqBXuN+7MtUsRj/a2ij+5tf+TNfq/pzZYxkvPvvPJWsvS+NN4s2l1/NEYnbQ9li9HPN5y/98e0ZasOz5xtH44jGYHRQtf/fTxwFrlN/f/0yktP/sssBPS/T+wfvxDSfN4zermy/jh8uC3ay27d/ytj/89yav1dNaPuFio1WbHIvYkL6+ef/T2tlk+Wz+Nf+Sx1uf/esd/+pnwzAbj77366xfvHtxq/NsrjX9iU/t/84krN6d61ip/Y/t/vJ4aaczZyPVvoxW8n/cOAAAAAAAAAAAAAAAAAAAAAAAAADYqFxEHIsnlb6VzuXx+5Te8H4qBXLlSrR0+W5mbmYj6b2UPRV8ue9TlYNPzUMcaz8PP8kfvyj8VEQ9GxEf9+5LsOYoTHY4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL71/j9/9TP/Z2uHQCwbfZ2ugIAwI7T/gNA99H+A0D30f4DQPfR/gNA99H+AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsM1OnTyZTst/Li0W0/zEhfm5qcqFIxOl6lR+eq6YL1Zmz+cnK5XJcilfrEzf6/XKlcr58ZiZuzhaK1Vro9X5hdPTlbmZ2ulz04XJ0ulS345EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACbU51fmCqUy6VZiS0klu9r82SXRNGGRE/jcNot9dnRRLI7qtHmRIcvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Ef8GAAD//+GAI2c=")
open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
r9 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r10=>0x0})
ioctl$sock_inet6_SIOCADDRT(r9, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x3e}, @remote, @remote, 0x3, 0x2, 0x0, 0x0, 0xb7, 0x2000213, r10})

2.088160716s ago: executing program 4 (id=3077):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x88c02, 0x0)
write$cgroup_int(r2, 0x0, 0x2)

2.055080617s ago: executing program 2 (id=3078):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_flash={0x33, 0xea6, '.\x00'}})

1.933594768s ago: executing program 4 (id=3080):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r3, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r2, 0xffffffffffffffff, 0x0)

1.924251798s ago: executing program 2 (id=3081):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d000000"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/diskstats\x00', 0x0, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000580), 0x90040, 0x0)
dup3(r2, r0, 0x80000)
r3 = syz_open_procfs(0x0, 0x0)
fchdir(r3)
socket$netlink(0x10, 0x3, 0x8000000004)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0xfffffffffffffe90, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r6 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
fallocate(r6, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000040)={0xc, r6, 0x0, 0x0, 0x0, 0xfffffffffe000001})
syz_open_procfs(0x0, &(0x7f0000000280)='io\x00')
pread64(r1, &(0x7f0000000180)=""/73, 0x49, 0xac8c)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600015e180a00"/20], 0x78}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffb, 0xf4, 0x2, @scatter={0x2, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/62, 0x3e}, {&(0x7f0000000280)=""/77, 0x4d}]}, &(0x7f0000000340)="6a89c1b6312fb15b190889659a02662e14f4e0e76ac46bc80bdb01da7cc76b9fed80870de8bd01ed275a3527aab7d904d978f663eab00cf46007ddc13125a1087033c560476df9e0d85717a63bfd4adb8bb0233cf6379c4510336f37e17544e26b1c3263b439f0b71948ad0808873f0bf302a9ac6f606fd8c5baa17d5de06a69fb61d394bed3428aefe8a14a7f107ee4cc6780699c262615712a2c075042029d6083c48b8b34e2957e65c8c05e98d712ba6fdbd5988fbae595aff1c2e62d8afa3a09d276f41162b09fe6e2232ff506b27b31d99b8df042d906cbeb9bf10022cd75e9ce13042ed84bfaff3c8447d196e63ad6d4d8", &(0x7f0000000440)=""/26, 0xc39, 0x31, 0xffffffffffffffff, &(0x7f0000000480)})

1.801112838s ago: executing program 4 (id=3083):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)

1.764529249s ago: executing program 2 (id=3084):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES8=<r1=>0xffffffffffffffff], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
r4 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r4, &(0x7f0000000000)="80003724090000ce", 0x8, 0x4804, &(0x7f0000000040)={0xa, 0x4e22, 0xe, @mcast1, 0x9}, 0x1c)
writev(r3, &(0x7f0000001000), 0x0)
sendfile(r3, r2, 0x0, 0x7fffeff9)
syz_genetlink_get_family_id$tipc(&(0x7f0000000280), r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x4, 0x0, 0x80, 0xa8084, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000500), 0x1}, 0x126a0, 0x8, 0x5, 0x0, 0x4000000000000, 0x2, 0x7ff, 0x0, 0xffffffff, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
unlink(0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d80)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a00000015000300686173683a69702c706f72742c6e657400000000f9ee2d559fad2132352c0eeff8f5235f879d1490bd4d82a04ffd53"], 0x50}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r9, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x2, 0x2600c054)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ptrace(0x10, 0x0)
ptrace$setregs(0xd, 0x0, 0x9, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000e00)=ANY=[@ANYRES16=r1, @ANYRES64=r2, @ANYRES8=r3, @ANYBLOB="26c36e6e93ec19d4b66641c30d525b74417129e5b679302de7c90c30debf92c700a508e5b15cbe6c2970534c875f1942194437117a5c2e5e83e858519f0c1c751f8e0e383bf740cce3a7adf67b2b10c41b0e9de185ab28535b646cd6c18719f50815cf2628829fbea50da11154c01e5d9963b9a2420e93548a47236038b875df68ca4ffff0fe06c363c5e236996e7eee798a415ffe2986ec04d9bea90241eb3fe6c6115a598f867446ed981f424780b6a85d1f5a014ee75c7bd21ae28b6ecbabcbd61e3e76fd2d4a213f05456e4951c457282e4d0319b9fd9df8794c9e3b3dee58f1ec72", @ANYBLOB="141570519d89a562aca26d7af6fbd15246104cdc1cd7052b345fb6a2071e5c6c898999ab3ad2055a9456228a8de2006cb37040585a37dd482111e258e656ca6a18ff4d8510cecb940405b27e84215da63d69f88282adad55dc28dc74e6ead0d4f918ea4007b8dfba5627b372072f3603909b806e30dad9227213815e2cc87c20d41cb00a64e21483e84f25ff1f21c1c9816c6e0b1174115454b092580f3606d90add6c"], &(0x7f0000000680)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r10}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.749301249s ago: executing program 4 (id=3085):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x88a4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x8, 0x1, 'udp\x00'}, @NFTA_MATCH_INFO={0xe, 0x3, "7acc6338a90000b03bd9"}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_RULE_COMPAT_FLAGS={0x8}]}]}], {0x14}}, 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f0000000300)={0x0, "1e4e1557a609bff6a596dea0fb0503f22231b15d27fce60137b6c6cbf512f89b435f5dd9b4ae337bbf37b108c1ec26276567359e079abe967f5d8aad34301a48", 0x13}, 0x48, 0xfffffffffffffffc)
keyctl$KEYCTL_MOVE(0x1e, r4, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x9}, 0x18)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x0, 0x2}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r7, r7, 0x2f}, 0x20)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000040)=ANY=[@ANYRESHEX=0x0], 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000400)={@dev}, &(0x7f0000000440)=0x14)

1.53179302s ago: executing program 1 (id=3086):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0x81}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
io_setup(0x8, &(0x7f0000002740)=<r2=>0x0)
io_destroy(r2)

1.448151451s ago: executing program 1 (id=3087):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0xf, 0x1, 0x1})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r0=>0x0})
symlink(&(0x7f00000003c0)='./file0/file0/..\x00', &(0x7f0000000240)='./file1\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
fcntl$setpipe(r1, 0x407, 0x6)
r4 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0xca6a, 0x40, 0x3, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r4, 0xb, &(0x7f0000000480), 0x66)
dup2(r1, r1)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000340), 0x4)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000100)=[{0x0, 0x6, 0x1, 0x9}, {0xf, 0x1, 0xdc, 0x401}]})
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', r0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r5}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r6 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
fcntl$addseals(r6, 0x409, 0xb)

1.134482933s ago: executing program 0 (id=3088):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x8d, 0x40)
ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f00000003c0)=0xf4)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)
inotify_init()
msgrcv(0x0, &(0x7f0000000200)={0x0, ""/1}, 0x9, 0x1, 0x3000)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0xb, 0x6f76, 0x7, 0xb1, 0x1, 0x8, 0x7f, 0x3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x800005, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ptrace$ARCH_SET_CPUID(0x1e, 0xffffffffffffffff, 0x1, 0x1012)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x22000406, &(0x7f0000000840)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@jqfmt_vfsold}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@usrjquota}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@nobh}, {@grpid}], [], 0x2c}, 0x84, 0x4d9, &(0x7f0000000900)="$eJzs3M1vFOUfAPDvTOkLry38yO/340WporERbWlB5eBBjSZcNCZ6wGMtlSALGFoTIUSKMXg0/gXq0cTEkxdPmhijXtR41bsxIYYL6MGsmd2Zdpd96W4LrbCfTzK7zzPzzMv3mXlmn9nZnQB61mj2kkRsiYhfImK4mq0vMFp9u3Ht4syf1y7OJFEuv/RHUil3/drFmaJoMd/mPDOWRqTvJrGnyXrnzl84NV0qzZ7L8xPzp9+YmDt/4dGTp6dPzJ6YPTN15MjhQ5NPPD71WEdxXFpmehbX9d1vn9276+grHzw/U45Xv/s0294t+fTaOKpGOlpvO6MxGuXc0tiByuuDq176v8vWiBjM08mGdd4YOtYXEdnu6q+0/+Hoi6WdNxzPvbOY+XqdNhC4bbLPpu0NY/vy93Tx8wu4GyXaOPSo4hM/u/4thrXsf6y3q09nr7OV+G/kww8vVOsmza5lR6pX7H0t5v9vk3E1l7/l4WXWvyUiji389WE2RNPvIdpIOi4JALDoy6z/80iz/l9a17fZlt9DGYmIAxGxIyL+ExE7I10s87+I+H+X6x+9Kd/Y//lpY5eL7ErW/3syv7dVDNUpRVzJYm5rJf7+5LWTpdmDeZ2MRf9glp9ss46vnv35/VbTRmv6f9mQrb/oC+bb8fuGwfp5jk/PT68i5DpXL0eSdVgb408W+7FZDeyKiN0rWH5WZycf/mRvlt62uXH68vG3cQvuM5U/jniouv8X4qb4C0l1Ta3uT04MRWn24ERxVDT6/scrL9bm+2vSdfEPdRbT0EqDbeLq5YhNTY//PP6iGRT3a+e6X8eVX99reU3TuP+TOLZQWyI//jcuVVt2/A8kL1fSA/m4t6bn589NRgzkI+rGTy0trcgX5bP4x/bXx1+9Lk6zc9zfH+Xz7YmI7CC+JyLujYh9+bbfFxH3R8T+NvF/+8wDr7evoRUe/7dAFv/xdvs/YiSpvV+/gkTfqW++aLX+zs5/hyupsXxM7flvoMVyO93A1dYfAAAA3AnSyj3oJB2v+f12YWdsSktn5+YPjMabZ45X71WPRH9afNM1XPN96GT+3XCRn7opfygitld+abSxkh+fOVvauk4xA1Wba9p/9VyQpuPj1Wm/tfrRC3D36Oo+Wu2Pzj77/NZvDLCm/F8Tepf2D71L+4fepf1D72rW/i9F3FiHTQHWmM9/6F3aP/Qu7R96l/YPPanxL/H541ayc8LK//Jf2nF0NU8MuP2J8vDKZ4/Wkxa6X2BfZ4WLp190vOTOCicRbcJpl4i0fZmBzjd17RPpsmWeWq5a+rt6JsZQk9rYlycGI6LT5Vxas1otzhCJp0wCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3tH8CAAD//9DQ4lI=")
syz_pidfd_open(0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x1f, 0x0, @thr={&(0x7f0000000140)="437299b884ea2636436bb6317ead8f56d31854836505b952e3908af309ca1c0014c187414cdcbcb1bee876daed9f9e19a2d7f10c", &(0x7f0000000640)="5b1ed6aaa8a53053059fbea55bc958dd0a0abb2f804962e5ee025fe6be3e4439a2147bf97f51ba48c40cd8c65c4acd201e74584ebacf25146e0a85e17890a63730edc838f8960703a519127e8d9ca5b062cd4a074ec534b23a0732141c303d4b3aa202a6b71a7133b7222cc16857114b7e7c6096366875a8ab79e72319eb0af5872b1cf1e4a2972624b2bb293ad24a8b8067d0d0645200a38e3a69808ef6ae2a32a54c19bff6e0fe52fc0e541190ec865f0dece5aa75acd85688085d69f39f49addbec1caddb30ae83621b9e0e571f5714fdd07f254a0000"}}, &(0x7f0000000180)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xe)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x20)
fadvise64(r4, 0xfcff, 0x20000, 0x3)

789.455145ms ago: executing program 3 (id=3089):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES8=<r1=>0xffffffffffffffff], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
r4 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r4, &(0x7f0000000000)="80003724090000ce", 0x8, 0x4804, &(0x7f0000000040)={0xa, 0x4e22, 0xe, @mcast1, 0x9}, 0x1c)
writev(r3, &(0x7f0000001000), 0x0)
sendfile(r3, r2, 0x0, 0x7fffeff9)
syz_genetlink_get_family_id$tipc(&(0x7f0000000280), r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x4, 0x0, 0x80, 0xa8084, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000500), 0x1}, 0x126a0, 0x8, 0x5, 0x0, 0x4000000000000, 0x2, 0x7ff, 0x0, 0xffffffff, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
unlink(0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d80)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a00000015000300686173683a69702c706f72742c6e657400000000f9ee2d559fad2132352c0eeff8f5235f879d1490bd4d82a04ffd53"], 0x50}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r9, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x2, 0x2600c054)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ptrace(0x10, 0x0)
ptrace$setregs(0xd, 0x0, 0x9, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000e00)=ANY=[@ANYRES16=r1, @ANYRES64=r2, @ANYRES8=r3, @ANYBLOB="26c36e6e93ec19d4b66641c30d525b74417129e5b679302de7c90c30debf92c700a508e5b15cbe6c2970534c875f1942194437117a5c2e5e83e858519f0c1c751f8e0e383bf740cce3a7adf67b2b10c41b0e9de185ab28535b646cd6c18719f50815cf2628829fbea50da11154c01e5d9963b9a2420e93548a47236038b875df68ca4ffff0fe06c363c5e236996e7eee798a415ffe2986ec04d9bea90241eb3fe6c6115a598f867446ed981f424780b6a85d1f5a014ee75c7bd21ae28b6ecbabcbd61e3e76fd2d4a213f05456e4951c457282e4d0319b9fd9df8794c9e3b3dee58f1ec72", @ANYBLOB="141570519d89a562aca26d7af6fbd15246104cdc1cd7052b345fb6a2071e5c6c898999ab3ad2055a9456228a8de2006cb37040585a37dd482111e258e656ca6a18ff4d8510cecb940405b27e84215da63d69f88282adad55dc28dc74e6ead0d4f918ea4007b8dfba5627b372072f3603909b806e30dad9227213815e2cc87c20d41cb00a64e21483e84f25ff1f21c1c9816c6e0b1174115454b092580f3606d90add6c"], &(0x7f0000000680)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r10}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

564.893376ms ago: executing program 1 (id=3090):
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x16)
r0 = socket(0x8000000010, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8d5b}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, 0x0, &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000009c0)={&(0x7f00000015c0)=ANY=[@ANYBLOB="9feb0100180000000000000078000000780000000a000000080000000000000700000000040000000000000c0300000005000000000000080400000004000000030000930100000004000000050000000a0000000a00000005000000000000000d00000008000000008000000700000000000010040000000c00000000000007000000000000000000000008040000000061612e2e5f2e2e61"], 0x0, 0x9a, 0x0, 0x1, 0x10001}, 0x28)
read(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x1fffffffffffffcd, &(0x7f0000000b80)=ANY=[@ANYBLOB="18d9fbf119290300000000000000000000000000000000008500000022000000180100002020702500000000022020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072cc74ba852e886b20e6e50c3b3a1ce0c9d2ba54860f986223fdeaedff8cb8afaccbb5c2131c8f6b299fadb9a39238d06e"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r4}, 0x10)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

474.314707ms ago: executing program 1 (id=3091):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_flash={0x33, 0xea6, '.\x00'}})

414.754977ms ago: executing program 1 (id=3092):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x20, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x80}, 0x18)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/diskstats\x00', 0x0, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000580), 0x90040, 0x0)
dup3(r3, r0, 0x80000)
r4 = syz_open_procfs(0x0, 0x0)
fchdir(r4)
socket$netlink(0x10, 0x3, 0x8000000004)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=0x0, @ANYRES64=r3, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0xfffffffffffffe90, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r6 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
fallocate(r6, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000040)={0xc, r6, 0x0, 0x0, 0x0, 0xfffffffffe000001})
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000280)='io\x00')
preadv(r8, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x9)
pread64(r2, &(0x7f0000000180)=""/73, 0x49, 0xac8c)
r9 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600015e180a00"/20], 0x78}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r10 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SG_IO(r10, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffb, 0xf4, 0x2, @scatter={0x2, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/62, 0x3e}, {&(0x7f0000000280)=""/77, 0x4d}]}, &(0x7f0000000340)="6a89c1b6312fb15b190889659a02662e14f4e0e76ac46bc80bdb01da7cc76b9fed80870de8bd01ed275a3527aab7d904d978f663eab00cf46007ddc13125a1087033c560476df9e0d85717a63bfd4adb8bb0233cf6379c4510336f37e17544e26b1c3263b439f0b71948ad0808873f0bf302a9ac6f606fd8c5baa17d5de06a69fb61d394bed3428aefe8a14a7f107ee4cc6780699c262615712a2c075042029d6083c48b8b34e2957e65c8c05e98d712ba6fdbd5988fbae595aff1c2e62d8afa3a09d276f41162b09fe6e2232ff506b27b31d99b8df042d906cbeb9bf10022cd75e9ce13042ed84bfaff3c8447d196e63ad6d4d8", &(0x7f0000000440)=""/26, 0xc39, 0x31, 0xffffffffffffffff, &(0x7f0000000480)})

288.593738ms ago: executing program 1 (id=3093):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$pptp(0x18, 0x1, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x2a200)
io_uring_setup(0x5b54, &(0x7f0000000040)={0x0, 0x2df0, 0x0, 0x0, 0x2b2})
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r3, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r2, 0xffffffffffffffff, 0x0)

57.6362ms ago: executing program 0 (id=3094):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x9}, 0x18)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x3fb1, &(0x7f0000000300)={0x0, 0x9cae, 0x40, 0x5, 0xd6}, &(0x7f0000000100), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x22, &(0x7f0000000380)={&(0x7f0000003000)={[{0x0, 0x0, 0x3}]}, 0x1}, 0x1)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0x20)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r4, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

28.77869ms ago: executing program 3 (id=3095):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x9}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000500000018000180140002007379"], 0x44}}, 0x20008000)

3.00015ms ago: executing program 4 (id=3096):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@name={0x1e, 0x2, 0x3, {{0x43, 0x1}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)

0s ago: executing program 3 (id=3097):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000001, 0x6031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000001240), 0x0, 0x0)
mmap$usbfs(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x12, r2, 0x0)

kernel console output (not intermixed with test programs):

: detected capacity change from 0 to 2048
[  161.229075][T11043] ext4 filesystem being mounted at /524/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.379840][T11058] loop0: detected capacity change from 0 to 512
[  161.390220][T11058] ext4 filesystem being mounted at /500/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.489520][T11068] loop0: detected capacity change from 0 to 2048
[  161.560136][   T52] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  161.574945][   T52] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  161.587134][   T52] EXT4-fs (loop0): This should not happen!! Data will be lost
[  161.587134][   T52] 
[  161.596854][   T52] EXT4-fs (loop0): Total free blocks count 0
[  161.602840][   T52] EXT4-fs (loop0): Free/Dirty block details
[  161.608742][   T52] EXT4-fs (loop0): free_blocks=2415919504
[  161.614480][   T52] EXT4-fs (loop0): dirty_blocks=32
[  161.619739][   T52] EXT4-fs (loop0): Block reservation details
[  161.625940][   T52] EXT4-fs (loop0): i_reserved_data_blocks=2
[  161.632069][ T3444] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  161.644716][ T3444] EXT4-fs (loop0): This should not happen!! Data will be lost
[  161.644716][ T3444] 
[  161.688320][T11072] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2502'.
[  161.700965][T11072] loop0: detected capacity change from 0 to 512
[  161.708879][T11072] EXT4-fs: Ignoring removed bh option
[  161.715104][T11072] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  161.724188][T11072] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  161.733258][T11072] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  161.742769][T11072] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  161.753342][T11072] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  161.786161][T11077] loop4: detected capacity change from 0 to 512
[  161.801002][T11077] ext4 filesystem being mounted at /468/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.925779][T11090] loop1: detected capacity change from 0 to 512
[  161.933365][T11090] EXT4-fs: Ignoring removed bh option
[  161.947086][T11090] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  161.956177][T11090] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  161.965345][T11090] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  161.975152][T11090] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  162.005645][T11096] netlink: 'syz.1.2509': attribute type 4 has an invalid length.
[  162.013529][T11096] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2509'.
[  162.064399][T11100] loop3: detected capacity change from 0 to 512
[  162.228203][T11100] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2510: bg 0: block 248: padding at end of block bitmap is not set
[  162.242995][T11100] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2510: Failed to acquire dquot type 1
[  162.257835][T11100] EXT4-fs (loop3): 1 truncate cleaned up
[  162.272796][T11100] ext4 filesystem being mounted at /492/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.290682][T11106] loop0: detected capacity change from 0 to 512
[  162.313453][T11102] wg1 speed is unknown, defaulting to 1000
[  162.331269][T11100] netlink: 'syz.3.2510': attribute type 1 has an invalid length.
[  162.339062][T11100] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2510'.
[  162.360288][T11106] ext4 filesystem being mounted at /507/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.408587][T11108] wg1 speed is unknown, defaulting to 1000
[  162.461839][T11115] loop0: detected capacity change from 0 to 128
[  162.538622][T11121] loop0: detected capacity change from 0 to 512
[  162.563220][T11121] ext4 filesystem being mounted at /509/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.576884][T11119] wg1 speed is unknown, defaulting to 1000
[  162.837436][T11140] FAULT_INJECTION: forcing a failure.
[  162.837436][T11140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.850713][T11140] CPU: 1 UID: 0 PID: 11140 Comm: syz.2.2523 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  162.850741][T11140] Tainted: [W]=WARN
[  162.850747][T11140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  162.850758][T11140] Call Trace:
[  162.850763][T11140]  <TASK>
[  162.850770][T11140]  __dump_stack+0x1d/0x30
[  162.850797][T11140]  dump_stack_lvl+0xe8/0x140
[  162.850854][T11140]  dump_stack+0x15/0x1b
[  162.850872][T11140]  should_fail_ex+0x265/0x280
[  162.850899][T11140]  should_fail+0xb/0x20
[  162.850959][T11140]  should_fail_usercopy+0x1a/0x20
[  162.850979][T11140]  _copy_from_user+0x1c/0xb0
[  162.851002][T11140]  ___sys_sendmsg+0xc1/0x1d0
[  162.851034][T11140]  __x64_sys_sendmsg+0xd4/0x160
[  162.851070][T11140]  x64_sys_call+0x191e/0x3000
[  162.851128][T11140]  do_syscall_64+0xd2/0x200
[  162.851147][T11140]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  162.851218][T11140]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  162.851254][T11140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.851349][T11140] RIP: 0033:0x7fd060ecf6c9
[  162.851367][T11140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.851391][T11140] RSP: 002b:00007fd05f92f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  162.851409][T11140] RAX: ffffffffffffffda RBX: 00007fd061125fa0 RCX: 00007fd060ecf6c9
[  162.851421][T11140] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  162.851478][T11140] RBP: 00007fd05f92f090 R08: 0000000000000000 R09: 0000000000000000
[  162.851489][T11140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.851500][T11140] R13: 00007fd061126038 R14: 00007fd061125fa0 R15: 00007ffcad0a0e98
[  162.851517][T11140]  </TASK>
[  163.092297][T11148] loop2: detected capacity change from 0 to 512
[  163.154205][T11148] ext4 filesystem being mounted at /533/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.189344][T11159] loop3: detected capacity change from 0 to 512
[  163.230996][T11159] ext4 filesystem being mounted at /494/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.251558][T11164] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2528'.
[  163.404372][T11166] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2532'.
[  163.509471][T11179] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2536'.
[  163.587905][T11175] wg1 speed is unknown, defaulting to 1000
[  163.611450][T11181] netlink: 'syz.3.2537': attribute type 12 has an invalid length.
[  163.640246][T11184] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.649338][T11184] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.380372][T11208] netlink: 'syz.1.2546': attribute type 4 has an invalid length.
[  164.388165][T11208] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2546'.
[  164.519429][T11215] loop1: detected capacity change from 0 to 512
[  164.526266][T11215] EXT4-fs: Ignoring removed nobh option
[  164.543882][T11215] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  164.555395][T11215] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[  164.565550][T11215] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2547: Corrupt directory, running e2fsck is recommended
[  164.586834][T11215] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  164.595752][T11215] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.2547: corrupted in-inode xattr: invalid ea_ino
[  164.616326][T11215] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2547: couldn't read orphan inode 15 (err -117)
[  164.628775][T11215] EXT4-fs mount: 163 callbacks suppressed
[  164.628786][T11215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.656179][T11222] loop4: detected capacity change from 0 to 512
[  164.706066][T11222] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm syz.4.2551: iget: bad extra_isize 90 (inode size 256)
[  164.736371][T11222] EXT4-fs (loop4): Remounting filesystem read-only
[  164.753617][T11222] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -30)
[  164.796453][T11222] EXT4-fs (loop4): 1 orphan inode deleted
[  164.848415][T11222] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.928880][T11234] netlink: 'syz.4.2551': attribute type 1 has an invalid length.
[  164.942509][T11234] 8021q: adding VLAN 0 to HW filter on device bond6
[  165.068989][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.317017][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.461835][   T29] kauditd_printk_skb: 716 callbacks suppressed
[  165.461850][   T29] audit: type=1326 audit(1762621479.670:9642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11242 comm="syz.1.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d92b1f6c9 code=0x7ffc0000
[  165.494229][T11245] netlink: 'syz.1.2557': attribute type 4 has an invalid length.
[  165.501983][T11245] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2557'.
[  165.542988][   T29] audit: type=1326 audit(1762621479.700:9643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11242 comm="syz.1.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d92b1f6c9 code=0x7ffc0000
[  165.566443][   T29] audit: type=1326 audit(1762621479.700:9644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11242 comm="syz.1.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d92b1f6c9 code=0x7ffc0000
[  165.589911][   T29] audit: type=1326 audit(1762621479.700:9645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11242 comm="syz.1.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5d92b1f6c9 code=0x7ffc0000
[  165.603049][T11247] wg1 speed is unknown, defaulting to 1000
[  165.613366][   T29] audit: type=1326 audit(1762621479.730:9646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11242 comm="syz.1.2557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d92b1f6c9 code=0x7ffc0000
[  165.658917][T11250] loop1: detected capacity change from 0 to 128
[  165.756489][T11227] syz.0.2553 (11227) used greatest stack depth: 7040 bytes left
[  166.013807][T11267] loop0: detected capacity change from 0 to 512
[  166.020515][T11267] EXT4-fs: Ignoring removed bh option
[  166.026297][T11267] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  166.035373][T11267] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  166.066295][T11267] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  166.076062][T11267] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  166.084606][T11267] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.128396][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.277431][T11286] loop2: detected capacity change from 0 to 512
[  166.291278][T11286] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.306231][   T29] audit: type=1326 audit(1762621480.510:9647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11280 comm="syz.4.2570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  166.329785][   T29] audit: type=1326 audit(1762621480.510:9648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11280 comm="syz.4.2570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f834070df10 code=0x7ffc0000
[  166.353430][   T29] audit: type=1326 audit(1762621480.510:9649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11280 comm="syz.4.2570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  166.376981][   T29] audit: type=1326 audit(1762621480.510:9650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11280 comm="syz.4.2570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  166.385897][T11286] ext4 filesystem being mounted at /542/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.400493][   T29] audit: type=1326 audit(1762621480.510:9651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11280 comm="syz.4.2570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  166.458139][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.494655][T11298] loop1: detected capacity change from 0 to 512
[  166.511631][T11298] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.524402][T11298] ext4 filesystem being mounted at /526/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.571014][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.670181][T11317] netlink: 284 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  166.797002][T11324] loop3: detected capacity change from 0 to 128
[  166.818048][T11324] EXT4-fs: Ignoring removed nobh option
[  166.841570][T11324] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.911567][T11330] loop1: detected capacity change from 0 to 512
[  166.942765][T11324] ext4 filesystem being mounted at /500/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.949217][T11330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.957492][T11321] wg1 speed is unknown, defaulting to 1000
[  166.973431][T11330] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.999762][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.029910][T11335] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2588'.
[  167.039003][T11335] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  167.062283][T11335] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  167.062283][T11335]    program syz.4.2588 not setting count and/or reply_len properly
[  167.085764][ T3313] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.183222][T11354] netlink: 'syz.1.2594': attribute type 1 has an invalid length.
[  167.191100][T11354] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2594'.
[  167.226446][T11357] loop2: detected capacity change from 0 to 512
[  167.253515][T11365] loop3: detected capacity change from 0 to 128
[  167.281924][T11367] FAULT_INJECTION: forcing a failure.
[  167.281924][T11367] name failslab, interval 1, probability 0, space 0, times 0
[  167.294647][T11367] CPU: 1 UID: 0 PID: 11367 Comm: syz.1.2598 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  167.294733][T11367] Tainted: [W]=WARN
[  167.294742][T11367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  167.294756][T11367] Call Trace:
[  167.294763][T11367]  <TASK>
[  167.294771][T11367]  __dump_stack+0x1d/0x30
[  167.294796][T11367]  dump_stack_lvl+0xe8/0x140
[  167.294822][T11367]  dump_stack+0x15/0x1b
[  167.294842][T11367]  should_fail_ex+0x265/0x280
[  167.294864][T11367]  should_failslab+0x8c/0xb0
[  167.295039][T11367]  kmem_cache_alloc_noprof+0x50/0x480
[  167.295083][T11367]  ? audit_log_start+0x342/0x720
[  167.295113][T11367]  audit_log_start+0x342/0x720
[  167.295139][T11367]  ? kstrtouint+0x76/0xc0
[  167.295179][T11367]  audit_seccomp+0x48/0x100
[  167.295258][T11367]  ? __seccomp_filter+0x82d/0x1250
[  167.295285][T11367]  __seccomp_filter+0x83e/0x1250
[  167.295323][T11367]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  167.295392][T11367]  ? vfs_write+0x7e8/0x960
[  167.295415][T11367]  ? __rcu_read_unlock+0x4f/0x70
[  167.295507][T11367]  ? __fget_files+0x184/0x1c0
[  167.295539][T11367]  __secure_computing+0x82/0x150
[  167.295566][T11367]  syscall_trace_enter+0xcf/0x1e0
[  167.295597][T11367]  do_syscall_64+0xac/0x200
[  167.295632][T11367]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  167.295730][T11367]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  167.295770][T11367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.295850][T11367] RIP: 0033:0x7f5d92b1f6c9
[  167.295869][T11367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.295892][T11367] RSP: 002b:00007f5d9157f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[  167.295913][T11367] RAX: ffffffffffffffda RBX: 00007f5d92d75fa0 RCX: 00007f5d92b1f6c9
[  167.295927][T11367] RDX: 0000000000000007 RSI: 0000000000004000 RDI: 0000200000ff9000
[  167.295938][T11367] RBP: 00007f5d9157f090 R08: 0000000000000000 R09: 0000000000000000
[  167.295949][T11367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.295960][T11367] R13: 00007f5d92d76038 R14: 00007f5d92d75fa0 R15: 00007ffe88f85af8
[  167.296005][T11367]  </TASK>
[  167.547267][T11357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.584509][T11374] loop3: detected capacity change from 0 to 128
[  167.587713][T11357] ext4 filesystem being mounted at /546/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.611646][T11374] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  167.645019][T11374] ext4 filesystem being mounted at /504/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  167.704842][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.778729][T11392] binfmt_misc: register: failed to install interpreter file ./file0
[  167.807969][T11392] loop0: detected capacity change from 0 to 512
[  167.809858][T11399] qrtr: Invalid version 235
[  167.828894][T11392] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  167.845330][T11392] EXT4-fs (loop0): mount failed
[  167.868421][T11406] loop2: detected capacity change from 0 to 128
[  167.928294][T11415] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11415 comm=syz.2.2613
[  167.949658][T11415] serio: Serial port ptm0
[  168.132704][T11427] loop1: detected capacity change from 0 to 512
[  168.159629][T11427] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.172150][T11427] ext4 filesystem being mounted at /542/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.207000][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.218270][T11433] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  168.226489][T11433] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  168.240399][T11435] loop4: detected capacity change from 0 to 128
[  168.275760][T11437] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  168.334441][T11441] loop2: detected capacity change from 0 to 512
[  168.341076][T11441] EXT4-fs: Ignoring removed bh option
[  168.347034][T11441] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  168.356210][T11441] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  168.378610][T11441] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  168.413112][T11447] wg1 speed is unknown, defaulting to 1000
[  168.430284][T11441] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  168.439138][T11441] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.440789][ T3313] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.489137][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.535482][T11454] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2628'.
[  168.672449][T11456] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2629'.
[  168.742454][T11463] loop1: detected capacity change from 0 to 512
[  168.768063][T11463] EXT4-fs: Ignoring removed nobh option
[  168.794188][T11463] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  168.805879][T11463] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[  168.816052][T11463] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2632: Corrupt directory, running e2fsck is recommended
[  168.829982][T11463] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  168.838261][T11463] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.2632: corrupted in-inode xattr: invalid ea_ino
[  168.852150][T11463] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2632: couldn't read orphan inode 15 (err -117)
[  168.867356][T11463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.906771][T11473] SELinux: failed to load policy
[  168.927496][T11473] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11473 comm=syz.4.2636
[  168.940194][T11473] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11473 comm=syz.4.2636
[  169.225477][T11484] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2640'.
[  169.315582][T11493] loop2: detected capacity change from 0 to 128
[  169.316837][T11488] wg1 speed is unknown, defaulting to 1000
[  169.384147][T11499] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11499 comm=syz.0.2646
[  169.402540][T11499] serio: Serial port ptm0
[  169.532746][T11504] FAULT_INJECTION: forcing a failure.
[  169.532746][T11504] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  169.546028][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.3.2647 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  169.546066][T11504] Tainted: [W]=WARN
[  169.546074][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  169.546089][T11504] Call Trace:
[  169.546097][T11504]  <TASK>
[  169.546105][T11504]  __dump_stack+0x1d/0x30
[  169.546197][T11504]  dump_stack_lvl+0xe8/0x140
[  169.546269][T11504]  dump_stack+0x15/0x1b
[  169.546285][T11504]  should_fail_ex+0x265/0x280
[  169.546367][T11504]  should_fail_alloc_page+0xf2/0x100
[  169.546403][T11504]  __alloc_frozen_pages_noprof+0xff/0x360
[  169.546426][T11504]  alloc_pages_mpol+0xb3/0x260
[  169.546447][T11504]  vma_alloc_folio_noprof+0x1aa/0x300
[  169.546507][T11504]  handle_mm_fault+0xec2/0x2be0
[  169.546531][T11504]  ? mt_find+0x208/0x320
[  169.546560][T11504]  do_user_addr_fault+0x3fe/0x1080
[  169.546628][T11504]  exc_page_fault+0x62/0xa0
[  169.546693][T11504]  asm_exc_page_fault+0x26/0x30
[  169.546712][T11504] RIP: 0010:rep_movs_alternative+0x33/0x90
[  169.546740][T11504] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d f9 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  169.546757][T11504] RSP: 0018:ffffc9000f5cfd50 EFLAGS: 00050246
[  169.546843][T11504] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
[  169.546855][T11504] RDX: 0000000000000000 RSI: ffff88811910f000 RDI: 0000200000001240
[  169.546867][T11504] RBP: ffff88811910f000 R08: 000000000000057c R09: 0000000000000000
[  169.546878][T11504] R10: 000188811910f000 R11: 000188811910f007 R12: 0000200000001248
[  169.546891][T11504] R13: 00007ffffffff000 R14: 0000200000001240 R15: ffff88811910f000
[  169.546909][T11504]  _copy_to_user+0x7c/0xa0
[  169.547012][T11504]  pagemap_read+0x379/0x5e0
[  169.547042][T11504]  ? __pfx_pagemap_read+0x10/0x10
[  169.547068][T11504]  vfs_read+0x1a8/0x770
[  169.547159][T11504]  ? __fget_files+0x184/0x1c0
[  169.547256][T11504]  ? __rcu_read_unlock+0x4f/0x70
[  169.547280][T11504]  ? __fget_files+0x184/0x1c0
[  169.547385][T11504]  __x64_sys_pread64+0xfd/0x150
[  169.547415][T11504]  x64_sys_call+0x29e6/0x3000
[  169.547436][T11504]  do_syscall_64+0xd2/0x200
[  169.547454][T11504]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  169.547517][T11504]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  169.547547][T11504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.547624][T11504] RIP: 0033:0x7fa2570df6c9
[  169.547643][T11504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.547664][T11504] RSP: 002b:00007fa255b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  169.547684][T11504] RAX: ffffffffffffffda RBX: 00007fa257335fa0 RCX: 00007fa2570df6c9
[  169.547698][T11504] RDX: 0000000000019000 RSI: 0000200000001240 RDI: 0000000000000003
[  169.547710][T11504] RBP: 00007fa255b47090 R08: 0000000000000000 R09: 0000000000000000
[  169.547754][T11504] R10: 0000000ffffffff8 R11: 0000000000000246 R12: 0000000000000001
[  169.547765][T11504] R13: 00007fa257336038 R14: 00007fa257335fa0 R15: 00007ffc9e4214b8
[  169.547782][T11504]  </TASK>
[  169.929576][T11507] loop3: detected capacity change from 0 to 512
[  169.936360][T11507] EXT4-fs: Ignoring removed bh option
[  169.942355][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.951791][T11507] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  169.960925][T11507] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  169.983616][T11512] ip6t_srh: unknown srh match flags  4000
[  169.993870][T11507] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  170.004651][T11507] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  170.013605][T11507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.042140][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.060064][T11519] loop1: detected capacity change from 0 to 128
[  170.078050][T11519] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.096158][T11519] ext4 filesystem being mounted at /549/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.116524][ T3315] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.147839][T11530] ip6t_srh: unknown srh match flags  4000
[  170.157189][T11531] ip6t_srh: unknown srh match flags  4000
[  170.286275][T11538] loop2: detected capacity change from 0 to 512
[  170.286297][T11536] loop1: detected capacity change from 0 to 512
[  170.311625][T11538] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.324269][T11538] ext4 filesystem being mounted at /565/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.324260][T11536] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #18: comm syz.1.2657: iget: bad extra_isize 90 (inode size 256)
[  170.348528][T11536] EXT4-fs (loop1): Remounting filesystem read-only
[  170.355261][T11536] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -30)
[  170.364351][T11536] EXT4-fs (loop1): 1 orphan inode deleted
[  170.370595][T11536] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.371567][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.435645][T11545] netlink: 'syz.1.2657': attribute type 1 has an invalid length.
[  170.448560][T11545] 8021q: adding VLAN 0 to HW filter on device bond5
[  170.555041][T11549] loop2: detected capacity change from 0 to 512
[  170.561971][T11549] EXT4-fs: Ignoring removed nobh option
[  170.569180][T11549] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  170.580687][T11549] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  170.590930][T11549] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.2660: Corrupt directory, running e2fsck is recommended
[  170.604798][T11549] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  170.613112][T11549] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2660: corrupted in-inode xattr: invalid ea_ino
[  170.626624][T11549] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2660: couldn't read orphan inode 15 (err -117)
[  170.639474][T11549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.666551][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.979096][T11561] loop3: detected capacity change from 0 to 512
[  170.985671][T11561] EXT4-fs: Ignoring removed bh option
[  170.998339][T11561] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  171.007386][T11561] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  171.040742][T11567] SELinux: ebitmap: truncated map
[  171.051741][T11567] SELinux: failed to load policy
[  171.078478][T11561] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  171.092199][T11561] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  171.101145][T11561] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.133791][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.176008][   T29] kauditd_printk_skb: 606 callbacks suppressed
[  171.176022][   T29] audit: type=1326 audit(1762621485.380:10255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.179291][T11572] loop3: detected capacity change from 0 to 512
[  171.182307][   T29] audit: type=1326 audit(1762621485.380:10256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.213524][T11570] infiniband !yz!: set active
[  171.235784][   T29] audit: type=1326 audit(1762621485.380:10257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.240409][T11570] infiniband !yz!: added team_slave_0
[  171.257762][T11570] RDS/IB: !yz!: added
[  171.264065][   T29] audit: type=1326 audit(1762621485.380:10258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.269585][T11570] smc: adding ib device !yz! with port count 1
[  171.273397][   T29] audit: type=1326 audit(1762621485.380:10259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.297171][T11570] smc:    ib device !yz! port 1 has no pnetid
[  171.303079][   T29] audit: type=1326 audit(1762621485.380:10260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.356219][   T29] audit: type=1326 audit(1762621485.380:10261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.361603][T11572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.379821][   T29] audit: type=1326 audit(1762621485.380:10262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.4.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  171.422641][T11572] ext4 filesystem being mounted at /511/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.565023][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.581261][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.647533][T11578] serio: Serial port ptm0
[  171.672689][   T29] audit: type=1326 audit(1762621485.880:10263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2570df6c9 code=0x7ffc0000
[  171.695816][   T29] audit: type=1326 audit(1762621485.880:10264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2570df6c9 code=0x7ffc0000
[  171.721304][T11557] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2662'.
[  171.840633][T11592] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2674'.
[  171.863558][ T4433] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[  171.871444][ T4433] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[  171.893099][T11599] loop0: detected capacity change from 0 to 512
[  171.953140][T11599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.967714][ T4433] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[  171.979527][T11605] loop3: detected capacity change from 0 to 512
[  172.012605][T11606] loop2: detected capacity change from 0 to 512
[  172.035132][T11599] ext4 filesystem being mounted at /537/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.060793][ T4433] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  172.073170][T11605] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.2680: iget: bad extra_isize 90 (inode size 256)
[  172.086757][T11605] EXT4-fs (loop3): Remounting filesystem read-only
[  172.093447][T11605] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -30)
[  172.102571][T11605] EXT4-fs (loop3): 1 orphan inode deleted
[  172.108765][T11605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.121999][T11606] EXT4-fs: Ignoring removed nobh option
[  172.128669][T11606] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  172.140248][T11606] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  172.150381][T11606] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.2679: Corrupt directory, running e2fsck is recommended
[  172.164967][T11606] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  172.173373][T11606] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2679: corrupted in-inode xattr: invalid ea_ino
[  172.188431][T11606] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2679: couldn't read orphan inode 15 (err -117)
[  172.201133][T11606] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.224565][T11614] netlink: 'syz.3.2680': attribute type 1 has an invalid length.
[  172.238588][T11614] 8021q: adding VLAN 0 to HW filter on device bond6
[  172.350028][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.419295][T11610] fido_id[11610]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  172.471327][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.523913][T11623] loop3: detected capacity change from 0 to 512
[  172.546759][T11623] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.2683: iget: bad extra_isize 90 (inode size 256)
[  172.630373][T11633] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11633 comm=syz.4.2686
[  172.644400][T11623] EXT4-fs (loop3): Remounting filesystem read-only
[  172.655152][T11633] serio: Serial port ptm0
[  172.660294][T11623] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -30)
[  172.679392][T11623] EXT4-fs (loop3): 1 orphan inode deleted
[  172.685642][T11623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.758545][T11639] netlink: 'syz.3.2683': attribute type 1 has an invalid length.
[  172.772233][T11639] 8021q: adding VLAN 0 to HW filter on device bond7
[  172.781437][T11638] wg1 speed is unknown, defaulting to 1000
[  172.887699][T11649] loop4: detected capacity change from 0 to 128
[  172.909021][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.920080][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.028374][T11661] loop4: detected capacity change from 0 to 512
[  173.042010][T11661] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm syz.4.2693: iget: bad extra_isize 90 (inode size 256)
[  173.097105][T11661] EXT4-fs (loop4): Remounting filesystem read-only
[  173.103825][T11661] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -30)
[  173.112925][T11661] EXT4-fs (loop4): 1 orphan inode deleted
[  173.119218][T11661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.184037][T11685] netlink: 'syz.4.2693': attribute type 1 has an invalid length.
[  173.211248][T11685] 8021q: adding VLAN 0 to HW filter on device bond7
[  173.327234][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.364504][T11705] loop4: detected capacity change from 0 to 512
[  173.389975][T11705] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.409321][T11705] ext4 filesystem being mounted at /506/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.434795][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.608636][T11748] loop3: detected capacity change from 0 to 512
[  173.622710][T11716] wg1 speed is unknown, defaulting to 1000
[  173.642533][T11748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.672655][T11756] SELinux:  Context system_u:object_r:getty_etc_t:s0 is not valid (left unmapped).
[  173.702737][T11748] ext4 filesystem being mounted at /518/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.739951][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.741787][T11762] loop1: detected capacity change from 0 to 512
[  173.756808][T11762] EXT4-fs: Ignoring removed nobh option
[  173.786852][T11762] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  173.798471][T11762] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[  173.808670][T11762] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2701: Corrupt directory, running e2fsck is recommended
[  173.822821][T11762] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  173.831164][T11762] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.2701: corrupted in-inode xattr: invalid ea_ino
[  173.844923][T11762] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2701: couldn't read orphan inode 15 (err -117)
[  173.863551][T11772] FAULT_INJECTION: forcing a failure.
[  173.863551][T11772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.876757][T11772] CPU: 0 UID: 0 PID: 11772 Comm: syz.3.2705 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  173.876852][T11772] Tainted: [W]=WARN
[  173.876862][T11772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  173.876878][T11772] Call Trace:
[  173.876886][T11772]  <TASK>
[  173.876895][T11772]  __dump_stack+0x1d/0x30
[  173.876924][T11772]  dump_stack_lvl+0xe8/0x140
[  173.876956][T11772]  dump_stack+0x15/0x1b
[  173.876974][T11772]  should_fail_ex+0x265/0x280
[  173.876994][T11772]  should_fail+0xb/0x20
[  173.877028][T11772]  should_fail_usercopy+0x1a/0x20
[  173.877057][T11772]  _copy_from_user+0x1c/0xb0
[  173.877195][T11772]  get_timespec64+0x4c/0x100
[  173.877231][T11772]  __se_sys_io_pgetevents+0x76/0x2c0
[  173.877276][T11772]  __x64_sys_io_pgetevents+0x78/0x90
[  173.877310][T11772]  x64_sys_call+0x223e/0x3000
[  173.877351][T11772]  do_syscall_64+0xd2/0x200
[  173.877379][T11772]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  173.877415][T11772]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  173.877455][T11772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.877508][T11772] RIP: 0033:0x7fa2570df6c9
[  173.877596][T11772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.877620][T11772] RSP: 002b:00007fa255b47038 EFLAGS: 00000246 ORIG_RAX: 000000000000014d
[  173.877645][T11772] RAX: ffffffffffffffda RBX: 00007fa257335fa0 RCX: 00007fa2570df6c9
[  173.877657][T11772] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 00007fa257e73000
[  173.877672][T11772] RBP: 00007fa255b47090 R08: 0000200000000080 R09: 0000000000000000
[  173.877700][T11772] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.877716][T11772] R13: 00007fa257336038 R14: 00007fa257335fa0 R15: 00007ffc9e4214b8
[  173.877801][T11772]  </TASK>
[  174.062950][T11775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2704'.
[  174.073035][T11762] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.103630][T11770] loop0: detected capacity change from 0 to 512
[  174.110528][T11770] EXT4-fs: Ignoring removed bh option
[  174.120156][T11770] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  174.129271][T11770] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  174.158207][T11770] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  174.253587][T11770] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  174.266396][T11770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.279923][T11770] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  174.300636][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.383075][T11798] loop4: detected capacity change from 0 to 512
[  174.400357][T11798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.414697][T11798] ext4 filesystem being mounted at /509/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.434414][T11796] syz.0.2712 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  174.447743][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.479415][T11795] loop2: detected capacity change from 0 to 8192
[  174.527030][T11808] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2717'.
[  174.616253][T11815] netlink: 7 bytes leftover after parsing attributes in process `syz.2.2719'.
[  174.637184][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.647344][T11815] netlink: 7 bytes leftover after parsing attributes in process `syz.2.2719'.
[  174.726092][T11821] loop4: detected capacity change from 0 to 512
[  174.745860][T11823] loop2: detected capacity change from 0 to 512
[  174.788216][T11821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.810652][T11823] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.827405][T11821] ext4 filesystem being mounted at /512/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.833326][T11823] ext4 filesystem being mounted at /577/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.870660][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.936553][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.964193][T11830] loop4: detected capacity change from 0 to 128
[  175.005337][T11832] loop2: detected capacity change from 0 to 512
[  175.012171][T11830] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  175.047607][T11830] ext4 filesystem being mounted at /513/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  175.100177][T11836] ip6t_srh: unknown srh match flags  4000
[  175.115173][T11832] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.142085][T11832] ext4 filesystem being mounted at /578/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.265963][T11848] loop2: detected capacity change from 0 to 512
[  175.274826][T11848] EXT4-fs: Ignoring removed nobh option
[  175.286291][T11848] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  175.297847][T11848] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  175.308084][T11848] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.2730: Corrupt directory, running e2fsck is recommended
[  175.325035][T11842] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2724'.
[  175.338015][T11848] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  175.346421][T11848] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2730: corrupted in-inode xattr: invalid ea_ino
[  175.359943][T11848] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2730: couldn't read orphan inode 15 (err -117)
[  175.444355][T11851] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2729'.
[  175.723895][T11868] serio: Serial port ptm0
[  175.768982][T11871] loop0: detected capacity change from 0 to 512
[  175.775549][T11871] EXT4-fs: Ignoring removed bh option
[  175.781850][T11871] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  175.790952][T11871] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  175.809198][T11871] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  175.818741][T11871] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  175.839882][T11876] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2738'.
[  175.850000][T11876] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2738'.
[  175.930913][T11885] ip6t_srh: unknown srh match flags  4000
[  176.553348][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  176.553362][   T29] audit: type=1326 audit(1762621490.760:10535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.589409][   T29] audit: type=1326 audit(1762621490.760:10536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.613142][   T29] audit: type=1326 audit(1762621490.790:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.636810][   T29] audit: type=1326 audit(1762621490.790:10538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.660447][   T29] audit: type=1326 audit(1762621490.790:10539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.684087][   T29] audit: type=1326 audit(1762621490.790:10540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.707703][   T29] audit: type=1326 audit(1762621490.790:10541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.731361][   T29] audit: type=1326 audit(1762621490.790:10542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.754939][   T29] audit: type=1326 audit(1762621490.790:10543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.778510][   T29] audit: type=1326 audit(1762621490.790:10544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11951 comm="syz.4.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f834070f6c9 code=0x7ffc0000
[  176.881509][T11967] loop2: detected capacity change from 0 to 512
[  176.908145][T11967] EXT4-fs: Ignoring removed bh option
[  176.920993][T11967] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  176.930116][T11967] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  176.957619][T11977] netlink: 'syz.4.2751': attribute type 1 has an invalid length.
[  176.965408][T11977] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2751'.
[  176.969267][T11967] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  177.026235][T11967] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  177.137542][T11989] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  177.146012][T11989] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  177.153063][T11996] loop2: detected capacity change from 0 to 512
[  177.165426][T11996] EXT4-fs: Ignoring removed bh option
[  177.165658][T11994] loop1: detected capacity change from 0 to 128
[  177.184025][T11996] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  177.193255][T11996] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  177.210978][T11996] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  177.232940][T11996] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  177.233995][T11994] ext4 filesystem being mounted at /565/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  177.355763][T12019] loop1: detected capacity change from 0 to 1024
[  177.386635][T12019] EXT4-fs: Ignoring removed orlov option
[  177.484130][T12039] loop2: detected capacity change from 0 to 512
[  177.546993][T12050] xt_CT: You must specify a L4 protocol and not use inversions on it
[  177.559811][T12050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2759'.
[  177.571772][T12039] ext4 filesystem being mounted at /590/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.711466][T12059] loop2: detected capacity change from 0 to 512
[  177.718275][T12059] EXT4-fs: Ignoring removed bh option
[  177.731573][T12059] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  177.740735][T12059] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  177.755582][T12059] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  177.804353][T12059] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  177.806563][T12070] loop0: detected capacity change from 0 to 512
[  177.841645][T12070] ext4 filesystem being mounted at /557/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.855676][T12077] loop1: detected capacity change from 0 to 128
[  177.896058][T12077] ext4 filesystem being mounted at /567/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  177.938368][T12084] loop2: detected capacity change from 0 to 128
[  177.970166][T12084] ext4 filesystem being mounted at /592/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  178.090787][T12107] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12107 comm=syz.4.2770
[  178.106827][T12107] serio: Serial port ptm0
[  178.198590][T12119] netlink: 'syz.0.2773': attribute type 1 has an invalid length.
[  178.294158][T12129] loop4: detected capacity change from 0 to 128
[  178.305025][T12130] ip6t_srh: unknown srh match flags  4000
[  178.574182][T12133] netlink: 'syz.3.2778': attribute type 4 has an invalid length.
[  178.595756][T12135] netlink: 'syz.3.2779': attribute type 1 has an invalid length.
[  178.844666][T12152] ip6t_srh: unknown srh match flags  4000
[  178.875603][T12157] loop1: detected capacity change from 0 to 128
[  179.182274][T12169] __nla_validate_parse: 4 callbacks suppressed
[  179.182290][T12169] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2791'.
[  179.224004][T12172] loop4: detected capacity change from 0 to 128
[  179.235508][T12172] ext4 filesystem being mounted at /528/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  179.446491][T12176] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2793'.
[  179.461426][T12176] bond2: option updelay: invalid value (18446744073709531912)
[  179.468941][T12176] bond2: option updelay: allowed values 0 - 2147483647
[  179.476441][T12176] bond2 (unregistering): Released all slaves
[  179.511550][T12180] loop0: detected capacity change from 0 to 256
[  179.607069][T12191] loop0: detected capacity change from 0 to 512
[  179.632173][T12191] ext4 filesystem being mounted at /568/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.682953][T12198] loop2: detected capacity change from 0 to 128
[  179.706673][T12202] loop0: detected capacity change from 0 to 512
[  179.739986][T12202] ext4 filesystem being mounted at /570/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.753185][T12204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2802'.
[  179.773717][T12204] loop3: detected capacity change from 0 to 512
[  179.795233][T12204] EXT4-fs: Ignoring removed bh option
[  179.807019][T12204] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  179.816101][T12204] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  179.825541][T12204] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  179.835073][T12204] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  179.854596][T12213] loop2: detected capacity change from 0 to 512
[  179.861602][T12213] EXT4-fs: Ignoring removed bh option
[  179.878655][T12213] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  179.886571][T12204] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  179.887795][T12213] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  179.907971][T12218] loop0: detected capacity change from 0 to 512
[  179.915125][T12213] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  179.929161][T12213] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  179.941325][T12218] ext4 filesystem being mounted at /571/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.991656][T12225] loop3: detected capacity change from 0 to 512
[  180.011989][T12225] EXT4-fs (loop3): orphan cleanup on readonly fs
[  180.014844][T12234] loop2: detected capacity change from 0 to 512
[  180.025015][T12225] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.2806: bad orphan inode 13
[  180.035302][T12225] ext4_test_bit(bit=12, block=18) = 1
[  180.040814][T12225] is_bad_inode(inode)=0
[  180.043814][T12238] FAULT_INJECTION: forcing a failure.
[  180.043814][T12238] name failslab, interval 1, probability 0, space 0, times 0
[  180.044973][T12225] NEXT_ORPHAN(inode)=2130706432
[  180.044983][T12225] max_ino=32
[  180.044991][T12225] i_nlink=1
[  180.068941][T12238] CPU: 1 UID: 0 PID: 12238 Comm: syz.0.2810 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  180.068972][T12238] Tainted: [W]=WARN
[  180.068978][T12238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  180.068988][T12238] Call Trace:
[  180.068993][T12238]  <TASK>
[  180.068999][T12238]  __dump_stack+0x1d/0x30
[  180.069024][T12238]  dump_stack_lvl+0xe8/0x140
[  180.069064][T12238]  dump_stack+0x15/0x1b
[  180.069085][T12238]  should_fail_ex+0x265/0x280
[  180.069103][T12238]  should_failslab+0x8c/0xb0
[  180.069136][T12238]  __kmalloc_noprof+0xa5/0x570
[  180.069169][T12238]  ? kernfs_fop_write_iter+0xe2/0x300
[  180.069201][T12238]  kernfs_fop_write_iter+0xe2/0x300
[  180.069222][T12238]  ? __import_iovec+0x321/0x540
[  180.069308][T12238]  do_iter_readv_writev+0x4a1/0x540
[  180.069392][T12238]  vfs_writev+0x2df/0x8b0
[  180.069428][T12238]  __x64_sys_pwritev+0xfd/0x1c0
[  180.069466][T12238]  x64_sys_call+0x14f8/0x3000
[  180.069487][T12238]  do_syscall_64+0xd2/0x200
[  180.069505][T12238]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  180.069560][T12238]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  180.069598][T12238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.069762][T12238] RIP: 0033:0x7efff091f6c9
[  180.069776][T12238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.069791][T12238] RSP: 002b:00007effef387038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  180.069807][T12238] RAX: ffffffffffffffda RBX: 00007efff0b75fa0 RCX: 00007efff091f6c9
[  180.069818][T12238] RDX: 0000000000000002 RSI: 0000200000000500 RDI: 0000000000000006
[  180.069882][T12238] RBP: 00007effef387090 R08: 0000000000000002 R09: 0000000000000000
[  180.069893][T12238] R10: 00000000ffffff01 R11: 0000000000000246 R12: 0000000000000001
[  180.069904][T12238] R13: 00007efff0b76038 R14: 00007efff0b75fa0 R15: 00007ffef413e418
[  180.069920][T12238]  </TASK>
[  180.077486][T12225] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  180.135137][T12234] ext4 filesystem being mounted at /598/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.138961][T12225] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  180.324280][T12262] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12262 comm=syz.2.2813
[  180.341300][T12262] serio: Serial port ptm0
[  180.400924][T12276] netlink: 'syz.4.2817': attribute type 1 has an invalid length.
[  180.408800][T12276] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2817'.
[  180.424844][T12277] loop0: detected capacity change from 0 to 1024
[  180.443964][T12277] EXT4-fs: Ignoring removed orlov option
[  180.449705][T12277] EXT4-fs: Ignoring removed orlov option
[  180.458193][T12277] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  180.578039][T12295] loop1: detected capacity change from 0 to 512
[  180.585305][T12295] EXT4-fs: Ignoring removed bh option
[  180.664357][T12296] wg1 speed is unknown, defaulting to 1000
[  180.816370][T12297] wg1 speed is unknown, defaulting to 1000
[  181.539435][T12346] loop4: detected capacity change from 0 to 512
[  181.550994][T12295] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  181.560077][T12295] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  182.394972][T12295] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  182.412526][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  182.412553][   T29] audit: type=1400 audit(1762621496.620:10814): avc:  denied  { create } for  pid=12274 comm="syz.0.2816" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  182.463343][T12295] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  182.464024][   T29] audit: type=1400 audit(1762621496.670:10815): avc:  denied  { mounton } for  pid=12358 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  182.493142][   T29] audit: type=1400 audit(1762621496.670:10816): avc:  denied  { remove_name } for  pid=12274 comm="syz.0.2816" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  182.537389][   T29] audit: type=1400 audit(1762621496.670:10817): avc:  denied  { unlink } for  pid=12274 comm="syz.0.2816" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  182.556120][T12346] ext4 filesystem being mounted at /531/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  182.615803][T12346] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2819: corrupted inode contents
[  182.629681][T12346] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2819: mark_inode_dirty error
[  182.643262][T12346] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2819: corrupted inode contents
[  182.676397][T12378] loop1: detected capacity change from 0 to 128
[  182.684502][T12346] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2819: corrupted inode contents
[  182.700416][T12378] ext4 filesystem being mounted at /577/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  182.724914][T12346] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2819: mark_inode_dirty error
[  182.744974][   T29] audit: type=1326 audit(1762621496.950:10818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12369 comm="syz.0.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  182.756180][T12346] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2819: corrupted inode contents
[  182.768621][   T29] audit: type=1326 audit(1762621496.950:10819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12369 comm="syz.0.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  182.780468][T12346] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2819: mark_inode_dirty error
[  182.803889][   T29] audit: type=1326 audit(1762621496.950:10820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12369 comm="syz.0.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efff091df10 code=0x7ffc0000
[  182.804992][   T29] audit: type=1326 audit(1762621496.950:10821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12369 comm="syz.0.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  182.816926][T12346] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2819: corrupted inode contents
[  182.838656][   T29] audit: type=1326 audit(1762621496.950:10822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12369 comm="syz.0.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  182.838681][   T29] audit: type=1326 audit(1762621496.950:10823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12369 comm="syz.0.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  182.864402][T12346] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2819: mark_inode_dirty error
[  182.998681][T12358] wg1 speed is unknown, defaulting to 1000
[  183.009752][   T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.061820][   T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.120860][   T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.162434][   T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.176171][T12358] chnl_net:caif_netlink_parms(): no params data found
[  183.207204][T12458] wg1 speed is unknown, defaulting to 1000
[  183.231025][T12358] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.238162][T12358] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.245521][T12358] bridge_slave_0: entered allmulticast mode
[  183.252425][T12358] bridge_slave_0: entered promiscuous mode
[  183.262660][T12358] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.269771][T12358] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.276919][T12358] bridge_slave_1: entered allmulticast mode
[  183.283419][T12358] bridge_slave_1: entered promiscuous mode
[  183.313028][T12358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  183.334666][T12358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.366687][T12358] team0: Port device team_slave_0 added
[  183.373368][T12358] team0: Port device team_slave_1 added
[  183.480246][   T52] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.489699][   T52] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.499144][   T52] .` (unregistering): Released all slaves
[  183.514193][   T52] bond1 (unregistering): Released all slaves
[  183.523156][   T52] bond0 (unregistering): Released all slaves
[  183.549394][   T52] bond2 (unregistering): Released all slaves
[  183.584222][   T52] bond3 (unregistering): Released all slaves
[  183.607840][T12358] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.611563][T12675] loop4: detected capacity change from 0 to 128
[  183.614789][T12358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  183.647107][T12358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.661727][T12358] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.668823][T12358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  183.694749][T12358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.737757][   T52] tipc: Disabling bearer <udp:syz2>
[  183.743215][   T52] tipc: Left network mode
[  183.783775][T12703] loop0: detected capacity change from 0 to 512
[  183.808001][T12703] ext4 filesystem being mounted at /579/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.820383][T12723] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12723 comm=syz.3.2833
[  183.836247][T12358] hsr_slave_0: entered promiscuous mode
[  183.852570][T12358] hsr_slave_1: entered promiscuous mode
[  183.861401][T12358] debugfs: 'hsr0' already exists in 'hsr'
[  183.867129][T12358] Cannot create hsr debugfs directory
[  183.908543][T12723] serio: Serial port ptm0
[  183.929904][   T52] hsr_slave_0: left promiscuous mode
[  183.959200][   T52] hsr_slave_1: left promiscuous mode
[  183.960092][T12752] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2834'.
[  183.965003][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.980912][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.991453][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.998986][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.014901][   T52] veth1_macvtap: left promiscuous mode
[  184.020870][   T52] veth0_macvtap: left promiscuous mode
[  184.032396][T12761] loop0: detected capacity change from 0 to 128
[  184.087877][T12761] ext4 filesystem being mounted at /581/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  184.160472][T12773] bond8: entered promiscuous mode
[  184.165582][T12773] bond8: entered allmulticast mode
[  184.170874][T12773] 8021q: adding VLAN 0 to HW filter on device bond8
[  184.186925][T12773] bond8 (unregistering): Released all slaves
[  184.311803][T12904] loop0: detected capacity change from 0 to 512
[  184.331184][T12904] ext4 filesystem being mounted at /582/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.563787][T12358] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  184.579492][T12358] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  184.591242][T12358] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  184.615273][T12980] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2845'.
[  184.654905][T12358] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  184.675870][T12988] loop1: detected capacity change from 0 to 512
[  184.692466][T12988] ext4 filesystem being mounted at /580/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.709226][T12985] netlink: 'syz.0.2847': attribute type 1 has an invalid length.
[  184.716971][T12985] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2847'.
[  184.741038][T13001] loop4: detected capacity change from 0 to 512
[  184.782485][T13001] ext4 filesystem being mounted at /540/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.837477][T12358] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.863056][T12358] 8021q: adding VLAN 0 to HW filter on device team0
[  184.900219][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.907292][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.936005][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.943159][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.959531][T13039] loop0: detected capacity change from 0 to 512
[  184.970868][T12358] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  184.981282][T12358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  185.029044][T13039] EXT4-fs: Ignoring removed bh option
[  185.041566][T13039] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  185.050693][T13039] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  185.078877][T13039] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  185.106645][T13039] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  185.130007][T12358] 8021q: adding VLAN 0 to HW filter on device batadv0
[  185.159901][T13051] loop3: detected capacity change from 0 to 128
[  185.238538][T12358] veth0_vlan: entered promiscuous mode
[  185.251910][T12358] veth1_vlan: entered promiscuous mode
[  185.284993][T12358] veth0_macvtap: entered promiscuous mode
[  185.319666][T12358] veth1_macvtap: entered promiscuous mode
[  185.339670][T12358] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.352101][T12358] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.362718][   T57] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.382962][   T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.408320][   T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.442483][T13076] netlink: 'syz.2.2820': attribute type 4 has an invalid length.
[  185.445104][   T52] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.450242][T13076] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2820'.
[  185.472768][T13076] .`: renamed from bond0 (while UP)
[  185.534534][T13083] loop0: detected capacity change from 0 to 512
[  185.549361][T13083] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #18: comm syz.0.2857: iget: bad extra_isize 90 (inode size 256)
[  185.569921][T13083] EXT4-fs (loop0): Remounting filesystem read-only
[  185.576666][T13083] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -30)
[  185.587830][T13083] EXT4-fs (loop0): 1 orphan inode deleted
[  185.685412][T13101] netlink: 'syz.0.2857': attribute type 1 has an invalid length.
[  185.725305][T13101] 8021q: adding VLAN 0 to HW filter on device bond2
[  185.772100][T13145] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2864'.
[  185.933204][T13166] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13166 comm=syz.1.2869
[  185.956642][T13166] serio: Serial port ptm0
[  186.046123][T13179] netlink: 'syz.2.2871': attribute type 1 has an invalid length.
[  186.053964][T13179] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2871'.
[  186.209390][T13202] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2877'.
[  186.279539][T13207] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  186.287766][T13207] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  186.346501][T13211] loop2: detected capacity change from 0 to 128
[  186.474447][T13230] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13230 comm=syz.2.2883
[  186.499674][T13230] serio: Serial port ptm0
[  186.651998][T13258] 9pnet_fd: Insufficient options for proto=fd
[  186.732254][T13271] loop0: detected capacity change from 0 to 128
[  186.757928][T13275] netlink: 'syz.4.2894': attribute type 1 has an invalid length.
[  186.765675][T13275] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2894'.
[  186.838032][T13283] loop0: detected capacity change from 0 to 512
[  186.896518][T13283] ext4 filesystem being mounted at /594/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.956676][T13305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2897'.
[  187.043875][T13316] loop2: detected capacity change from 0 to 512
[  187.092431][T13316] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.098231][T13327] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13327 comm=syz.0.2901
[  187.187081][T13326] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2902'.
[  187.251261][T13347] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2905'.
[  187.290026][T13353] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  187.298427][T13353] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  187.328626][T13349] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  187.336826][T13349] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  187.418000][   T29] kauditd_printk_skb: 566 callbacks suppressed
[  187.418015][   T29] audit: type=1326 audit(1762621501.630:11390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.477784][   T29] audit: type=1326 audit(1762621501.660:11391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.501373][   T29] audit: type=1326 audit(1762621501.670:11392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.525006][   T29] audit: type=1326 audit(1762621501.680:11393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.623013][   T29] audit: type=1326 audit(1762621501.750:11394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.646681][   T29] audit: type=1326 audit(1762621501.780:11395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.670299][   T29] audit: type=1326 audit(1762621501.790:11396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.694061][   T29] audit: type=1326 audit(1762621501.800:11397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.717661][   T29] audit: type=1326 audit(1762621501.810:11398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.741220][   T29] audit: type=1326 audit(1762621501.820:11399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13336 comm="syz.0.2903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7efff091f6c9 code=0x7ffc0000
[  187.819468][T13378] netlink: 'syz.4.2914': attribute type 1 has an invalid length.
[  187.833535][T13372] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13372 comm=syz.2.2913
[  187.872049][T13372] serio: Serial port ptm0
[  187.876958][T13389] veth1_to_batadv: entered promiscuous mode
[  187.884310][T13389] batadv_slave_0: entered promiscuous mode
[  187.893106][T13389] hsr1: entered promiscuous mode
[  187.971114][T13402] loop4: detected capacity change from 0 to 128
[  188.138399][T13426] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  188.146695][T13426] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  188.179347][T13430] loop0: detected capacity change from 0 to 512
[  188.207849][T13430] ext4 filesystem being mounted at /600/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.350872][T13407] wg1 speed is unknown, defaulting to 1000
[  188.379140][T13450] loop2: detected capacity change from 0 to 2048
[  188.391630][T13453] netlink: 'syz.0.2925': attribute type 1 has an invalid length.
[  188.534140][T13475] loop0: detected capacity change from 0 to 128
[  188.621419][T13475] ext4 filesystem being mounted at /603/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  188.833622][T13407] chnl_net:caif_netlink_parms(): no params data found
[  188.988017][ T3444] Bluetooth: hci0: Frame reassembly failed (-90)
[  189.231510][T13605] ip6t_srh: unknown srh match flags  4000
[  189.265743][T13407] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.272943][T13407] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.280144][T13407] bridge_slave_0: entered allmulticast mode
[  189.286528][T13407] bridge_slave_0: entered promiscuous mode
[  189.293301][T13407] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.300469][T13407] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.307921][T13407] bridge_slave_1: entered allmulticast mode
[  189.314419][T13407] bridge_slave_1: entered promiscuous mode
[  189.336412][T13407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.346833][T13407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.371027][T13407] team0: Port device team_slave_0 added
[  189.378136][T13407] team0: Port device team_slave_1 added
[  189.397908][T13407] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.404852][T13407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  189.430891][T13407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.442437][T13407] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.449487][T13407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  189.475455][T13407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.511709][T13745] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13745 comm=syz.2.2934
[  189.512472][T13407] hsr_slave_0: entered promiscuous mode
[  189.529563][T13745] serio: Serial port ptm1
[  189.530692][T13407] hsr_slave_1: entered promiscuous mode
[  189.540136][T13407] debugfs: 'hsr0' already exists in 'hsr'
[  189.545861][T13407] Cannot create hsr debugfs directory
[  189.603207][T13407] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.650351][T13407] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.704141][T13407] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.746238][T13407] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.747250][T13830] loop0: detected capacity change from 0 to 128
[  189.767495][T13830] ext4 filesystem being mounted at /607/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  189.857299][T13407] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  189.866309][T13407] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  189.878616][T13407] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  189.888763][T13407] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  189.903558][T13407] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.910679][T13407] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.918014][T13407] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.925060][T13407] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.951570][T13407] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.961913][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.969778][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.982859][T13407] 8021q: adding VLAN 0 to HW filter on device team0
[  189.992486][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.999556][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.013021][ T3444] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.020087][ T3444] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.049182][T13872] loop4: detected capacity change from 0 to 128
[  190.066549][T13872] ext4 filesystem being mounted at /557/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  190.102057][T13407] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.202330][T13407] veth0_vlan: entered promiscuous mode
[  190.210749][T13407] veth1_vlan: entered promiscuous mode
[  190.227213][T13407] veth0_macvtap: entered promiscuous mode
[  190.238401][T13407] veth1_macvtap: entered promiscuous mode
[  190.253194][T13407] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.272348][T13407] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.283847][ T2663] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.302990][ T2663] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.317504][ T2663] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.326785][ T2663] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.361607][T13911] loop1: detected capacity change from 0 to 128
[  190.476900][T13917] netlink: 'syz.2.2948': attribute type 1 has an invalid length.
[  190.484788][T13917] __nla_validate_parse: 4 callbacks suppressed
[  190.484800][T13917] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2948'.
[  190.726071][T13943] wg1 speed is unknown, defaulting to 1000
[  190.754848][T13957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2954'.
[  190.765042][T13957] netlink: 'syz.2.2954': attribute type 1 has an invalid length.
[  190.772815][T13957] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2954'.
[  190.855987][T13943] chnl_net:caif_netlink_parms(): no params data found
[  190.907972][ T3492] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  190.922972][T13943] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.930175][T13943] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.938753][T13943] bridge_slave_0: entered allmulticast mode
[  190.945358][T13943] bridge_slave_0: entered promiscuous mode
[  190.953189][T13943] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.960277][T13943] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.967746][T13943] bridge_slave_1: entered allmulticast mode
[  190.974334][T13943] bridge_slave_1: entered promiscuous mode
[  191.001752][T13943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.022614][T13943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.041663][T14170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14170 comm=syz.3.2958
[  191.063432][T14170] serio: Serial port ptm0
[  191.069766][T13943] team0: Port device team_slave_0 added
[  191.078430][T13943] team0: Port device team_slave_1 added
[  191.104774][   T57] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.115241][   T57] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.124446][   T57] .` (unregistering): Released all slaves
[  191.134547][   T57] bond0 (unregistering): Released all slaves
[  191.143511][   T57] bond1 (unregistering): Released all slaves
[  191.152918][   T57] bond2 (unregistering): Released all slaves
[  191.190342][T13943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.197286][T13943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  191.201741][T14231] loop4: detected capacity change from 0 to 128
[  191.223229][T13943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.262988][T14231] ext4 filesystem being mounted at /562/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  191.277176][T13943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.284159][T13943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  191.310154][T13943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.346438][T14241] netlink: 'syz.1.2960': attribute type 1 has an invalid length.
[  191.354303][T14241] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2960'.
[  191.404086][   T57] hsr_slave_0: left promiscuous mode
[  191.414071][   T57] hsr_slave_1: left promiscuous mode
[  191.462565][T14257] SELinux: ebitmap: truncated map
[  191.481956][T14257] SELinux: failed to load policy
[  191.488906][T14257] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2962'.
[  191.535733][   T57] team0 (unregistering): Port device team_slave_1 removed
[  191.550106][   T57] team0 (unregistering): Port device team_slave_0 removed
[  191.646024][T13943] hsr_slave_0: entered promiscuous mode
[  191.653006][T13943] hsr_slave_1: entered promiscuous mode
[  191.669705][T13943] debugfs: 'hsr0' already exists in 'hsr'
[  191.675445][T13943] Cannot create hsr debugfs directory
[  191.833161][T14360] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  191.841406][T14360] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  191.926105][T14309] wg1 speed is unknown, defaulting to 1000
[  192.147049][T13943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  192.162833][T13943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  192.172079][T13943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  192.182206][T13943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  192.224912][T14457] netlink: 'syz.4.2970': attribute type 1 has an invalid length.
[  192.232806][T14457] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2970'.
[  192.332253][T14485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14485 comm=syz.1.2971
[  192.355094][T14485] serio: Serial port ptm0
[  192.400128][T13943] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.409151][T14494] loop4: detected capacity change from 0 to 512
[  192.433643][   T29] kauditd_printk_skb: 1018 callbacks suppressed
[  192.433656][   T29] audit: type=1326 audit(1762621506.640:12418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14304 comm="syz.3.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa257111f85 code=0x7ffc0000
[  192.466444][T14494] ext4 filesystem being mounted at /566/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.471428][T13943] 8021q: adding VLAN 0 to HW filter on device team0
[  192.510270][   T29] audit: type=1326 audit(1762621506.680:12419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14304 comm="syz.3.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa257111f85 code=0x7ffc0000
[  192.533953][   T29] audit: type=1326 audit(1762621506.690:12420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14304 comm="syz.3.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa2570df6c9 code=0x7ffc0000
[  192.557537][   T29] audit: type=1326 audit(1762621506.700:12421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14304 comm="syz.3.2965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa2570df6c9 code=0x7ffc0000
[  192.611399][T14492] wg1 speed is unknown, defaulting to 1000
[  192.635729][  T381] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.642883][  T381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.669552][  T381] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.676618][  T381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.687035][T14517] loop1: detected capacity change from 0 to 512
[  192.717590][T13943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  192.738685][T14517] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.758667][T14507] loop3: detected capacity change from 0 to 512
[  192.777964][T14507] EXT4-fs: Ignoring removed nobh option
[  192.837129][T14507] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  192.848703][T14507] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[  192.859102][T14507] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.2975: Corrupt directory, running e2fsck is recommended
[  192.887127][T14507] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  192.896269][T14507] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.2975: corrupted in-inode xattr: invalid ea_ino
[  192.900681][T13943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.060731][T14586] loop2: detected capacity change from 0 to 512
[  193.072109][T14507] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2975: couldn't read orphan inode 15 (err -117)
[  193.126261][T13943] veth0_vlan: entered promiscuous mode
[  193.143110][T14586] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.174424][T13943] veth1_vlan: entered promiscuous mode
[  193.187214][T13943] veth0_macvtap: entered promiscuous mode
[  193.198491][T13943] veth1_macvtap: entered promiscuous mode
[  193.210645][T13943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.219853][T13943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.231737][ T2663] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.310115][ T2663] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.341211][ T2663] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.388546][ T2663] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.433743][T14625] loop0: detected capacity change from 0 to 128
[  193.435655][T14602] wg1 speed is unknown, defaulting to 1000
[  193.510892][T14634] loop4: detected capacity change from 0 to 512
[  193.585301][T14634] ext4 filesystem being mounted at /569/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.773309][T14683] loop1: detected capacity change from 0 to 512
[  193.786471][T14689] ip6t_srh: unknown srh match flags  4000
[  193.799550][T14683] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #18: comm syz.1.2994: iget: bad extra_isize 90 (inode size 256)
[  193.822760][T14683] EXT4-fs (loop1): Remounting filesystem read-only
[  193.829481][T14683] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -30)
[  193.838933][T14683] EXT4-fs (loop1): 1 orphan inode deleted
[  193.844925][T14685] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2992'.
[  193.851346][T14695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14695 comm=syz.0.2996
[  193.871174][T14685] loop3: detected capacity change from 0 to 512
[  193.884763][T14685] EXT4-fs: Ignoring removed bh option
[  193.892075][T14685] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  193.893868][T14701] ip6t_srh: unknown srh match flags  4000
[  193.901159][T14685] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  193.907840][T14704] netlink: 'syz.1.2994': attribute type 1 has an invalid length.
[  193.921527][T14685] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  193.932111][T14685] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  193.942165][T14685] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  194.009822][T14710] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  194.018091][T14710] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  194.047411][T14713] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  194.055647][T14713] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  194.096485][T14721] loop3: detected capacity change from 0 to 512
[  194.131952][T14721] ext4 filesystem being mounted at /557/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.148273][T14725] loop0: detected capacity change from 0 to 512
[  194.191613][T14725] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #18: comm syz.0.3001: iget: bad extra_isize 90 (inode size 256)
[  194.205655][T14725] EXT4-fs (loop0): Remounting filesystem read-only
[  194.217721][T14725] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -30)
[  194.226825][T14725] EXT4-fs (loop0): 1 orphan inode deleted
[  194.288323][T14745] netlink: 'syz.0.3001': attribute type 1 has an invalid length.
[  194.351026][T14755] loop3: detected capacity change from 0 to 512
[  194.360912][T14755] EXT4-fs: Ignoring removed nobh option
[  194.379249][T14755] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  194.390757][T14755] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[  194.400964][T14755] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3007: Corrupt directory, running e2fsck is recommended
[  194.420517][T14755] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  194.428932][T14760] loop1: detected capacity change from 0 to 2048
[  194.430704][T14755] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.3007: corrupted in-inode xattr: invalid ea_ino
[  194.448948][T14755] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3007: couldn't read orphan inode 15 (err -117)
[  194.486561][T14768] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  194.494836][T14768] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  194.545953][T14775] loop1: detected capacity change from 0 to 512
[  194.558738][T14777] netlink: 'syz.0.3011': attribute type 1 has an invalid length.
[  194.559494][   T29] audit: type=1326 audit(1762621508.760:12422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14776 comm="syz.0.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f400932f6c9 code=0x7ffc0000
[  194.566499][T14777] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3011'.
[  194.590242][   T29] audit: type=1326 audit(1762621508.760:12423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14776 comm="syz.0.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f400932f6c9 code=0x7ffc0000
[  194.622943][   T29] audit: type=1326 audit(1762621508.760:12424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14776 comm="syz.0.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f400932f6c9 code=0x7ffc0000
[  194.646550][   T29] audit: type=1326 audit(1762621508.760:12425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14776 comm="syz.0.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f400932f6c9 code=0x7ffc0000
[  194.670259][   T29] audit: type=1326 audit(1762621508.760:12426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14776 comm="syz.0.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f400932f6c9 code=0x7ffc0000
[  194.694082][   T29] audit: type=1326 audit(1762621508.760:12427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14776 comm="syz.0.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f400932f6c9 code=0x7ffc0000
[  194.735999][T14775] ext4: Unknown parameter 'fowner<00000000000000000000'
[  194.803717][T14789] loop2: detected capacity change from 0 to 512
[  194.805877][T14775] unsupported nla_type 52263
[  194.848113][T14789] EXT4-fs mount: 99 callbacks suppressed
[  194.848127][T14789] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.866604][T14789] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.914607][T12358] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.969707][T14823] loop2: detected capacity change from 0 to 128
[  194.990039][T14812] wg1 speed is unknown, defaulting to 1000
[  195.045553][T14834] loop1: detected capacity change from 0 to 512
[  195.066027][T14834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.085181][T14834] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.134632][T13407] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.214351][T14865] loop1: detected capacity change from 0 to 164
[  195.222422][T14865] iso9660: Unknown parameter 'nocompresh'
[  195.231232][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.325882][T14877] ip6t_srh: unknown srh match flags  4000
[  195.366515][T14878] ip6t_srh: unknown srh match flags  4000
[  195.671079][T14882] wg1 speed is unknown, defaulting to 1000
[  195.927555][T14910] loop4: detected capacity change from 0 to 512
[  195.941753][T14910] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.954540][T14910] ext4 filesystem being mounted at /574/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.004613][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.101157][T14936] tipc: Started in network mode
[  196.106142][T14936] tipc: Node identity ac14140f, cluster identity 4711
[  196.136334][T14936] tipc: New replicast peer: 255.255.255.83
[  196.142431][T14936] tipc: Enabled bearer <udp:q>, priority 10
[  196.175000][T14940] loop3: detected capacity change from 0 to 512
[  196.181847][T14940] EXT4-fs: Ignoring removed nobh option
[  196.191137][T14940] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  196.202666][T14940] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[  196.212773][T14940] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3033: Corrupt directory, running e2fsck is recommended
[  196.238892][T14940] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  196.261755][T14934] wg1 speed is unknown, defaulting to 1000
[  196.270442][T14940] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.3033: corrupted in-inode xattr: invalid ea_ino
[  196.299752][T14954] loop2: detected capacity change from 0 to 2048
[  196.307668][T14940] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3033: couldn't read orphan inode 15 (err -117)
[  196.335710][T14959] netlink: 'syz.4.3036': attribute type 1 has an invalid length.
[  196.343655][T14959] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3036'.
[  196.363902][T14940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.394652][T14954] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.581110][T14999] loop4: detected capacity change from 0 to 512
[  196.598414][T12358] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.610710][T14999] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.631483][T14999] ext4 filesystem being mounted at /578/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.686116][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.725172][T15018] loop1: detected capacity change from 0 to 512
[  196.742691][T15018] ext4: Unknown parameter 'fowner<00000000000000000000'
[  196.829008][T15043] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15043 comm=syz.2.3047
[  196.852050][T15043] serio: Serial port ptm0
[  196.956861][T15057] loop0: detected capacity change from 0 to 2048
[  196.969668][T15057] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.016897][T15064] netlink: 'syz.1.3051': attribute type 12 has an invalid length.
[  197.058756][T15067] loop2: detected capacity change from 0 to 512
[  197.076616][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.101303][T15067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.121510][T15067] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.153863][T15075] loop1: detected capacity change from 0 to 2048
[  197.182116][T12358] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.192916][T15075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.223941][T15087] loop2: detected capacity change from 0 to 512
[  197.255130][T15087] EXT4-fs (loop2): orphan cleanup on readonly fs
[  197.257701][   T10] tipc: Node number set to 2886997007
[  197.268730][T13407] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.278288][T15087] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3055: bg 0: block 248: padding at end of block bitmap is not set
[  197.310150][T15087] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3055: Failed to acquire dquot type 1
[  197.322082][T15087] EXT4-fs (loop2): 1 truncate cleaned up
[  197.351964][T15087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  197.393483][T15102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15102 comm=syz.1.3057
[  197.411510][T15102] serio: Serial port ptm0
[  197.424620][T15105] loop3: detected capacity change from 0 to 128
[  197.445510][T15087] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  197.456025][T15105] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.469458][T15105] ext4 filesystem being mounted at /566/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  197.505388][T15087] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  197.514062][T15087] ext4 filesystem being remounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  197.535908][   T29] kauditd_printk_skb: 192 callbacks suppressed
[  197.535922][   T29] audit: type=1326 audit(1762621511.740:12618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.575260][   T29] audit: type=1326 audit(1762621511.780:12619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.642064][   T29] audit: type=1326 audit(1762621511.810:12620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.665872][   T29] audit: type=1326 audit(1762621511.810:12621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.689700][   T29] audit: type=1326 audit(1762621511.810:12622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.713378][   T29] audit: type=1326 audit(1762621511.810:12623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.727293][T15116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3059'.
[  197.737092][   T29] audit: type=1326 audit(1762621511.810:12624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.769545][   T29] audit: type=1326 audit(1762621511.810:12625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.793079][   T29] audit: type=1326 audit(1762621511.810:12626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.816659][   T29] audit: type=1326 audit(1762621511.810:12627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15086 comm="syz.2.3055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ac7af6c9 code=0x7ffc0000
[  197.862306][T15116] loop1: detected capacity change from 0 to 1024
[  197.935910][T15122] wg1 speed is unknown, defaulting to 1000
[  197.948386][T15116] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.026958][T13943] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.037139][T12358] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.104966][T15153] wg1 speed is unknown, defaulting to 1000
[  198.187583][T15185] loop4: detected capacity change from 0 to 512
[  198.194504][T15185] EXT4-fs: Ignoring removed nobh option
[  198.202753][T15185] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  198.214371][T15185] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  198.224549][T15185] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.3063: Corrupt directory, running e2fsck is recommended
[  198.238292][T15185] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  198.246551][T15185] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.3063: corrupted in-inode xattr: invalid ea_ino
[  198.260098][T15185] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3063: couldn't read orphan inode 15 (err -117)
[  198.272925][T15185] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.536766][T15199] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  198.545080][T15199] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  198.657229][T13407] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.684417][T15210] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15210 comm=syz.1.3069
[  198.702206][T15210] serio: Serial port ptm0
[  198.746103][T15215] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3070'.
[  198.755940][T15215] bridge_slave_1: left allmulticast mode
[  198.761752][T15215] bridge_slave_1: left promiscuous mode
[  198.767484][T15215] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.775347][T15215] bridge_slave_0: left allmulticast mode
[  198.781106][T15215] bridge_slave_0: left promiscuous mode
[  198.786827][T15215] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.800266][T15216] loop0: detected capacity change from 0 to 512
[  198.807168][T15216] EXT4-fs: Ignoring removed bh option
[  198.813245][T15216] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  198.822328][T15216] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  198.831406][T15216] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  198.841083][T15216] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  198.849672][T15216] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.863829][T15216] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  198.923028][T15225] loop1: detected capacity change from 0 to 512
[  198.930032][T13943] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.930201][T15225] ext4: Unknown parameter 'fowner<00000000000000000000'
[  199.118336][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.140554][T15248] loop0: detected capacity change from 0 to 2048
[  199.164278][T15248] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.183622][T15259] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  199.191925][T15259] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  199.239227][T15262] loop1: detected capacity change from 0 to 512
[  199.289522][T15262] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.305177][T15262] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.321649][T15273] loop2: detected capacity change from 0 to 512
[  199.358833][T15273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.377818][T15273] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.428604][T13407] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.442117][T12358] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.477299][T15287] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15287 comm=syz.1.3082
[  199.503286][T15287] serio: Serial port ptm0
[  200.071097][T13943] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.094923][T15314] loop0: detected capacity change from 0 to 512
[  200.105203][T15314] EXT4-fs: Ignoring removed nobh option
[  200.117646][T15314] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  200.129175][T15314] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[  200.139277][T15314] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.3088: Corrupt directory, running e2fsck is recommended
[  200.157987][T15314] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  200.166278][T15314] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.3088: corrupted in-inode xattr: invalid ea_ino
[  200.181869][T15314] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.3088: couldn't read orphan inode 15 (err -117)
[  200.194752][T15314] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.355119][T15289] syz.4.3085 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  200.369278][T15289] CPU: 0 UID: 0 PID: 15289 Comm: syz.4.3085 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  200.369413][T15289] Tainted: [W]=WARN
[  200.369422][T15289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  200.369438][T15289] Call Trace:
[  200.369446][T15289]  <TASK>
[  200.369454][T15289]  __dump_stack+0x1d/0x30
[  200.369475][T15289]  dump_stack_lvl+0xe8/0x140
[  200.369497][T15289]  dump_stack+0x15/0x1b
[  200.369520][T15289]  dump_header+0x81/0x220
[  200.369544][T15289]  oom_kill_process+0x342/0x400
[  200.369585][T15289]  out_of_memory+0x979/0xb80
[  200.369702][T15289]  try_charge_memcg+0x610/0xa10
[  200.369741][T15289]  obj_cgroup_charge_pages+0xa6/0x150
[  200.369770][T15289]  __memcg_kmem_charge_page+0x9f/0x170
[  200.369798][T15289]  __alloc_frozen_pages_noprof+0x188/0x360
[  200.369891][T15289]  alloc_pages_mpol+0xb3/0x260
[  200.369921][T15289]  alloc_pages_noprof+0x90/0x130
[  200.369949][T15289]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  200.370007][T15289]  __kvmalloc_node_noprof+0x483/0x670
[  200.370072][T15289]  ? ip_set_alloc+0x24/0x30
[  200.370113][T15289]  ? ip_set_alloc+0x24/0x30
[  200.370194][T15289]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  200.370242][T15289]  ip_set_alloc+0x24/0x30
[  200.370276][T15289]  hash_netiface_create+0x282/0x740
[  200.370387][T15289]  ? __pfx_hash_netiface_create+0x10/0x10
[  200.370427][T15289]  ip_set_create+0x3cc/0x970
[  200.370461][T15289]  ? __nla_parse+0x40/0x60
[  200.370491][T15289]  nfnetlink_rcv_msg+0x4c6/0x590
[  200.370549][T15289]  netlink_rcv_skb+0x123/0x220
[  200.370591][T15289]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  200.370678][T15289]  nfnetlink_rcv+0x167/0x16c0
[  200.370741][T15289]  ? kmem_cache_free+0xe4/0x3d0
[  200.370784][T15289]  ? __kfree_skb+0x109/0x150
[  200.370875][T15289]  ? nlmon_xmit+0x4f/0x60
[  200.370966][T15289]  ? consume_skb+0x49/0x150
[  200.371001][T15289]  ? nlmon_xmit+0x4f/0x60
[  200.371028][T15289]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  200.371067][T15289]  ? __dev_queue_xmit+0x1200/0x2000
[  200.371108][T15289]  ? __dev_queue_xmit+0x182/0x2000
[  200.371126][T15289]  ? ref_tracker_free+0x37d/0x3e0
[  200.371244][T15289]  ? __netlink_deliver_tap+0x4dc/0x500
[  200.371345][T15289]  netlink_unicast+0x5c0/0x690
[  200.371422][T15289]  netlink_sendmsg+0x58b/0x6b0
[  200.371441][T15289]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.371458][T15289]  __sock_sendmsg+0x145/0x180
[  200.371493][T15289]  ____sys_sendmsg+0x31e/0x4e0
[  200.371569][T15289]  ___sys_sendmsg+0x17b/0x1d0
[  200.371610][T15289]  __x64_sys_sendmsg+0xd4/0x160
[  200.371636][T15289]  x64_sys_call+0x191e/0x3000
[  200.371713][T15289]  do_syscall_64+0xd2/0x200
[  200.371731][T15289]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  200.371766][T15289]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  200.371849][T15289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.371897][T15289] RIP: 0033:0x7f834070f6c9
[  200.371909][T15289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.371924][T15289] RSP: 002b:00007f833f177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.371957][T15289] RAX: ffffffffffffffda RBX: 00007f8340965fa0 RCX: 00007f834070f6c9
[  200.371969][T15289] RDX: 00000000000088a4 RSI: 00002000000008c0 RDI: 0000000000000003
[  200.371979][T15289] RBP: 00007f8340791f91 R08: 0000000000000000 R09: 0000000000000000
[  200.371989][T15289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  200.371998][T15289] R13: 00007f8340966038 R14: 00007f8340965fa0 R15: 00007ffff59650a8
[  200.372015][T15289]  </TASK>
[  200.372020][T15289] memory: usage 307188kB, limit 307200kB, failcnt 6080
[  200.687584][T15323] netlink: 'syz.1.3090': attribute type 12 has an invalid length.
[  200.690095][T15289] memory+swap: usage 307580kB, limit 9007199254740988kB, failcnt 0
[  200.739878][T15289] kmem: usage 307136kB, limit 9007199254740988kB, failcnt 0
[  200.743477][T15327] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  200.747164][T15289] Memory cgroup stats for /syz4
[  200.755387][T15327] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  200.755509][T15289] :
[  200.762467][ T3313] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.781349][T15289] cache 4096
[  200.784557][T15289] rss 4096
[  200.787577][T15289] shmem 0
[  200.790623][T15289] mapped_file 4096
[  200.794464][T15289] dirty 0
[  200.797404][T15289] writeback 0
[  200.800795][T15289] workingset_refault_anon 799
[  200.805472][T15289] workingset_refault_file 5422
[  200.810265][T15289] swap 401408
[  200.812356][T15329] loop1: detected capacity change from 0 to 512
[  200.813544][T15289] swapcached 12288
[  200.813554][T15289] pgpgin 265754
[  200.813563][T15289] pgpgout 265741
[  200.830582][T15289] pgfault 298024
[  200.834177][T15289] pgmajfault 537
[  200.837775][T15289] inactive_anon 8192
[  200.841667][T15289] active_anon 4096
[  200.844120][T15329] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.845386][T15289] inactive_file 40960
[  200.858056][T15329] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.861941][T15289] active_file 0
[  200.861951][T15289] unevictable 0
[  200.861960][T15289] hierarchical_memory_limit 314572800
[  200.884714][T15289] hierarchical_memsw_limit 9223372036854771712
[  200.890944][T15289] total_cache 4096
[  200.894663][T15289] total_rss 4096
[  200.898374][T15289] total_shmem 0
[  200.901825][T15289] total_mapped_file 4096
[  200.906135][T15289] total_dirty 0
[  200.909712][T15289] total_writeback 0
[  200.913508][T15289] total_workingset_refault_anon 799
[  200.918752][T15289] total_workingset_refault_file 5422
[  200.924113][T15289] total_swap 401408
[  200.927967][T15289] total_swapcached 12288
[  200.932360][T15289] total_pgpgin 265754
[  200.936541][T15289] total_pgpgout 265741
[  200.940619][T15289] total_pgfault 298024
[  200.944688][T15289] total_pgmajfault 537
[  200.948893][T15289] total_inactive_anon 8192
[  200.953362][T15289] total_active_anon 4096
[  200.957652][T15289] total_inactive_file 40960
[  200.962188][T15289] total_active_file 0
[  200.966156][T15289] total_unevictable 0
[  200.970152][T15289] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.3085,pid=15288,uid=0
[  200.984827][T15289] Memory cgroup out of memory: Killed process 15288 (syz.4.3085) total-vm:96136kB, anon-rss:1140kB, file-rss:22320kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[  201.018976][T13407] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.047793][T14729] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  201.101524][T13943] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.184403][T15353] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3095'.
[  201.225452][T10717] ==================================================================
[  201.233533][T10717] BUG: KCSAN: data-race in kick_pool / wq_worker_running
[  201.240549][T10717] 
[  201.242863][T10717] read-write to 0xffff888237c29de4 of 4 bytes by task 3409 on cpu 0:
[  201.250916][T10717]  wq_worker_running+0x95/0x120
[  201.255768][T10717]  synchronize_rcu_expedited+0x611/0x790
[  201.261394][T10717]  synchronize_rcu+0x45/0x320
[  201.266056][T10717]  key_garbage_collector+0x753/0x8c0
[  201.271331][T10717]  process_scheduled_works+0x4ce/0x9d0
[  201.276785][T10717]  worker_thread+0x582/0x770
[  201.281360][T10717]  kthread+0x489/0x510
[  201.285421][T10717]  ret_from_fork+0x122/0x1b0
[  201.290002][T10717]  ret_from_fork_asm+0x1a/0x30
[  201.294755][T10717] 
[  201.297066][T10717] read to 0xffff888237c29de4 of 4 bytes by task 10717 on cpu 1:
[  201.304679][T10717]  kick_pool+0x49/0x2d0
[  201.308821][T10717]  __queue_work+0x8cb/0xb50
[  201.313315][T10717]  queue_work_on+0xd1/0x160
[  201.317805][T10717]  process_srcu+0x999/0xbc0
[  201.322304][T10717]  process_scheduled_works+0x4ce/0x9d0
[  201.327758][T10717]  worker_thread+0x582/0x770
[  201.332332][T10717]  kthread+0x489/0x510
[  201.336392][T10717]  ret_from_fork+0x122/0x1b0
[  201.340971][T10717]  ret_from_fork_asm+0x1a/0x30
[  201.345726][T10717] 
[  201.348034][T10717] value changed: 0x00000000 -> 0x00000001
[  201.353733][T10717] 
[  201.356043][T10717] Reported by Kernel Concurrency Sanitizer on:
[  201.362179][T10717] CPU: 1 UID: 0 PID: 10717 Comm: kworker/1:12 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  201.373716][T10717] Tainted: [W]=WARN
[  201.377502][T10717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  201.387545][T10717] Workqueue: rcu_gp process_srcu
[  201.392483][T10717] ==================================================================