last executing test programs:

3.227821099s ago: executing program 2 (id=418):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
accept(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r3, 0x0, 0xffff, 0x8009)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000380)=0x3c, 0xfcb5)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000000c0)={0x0, r4, 0x18, 0x0, 0x0, 0xffffffffffff8001})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[])

3.007370642s ago: executing program 2 (id=424):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r0, &(0x7f0000000300)=ANY=[], 0x32600)
r1 = open(&(0x7f0000000140)='./file2\x00', 0x147842, 0x184)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x2000, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x20, 0x0, 0x1, 0x8}, {0x6, 0x2, 0xfe, 0x1}, {0x8, 0x66, 0x9, 0x8}, {0x76da, 0x6c, 0x8, 0x7}]})

2.721817947s ago: executing program 2 (id=427):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000840), r1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000800)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sync_file_range(0xffffffffffffffff, 0x6, 0x10000000000000, 0x2)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1, 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0, 0x0, 0x0, 0x9}}], 0x90, 0x20000801}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0xb, r5, 0x8, 0x0, 0x0, 0x14, 0x0, 0x14}, 0x94)
statx(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x2000, 0x400, &(0x7f00000002c0))
statx(0xffffffffffffffff, &(0x7f0000000500)='./file1\x00', 0x2000, 0x0, &(0x7f0000000540))

2.707057527s ago: executing program 2 (id=429):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000004000204ff0f00000700000088000000fb13e84431239b53b030d2f8f80d4c", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_kthread_work_queue_work\x00', r1}, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0xa1c406, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRESDEC], 0x1, 0x2a9, &(0x7f0000002a00)="$eJzs3M9r02AYwPGn6dZ00209CXrxQS96CbMe1UOVDcSC0q2iHoSMZVpa25EUbUUwZ0/7O4ZHb4L4D+y/8DYE2WknI22zNOu6H251nd33AyXv+z7v277JS8qTlmTz2dqb8opnrdh1MdIqhogv2yIZKcmORLhNtcupqF3uZcWXm7Nvtz4tPH/xKJfPzxVU53OLt7OqOn3127sPn699r194+mXaNGUj83LzV/bHxqWNy5u/F1+XPC2lpFqrq61LtVrdXqo4ulzyypbqk4pje46Wqp7j7oqvVGqrq021q8tTk6uu43lqV5tqSFPrNU2Hs6qqZVk6Ndkqp+UcSf31iOJ6oWDnuvW55GBnhLPAdXN2a2En9pwNxfXhzAgAAAzT/vm/EfXZyf+N3vxf5JD8/2PYa/pr3/zf0+Pn/0mJ8v+y087/625T7Vd2KZ7/40C9+f/RGP9mMjiJhB+r3N8Vct3cRP9B5P8AAAAAAAAAAAAAAAAAAAAAAPwPtoNgJgiCmdbWEJEgrJsikozV+ww9V/fWj6r4+gexlxku8AHrjxEQu3EvLfLTbxQbxUR724nPP8zPzWpb7Ma/rUajmIzitzpx3R0fl8kwnu0bT8mN6514K/bgcT4eX2sUJ2T5wJn7gzoEAAAAAACMPEsjmagxLdH1vWWpKb3x9vV7p+R3fx/Q7qOBWvExuTJ2mnsCAAAAAAD24zXfl+1KxXFPp5A8xc86dkHkeMPvBOZAppEUkagl07dPYUFk+AdqT8GUMzGNUS7cHdgbBgmRTst4+GXQcxYAAAAAGC3d64FDu17sbeDvfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuNETxEzjtZ52PsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBV/AgAA//9sVrw0")
lseek(r4, 0x10001, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000000005"], 0x48)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mlockall(0x3)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, 0x0, 0x20040014)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24074001}, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r5, 0x0, 0x178}, 0x18)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2000009, 0x4082172, 0xffffffffffffffff, 0x0)

2.072932317s ago: executing program 2 (id=443):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x2000000000000218, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000080)=ANY=[@ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x18)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close(r6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r9 = socket$inet6(0xa, 0x3, 0xff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
setsockopt$inet6_int(r9, 0x29, 0x16, &(0x7f0000fcb000)=0xfffffffc, 0x4)
write$binfmt_script(r8, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

1.652118483s ago: executing program 4 (id=451):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x108, 0x0)
mq_timedsend(r2, 0x0, 0x47, 0x6, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000002b290f52c77362a800", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setrlimit(0x2, &(0x7f0000000000)={0x4000051, 0xfffffffa})
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000800000/0x800000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="421c0000000000001c0012800900010078667265000496054dffffffff00020001000000140003007866726d30000000000000000000000049e40c50419fcdbce954d212bf576a596c32615f6c7b361a864278f9567e20220d62e9907c94d6f096050800000082f4c8647af445ff3f455c26b51b44d57627bf6576ebec92b4b9ba4208643a49fe2aa54f2cabde8462aae206cd3ae9eb6408938487d4428bfba51938ae5e06605e780d101c31972854"], 0x50}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2058018, &(0x7f00000001c0), 0xff, 0x542, &(0x7f0000001e00)="$eJzs3c9vI1cdAPDveOPdZDfbpMABKrUUWpStYO2koW3EoRQJwakSotyXkDhRFCeOYqfdRBVk/wIkhACJE1y4IPEHIKGVuHBESJXgDFIRCMEWJDiUDrI9ToIzTpytE+86n480O+/Nr+/3efPGM/bTOIBL69mIeC0iPkjT9IWImMqWF7Ip9ttTc7v3Hry91JySSNM3/p5Eki3rHCvJ5jey3cYj4utfjfhWcjxufXdvfbFarWxn9XJjY6tc3927vbaxuFpZrWzOz8+9vPDKwksLswNp582IePXLf/7Bd3/2lVd/9bm3/nTnr7e+3UxrMlt/tB1nNHbSynbTi9fGu3bYfshgj6Jme4qdykR/+9w7x3wAAOiteY3/kYj4dES8EFNx5eTLWQAAAOAxlH5xMt5PItJ8V3ssBwAAAB4jhdYY2KRQysYCTEahUCq1x/B+LK4XqrV647MrtZ3N5fZY2ekoFlbWqpXZbKzwdBSTZn2uVT6sv9hVn4+IJyPi+1MTrXppqVZdHvaHHwAAAHBJ3Oi6///XVPv+HwAAABgx08NOAAAAADh37v8BAABg9Ln/BwAAgJH2tddfb05p5/evl9/c3VmvvXl7uVJfL23sLJWWattbpdVabbX1zL6N045XrdW2Ph+bO3fLjUq9Ua7v7t3ZqO1sNu6sxfiFNAgAAAA45slP3v9DEhH7X5hoTU1Xh50UcCHGDkpJNs/p/X98oj1/94KSAi7ElT62efda/nLXCfB4G+te0KOvA6OneLRyeDEwMYxcgOFITlnfc/DOb7P5pwabDwAAMHgzn8j//v+0+4GI/cIFpAecI50YLq+u7//TqWElAly41vf//Q7kcbEAI6XY1whAYJR96O//T5WmZ0oIAAAYuMnWlBRK2cd7k1EolEoRN1s/C1BMVtaqldmIeCIifj9VvNasz7X2TPoYIwAAAAAAAAAAAAAAAAAAAAAAAAAAROup3EmkAAAAwEiLKPwl+XX7Wf4zU89Pdn8+cDX5T+snga9GxFs/fuOHdxcbje255vJ/HCxv/Chb/uIwPsEAAAAAunXu01vzfw87GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGzXsP3l7qTH1sPjGouH/7UkRM58Ufi/HWfDyKEXH9n0mMHdkviYgrA4i/fy8iPp4XP2mmdRAyL/4gXoRT4sd09irkxb8xgPhwmd1vnn9ey+t/hXi2Nc/vf2MR/1d/WL3Pf3Fw/rvSo//f7DPGU+/8otwz/r2Ip8byzz+d+EmP+M/1Gf+b39jb67Uu/UnETOf9p3XGOxrhsFRubGyV67t7t9c2Flcrq5XN+fm5lxdeWXhpYba8slatZP/mxvje07/84KT2X899/0uybHq3//mc4+W9J/33nbsPPtqp7B+Pf+u5nPi/+Wm2xfH4hSzOZ7Jyc/1Mp7zfLh/1zM9/98xJ7V8+bH/xLP//t3odtNuxjvJ0v386AMA5qO/urS9Wq5XtkS0079IfgTRGpjARj0QaAyl8Z6AHTNM0bfapnFX3I6Kf4yRxtqDvp2l64jaF/HwOCz3PAMM+MwEAAIN2eNE/7EwAAAAAAAAAAAAAAAAAAADg8rqIp6x1xzx8BHIyiEdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMxP8CAAD//9/x1Ys=")
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x2)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r7, 0x2)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x77359400}, 0x0)

1.496466016s ago: executing program 0 (id=452):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1.482561876s ago: executing program 3 (id=453):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
write$binfmt_script(r1, &(0x7f0000000b80)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

1.398654918s ago: executing program 3 (id=454):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r0, &(0x7f0000000000)={0x23, 0x16, 0x4, 0x3}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)
r3 = io_uring_setup(0x60f1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x8001})
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000680)='kfree\x00'}, 0x18)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f00000004c0)={[{@grpquota}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r4, &(0x7f00000063c0)=""/1024, 0x400)

1.372271778s ago: executing program 0 (id=455):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
write$UHID_DESTROY(r4, &(0x7f0000000000), 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r4, 0x6, &(0x7f0000000280)={0x8, 0x0, &(0x7f0000000240)=[r6, r0, r0]}, 0x3)
r7 = bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r1}, 0x8)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', r2, 0x0, 0x2}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYRES32=r7], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='hrtimer_start\x00', r9}, 0x10)
fsetxattr$security_selinux(r3, &(0x7f0000000a80), &(0x7f0000000140)='system_u:object_r:clock_device_t:s0\x00', 0x24, 0x0)
r10 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000400), 0x1, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000140000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8d5af3b3c03000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r12}, &(0x7f0000000180), &(0x7f00000001c0)=r11}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r13 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r13, 0x6, 0x0, 0x0, 0x0)
r14 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r14, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000980)={&(0x7f00000006c0)={0x2c0, 0x12, 0x10, 0x70bd26, 0x25dfdbfc, {0x29, 0x9, 0xc, 0xbd, {0x4e24, 0x4e24, [0x7fff, 0x8, 0x800, 0x3], [0x400, 0x2, 0x2, 0xfffffe01], r2, [0x5, 0x6]}, 0x8000, 0x2}, [@INET_DIAG_REQ_BYTECODE={0x8, 0x1, "cdcdb7aa"}, @INET_DIAG_REQ_BYTECODE={0xcf, 0x1, "ee3766a5caca20103d67580bcb1cfb49b8f018934c14dd19726ca3f71b04a9e2d4e6c98270a814336678ee4ff977eb3ab5630c5a0f433bcc7fa0af6d9d91bf1c13f3a1e2975e8f73585b20fce678e9e209e6f9b985b6eb9f4ef8e5dac7161efd802dad93e0622e4454ee1091348f7af085ae1702c137f13ce7437c461edeb44ffbf3be12fee7166a5747f8c316f6823f64baafdbc329f4eb3b080b0622c0149cf0ac5e25be1dd8aca28718716e234fcb4bd9d9959dc6d6a08382d829065e99010216102674d92b4feaf7ed"}, @INET_DIAG_REQ_BYTECODE={0xb4, 0x1, "55e41fa8a28b79c5f55867c6ca235a9817f763ec90c26299bd2fa37e8eaf1e10777f80e9e59ace04b07caa5a0eb5c43e804d95a31eb2460f4f4c9066f2e7cebd3c51a8b5a311022a0c743177aeec4a3191a27c191458b5fc4237b66370b6e7dabb83e8a1bd1c0d472c89d35c482b960a0630d9aad9dc35a6065e69aae2d891e3042f1c7ae25756f345a79d7f363c88f2b95e7daefb13462cc295015b421db8a7ec106cda12ae93ad4f281bab9b449d43"}, @INET_DIAG_REQ_BYTECODE={0x76, 0x1, "c5228264f261cc4000d36733451e415d62388dd9d5df67f964c0eb526d1c6894d57df28d878be0e7446dad0efdfa91f79ff7db5139a9ebde86ee2576dad62e49c2312dfb69dce22d0631c7f1638e92e19b878310a80f76c671f80ac620d2b5a1624e33c4f886db82a8cf1a28e08d000077dc"}, @INET_DIAG_REQ_BYTECODE={0x6d, 0x1, "d02a1a03f99b5575f0db2a0bd92f42440d14ca3a2449109b017fb7b4354bd4b2609c542a4180af06a60548a8126985f8ba136b9c7c1a7c9bcb95b8372a51a6be815a91b1e0b9e4025d50dd557bcf4b7ba5204aa28dde77a793df5608161734adc7c849aaf9e79bf294"}]}, 0x2c0}, 0x1, 0x0, 0x0, 0x1}, 0x20004000)

1.337729418s ago: executing program 0 (id=456):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x1204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x56a, &(0x7f0000000580)="$eJzs3V9v094ZwPHH/bUQZVI1jQmhqsChbFKRSnASCIq48pyT9EBiR7aD2itW0RRVpDBRJq29GOOGbdL2Irjdi9g7QrvfLphsJ/2XOGFK20zV9xO158Q+9nmOG51Tt/axAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsdyabRctaRqvs6GyubXAbx2/7W89tEAenErG1CtixV+Sy8mtdNGtXx6vvhl/W/ntH9N3y5KLk5wc/uzmz5/dmJ8bbD8m4Euxf3D4dqvX636YdSAX59/fr2evbGjPhL5pOQ2tTOiraqViP1qvh6pumjrcDCPdUm6gncgP1Kr7QBWr1bLShU2/4zVqTlMPFj59WLLtinpeaGsnCH3v0fNC6K6bZtN4jaRMvDou8zT+IL4wkYq001JqZ7fXLU9qQVyo+COFSpMKlexSqVgslYqVJ9UnT217fmiBfYYMlZj9hxazdY69NzCduf74L00x4klHNkSNfLlSk0B8aWWs7xuM/79+pMfWe3L8X04XLd86Xr0Uf1uRO+m7O1njf0Ysl/falwM5lLeyJT3pSVc+zDyiy301RIsnRkLxxUhLnGSJ6i9RUpWKVMSWV7IudQlFSV2MNEVLKJsSSiQ6+US5EogWRyLxJRAlq+LKA1FSlKpUpSxKtBRkU3zpiCcNqYmT7GVHdpPjXhZlZcV4VKiY2Yz84HPXldKY1jL+Y3rn2n8D0/g+GP8BAAAAAMCVZSV/fY/P/xfkdpKrm6a2Zx0WAAAAAAA4R8l//pfjZCHO3RaL838AAAAAAK4aK7nHzhKRvNxNcztiJbdLjfojwE8zCBEAAAAAAEwp+f//nThJ5kC5K9bRdClcBAAAAAAAwBXxl6PZd7Pm2A3b161//kuCYMH63N74lbWXzM3r7PUvBRi6IiCqL1mL/Z0kSSVN5uddvWzl0kJHk2B+6yc78qkfR7rDoTisIFj4z/fUUQB/yg4gJ2cDuDEvf5N7aZl722m6PViT1pKvm6YuuH7zWVEcZ3Eu0hvR79/t/kGS5v/Vay1aOdntdQuv3/e2k4PxOd7L573+BIpD8yhmHYwb8/IxmW8huedi5JFfSG7E6Nebt2Rnt9e1kzqdtP1z6eZzp2v8tDimzi+ykpZa6c94mz/d/lxcZ7GQ1fp+FMUpW/5F7qdl7q/eT5MRUZQmRVE6GcXoYzF9FOVJUZSnjAIAZmVnwihknRj4M8adQWZML7cz6bcMa6iW//XXi6RHX03LrC4lHev80oge3Z7Uo9tTjm7/GHoGUtYYG9f79zOj6td4g6+Z9YbNkhUfwp8+7v1Obu4fHD7c3dt6033TfVcqlSv2Y9t+UpKFpBn9hLEHADDC5GfsTCxhPZ5wVv2Lo0sKCvJa3ktPtmUtudsgueJg5F7zJy5DWJtw1ppPhsn0CS9rY87qriV3OQz2Wxpb9nQM5Yv/QQAAcIlWJozDPzL+r0047z49lo8/O86feFobAAC4GDr4ZuWjP1tBYNqvitVq0YnWtQp894UKTK2hlfEiHbjrjtfQqh34ke/6zTjz0tR0qMJOu+0Hkar7gWr7odlIpg9U/Ue/h7rleJFxw3ZTO6FWru9Fjhupmgld1e78pmnCdR0kG4dt7Zq6cZ3I+J4K/U7g6oJSodYnCpqa9iJTN3HWU+3AtJwgp176zU5Lq5oO3cC0Iz/d4aAu49X9oJXstjDrgw0AwP+J/YPDt1u9XvfDRWWuzbqFAADgrOPhetaRAAAAAAAAAAAAAAAAAAAAAACALBd+/9/ZTP8BAHKplZI5h4xkrprjZ3r1MhO7jk8X2jEBuHD/DQAA//8Dc1K7")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x29)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r6}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r9=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000280)=r8}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r9], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r10}, 0x10)
mmap(&(0x7f000079d000/0x4000)=nil, 0x4000, 0x200000b, 0x4008032, 0xffffffffffffffff, 0x0)

1.336911299s ago: executing program 3 (id=457):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x1204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x56a, &(0x7f0000000580)="$eJzs3V9v094ZwPHH/bUQZVI1jQmhqsChbFKRSnASCIq48pyT9EBiR7aD2itW0RRVpDBRJq29GOOGbdL2Irjdi9g7QrvfLphsJ/2XOGFK20zV9xO158Q+9nmOG51Tt/axAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsdyabRctaRqvs6GyubXAbx2/7W89tEAenErG1CtixV+Sy8mtdNGtXx6vvhl/W/ntH9N3y5KLk5wc/uzmz5/dmJ8bbD8m4Euxf3D4dqvX636YdSAX59/fr2evbGjPhL5pOQ2tTOiraqViP1qvh6pumjrcDCPdUm6gncgP1Kr7QBWr1bLShU2/4zVqTlMPFj59WLLtinpeaGsnCH3v0fNC6K6bZtN4jaRMvDou8zT+IL4wkYq001JqZ7fXLU9qQVyo+COFSpMKlexSqVgslYqVJ9UnT217fmiBfYYMlZj9hxazdY69NzCduf74L00x4klHNkSNfLlSk0B8aWWs7xuM/79+pMfWe3L8X04XLd86Xr0Uf1uRO+m7O1njf0Ysl/falwM5lLeyJT3pSVc+zDyiy301RIsnRkLxxUhLnGSJ6i9RUpWKVMSWV7IudQlFSV2MNEVLKJsSSiQ6+US5EogWRyLxJRAlq+LKA1FSlKpUpSxKtBRkU3zpiCcNqYmT7GVHdpPjXhZlZcV4VKiY2Yz84HPXldKY1jL+Y3rn2n8D0/g+GP8BAAAAAMCVZSV/fY/P/xfkdpKrm6a2Zx0WAAAAAAA4R8l//pfjZCHO3RaL838AAAAAAK4aK7nHzhKRvNxNcztiJbdLjfojwE8zCBEAAAAAAEwp+f//nThJ5kC5K9bRdClcBAAAAAAAwBXxl6PZd7Pm2A3b161//kuCYMH63N74lbWXzM3r7PUvBRi6IiCqL1mL/Z0kSSVN5uddvWzl0kJHk2B+6yc78qkfR7rDoTisIFj4z/fUUQB/yg4gJ2cDuDEvf5N7aZl722m6PViT1pKvm6YuuH7zWVEcZ3Eu0hvR79/t/kGS5v/Vay1aOdntdQuv3/e2k4PxOd7L573+BIpD8yhmHYwb8/IxmW8huedi5JFfSG7E6Nebt2Rnt9e1kzqdtP1z6eZzp2v8tDimzi+ykpZa6c94mz/d/lxcZ7GQ1fp+FMUpW/5F7qdl7q/eT5MRUZQmRVE6GcXoYzF9FOVJUZSnjAIAZmVnwihknRj4M8adQWZML7cz6bcMa6iW//XXi6RHX03LrC4lHev80oge3Z7Uo9tTjm7/GHoGUtYYG9f79zOj6td4g6+Z9YbNkhUfwp8+7v1Obu4fHD7c3dt6033TfVcqlSv2Y9t+UpKFpBn9hLEHADDC5GfsTCxhPZ5wVv2Lo0sKCvJa3ktPtmUtudsgueJg5F7zJy5DWJtw1ppPhsn0CS9rY87qriV3OQz2Wxpb9nQM5Yv/QQAAcIlWJozDPzL+r0047z49lo8/O86feFobAAC4GDr4ZuWjP1tBYNqvitVq0YnWtQp894UKTK2hlfEiHbjrjtfQqh34ke/6zTjz0tR0qMJOu+0Hkar7gWr7odlIpg9U/Ue/h7rleJFxw3ZTO6FWru9Fjhupmgld1e78pmnCdR0kG4dt7Zq6cZ3I+J4K/U7g6oJSodYnCpqa9iJTN3HWU+3AtJwgp176zU5Lq5oO3cC0Iz/d4aAu49X9oJXstjDrgw0AwP+J/YPDt1u9XvfDRWWuzbqFAADgrOPhetaRAAAAAAAAAAAAAAAAAAAAAACALBd+/9/ZTP8BAHKplZI5h4xkrprjZ3r1MhO7jk8X2jEBuHD/DQAA//8Dc1K7")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x29)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r6=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r6}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r9=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000280)=r8}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r9], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r10}, 0x10)
mmap(&(0x7f000079d000/0x4000)=nil, 0x4000, 0x200000b, 0x4008032, 0xffffffffffffffff, 0x0)

1.129597742s ago: executing program 2 (id=459):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x20000014})
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50}, 0x94)
io_submit(0x0, 0x1, &(0x7f0000000180)=[0x0])
ioprio_set$uid(0x3, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
r7 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000880)=""/202, 0xca, 0x200000000005, 0x0)
write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x2000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000000)={0xa0000001})
epoll_wait(r4, &(0x7f0000000340)=[{}], 0x1, 0x1000)
epoll_pwait(r4, &(0x7f0000000040)=[{}], 0x1, 0xff, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000840)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0xfc0, 0x66, 0x0, 0xb, 0x88, 0x0, @rand_addr=0x64010102, @broadcast}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b7589ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c99172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19415e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb91010763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c3df04affee49612a735907d3c4d310a54a6f609873ad56f29a138f4d5661f6865e030487"}}, 0xfce)

965.102505ms ago: executing program 1 (id=462):
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket(0x10, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000300), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
llistxattr(0x0, 0x0, 0x0)

964.123835ms ago: executing program 1 (id=463):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
accept(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r3, 0x0, 0xffff, 0x8009)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000380)=0x3c, 0xfcb5)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000000c0)={0x0, r4, 0x18, 0x0, 0x0, 0xffffffffffff8001})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[])

858.026856ms ago: executing program 1 (id=464):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000004000204ff0f00000700000088000000fb13e84431239b53b030d2f8f80d4c", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_kthread_work_queue_work\x00', r1}, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r2, 0x10001, 0x0)

832.190197ms ago: executing program 1 (id=465):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
write$binfmt_script(r1, &(0x7f0000000b80)={'#! ', './file0'}, 0xb)
fallocate(r0, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

792.168427ms ago: executing program 4 (id=466):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497850600000000000000cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0x0)
fcntl$setpipe(r2, 0x407, 0x6)

772.907638ms ago: executing program 1 (id=467):
r0 = gettid()
timer_create(0x6, &(0x7f00000000c0)={0x0, 0x25, 0x0, @tid=r0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
unshare(0x8000000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)

730.365508ms ago: executing program 4 (id=468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})

729.836378ms ago: executing program 1 (id=469):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='batadv0\x00', 0xffffffffffffff7e)
getsockopt$bt_hci(r0, 0x84, 0x80, 0x0, &(0x7f0000000000))
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x4}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90324fc60100c034002a10100feff000037153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16=<r7=>0xffffffffffffffff], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000000)=0x10000000000000, 0xffffff6a)
r9 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_submit(0x0, 0x1, &(0x7f0000000540)=[0x0])
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES32=r7], 0x48)
setsockopt(r9, 0x9, 0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='sched_switch\x00', r4}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x100000c, 0x110, 0xffffffffffffffff, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f00001d8000/0x2000)=nil, 0x2000, 0x8, 0x12, r10, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000540), 0x84)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

729.143658ms ago: executing program 4 (id=470):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYRES8, @ANYRES16, @ANYRES16=0x0, @ANYRESDEC, @ANYRESOCT], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02ff7f000000000000000900010000ed29c06add41713235d03e294ea17fd1b304"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r3, 0x0, 0x102}, 0x18)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r4, 0x0, 0xc800)
sendmsg$SMC_PNETID_DEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x40030000000000}, 0x0)
syz_read_part_table(0x5c3, &(0x7f00000005c0)="$eJzs2z9I22kYB/A31lBohw7XqVPbocPRpaVjM7QlSVsqhKiL3KCgiJgpghC5gKAHmkExgzi6iJDFP5Mxg5Oi4Czi4CE4uNyhi+BiDvG97e7wUI8rfD7w48n75vu+T54h4y/wXWsJvzebzUQIofnwrxPNfzjdWUtnvjzPfch3xMvCfPWXH64+Jv48HW99GdeHcb0w/6gxefY5WTtoP3/VvVlpid+PxufxYr3zDsbjni2ltp6MjRezU6XUwH62fDyxt9u2fJrO179Vqitfk596Y2471tZYh0IpjITB0BMKoRD6QvGO+s/Vjt5cPsvW1vrfX2Qa0xtvYy53yzlv2n/4xUxXtfzx9erT2Xel9Z38yYPrXOFv/l0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPy/LKW2noyNF7NTpdTAfrZ8PLG327Z8ms7Xv1WqK1+Tn3pjbjvW1liHQimMhMHQEwohEfpC8Y76z9WO3lw+y9bW+t9fZBrTG29jLnfLOW/af/jFTFe1/PH16tPZd6X1nfzJg+tc4eE9/QAAAAAAAAAAAAAAAAAAAAAIIaQzX57nPuQ7QkiEn0Jr+PG3n1uu9pvxffdEzL2M9TDuL8w/akyefU7WDtrPX3VvVn6N+6PxebxY7/zPh+Ff+yMAAP//17OV3g==")
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
writev(0xffffffffffffffff, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r8], 0x2c}}, 0x0)

637.04208ms ago: executing program 4 (id=471):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

559.827461ms ago: executing program 4 (id=472):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0x9403, 0x0, 0x0, 0x2c0, 0x210, 0x3d8, 0x3d8, 0x320, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
close(0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='task_newtask\x00', r4, 0x0, 0xfffffffffffffffc}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

434.849363ms ago: executing program 0 (id=473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0, @ANYRES16, @ANYBLOB="1800000000000100000000000000fe0018110000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
getrandom(0x0, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRES32], 0x38}}, 0x0)

434.009023ms ago: executing program 3 (id=474):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000020000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) (fail_nth: 1)

307.668905ms ago: executing program 0 (id=475):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
accept(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r3, 0x0, 0xffff, 0x8009)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000380)=0x3c, 0xfcb5)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000000c0)={0x0, r4, 0x18, 0x0, 0x0, 0xffffffffffff8001})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[])

151.779598ms ago: executing program 3 (id=476):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000004000204ff0f00000700000088000000fb13e84431239b53b030d2f8f80d4c", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_kthread_work_queue_work\x00', r1}, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
lseek(0xffffffffffffffff, 0x10001, 0x0)

148.742258ms ago: executing program 3 (id=477):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x108, 0x0)
mq_timedsend(r2, 0x0, 0x47, 0x6, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000002b290f52c77362a800", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setrlimit(0x2, &(0x7f0000000000)={0x4000051, 0xfffffffa})
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000800000/0x800000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="421c0000000000001c0012800900010078667265000496054dffffffff00020001000000140003007866726d30000000000000000000000049e40c50419fcdbce954d212bf576a596c32615f6c7b361a864278f9567e20220d62e9907c94d6f096050800000082f4c8647af445ff3f455c26b51b44d57627bf6576ebec92b4b9ba4208643a49fe2aa54f2cabde8462aae206cd3ae9eb6408938487d4428bfba51938ae5e06605e780d101c31972854"], 0x50}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2058018, &(0x7f00000001c0), 0xff, 0x542, &(0x7f0000001e00)="$eJzs3c9vI1cdAPDveOPdZDfbpMABKrUUWpStYO2koW3EoRQJwakSotyXkDhRFCeOYqfdRBVk/wIkhACJE1y4IPEHIKGVuHBESJXgDFIRCMEWJDiUDrI9ToIzTpytE+86n480O+/Nr+/3efPGM/bTOIBL69mIeC0iPkjT9IWImMqWF7Ip9ttTc7v3Hry91JySSNM3/p5Eki3rHCvJ5jey3cYj4utfjfhWcjxufXdvfbFarWxn9XJjY6tc3927vbaxuFpZrWzOz8+9vPDKwksLswNp582IePXLf/7Bd3/2lVd/9bm3/nTnr7e+3UxrMlt/tB1nNHbSynbTi9fGu3bYfshgj6Jme4qdykR/+9w7x3wAAOiteY3/kYj4dES8EFNx5eTLWQAAAOAxlH5xMt5PItJ8V3ssBwAAAB4jhdYY2KRQysYCTEahUCq1x/B+LK4XqrV647MrtZ3N5fZY2ekoFlbWqpXZbKzwdBSTZn2uVT6sv9hVn4+IJyPi+1MTrXppqVZdHvaHHwAAAHBJ3Oi6///XVPv+HwAAABgx08NOAAAAADh37v8BAABg9Ln/BwAAgJH2tddfb05p5/evl9/c3VmvvXl7uVJfL23sLJWWattbpdVabbX1zL6N045XrdW2Ph+bO3fLjUq9Ua7v7t3ZqO1sNu6sxfiFNAgAAAA45slP3v9DEhH7X5hoTU1Xh50UcCHGDkpJNs/p/X98oj1/94KSAi7ElT62efda/nLXCfB4G+te0KOvA6OneLRyeDEwMYxcgOFITlnfc/DOb7P5pwabDwAAMHgzn8j//v+0+4GI/cIFpAecI50YLq+u7//TqWElAly41vf//Q7kcbEAI6XY1whAYJR96O//T5WmZ0oIAAAYuMnWlBRK2cd7k1EolEoRN1s/C1BMVtaqldmIeCIifj9VvNasz7X2TPoYIwAAAAAAAAAAAAAAAAAAAAAAAAAAROup3EmkAAAAwEiLKPwl+XX7Wf4zU89Pdn8+cDX5T+snga9GxFs/fuOHdxcbje255vJ/HCxv/Chb/uIwPsEAAAAAunXu01vzfw87GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGzXsP3l7qTH1sPjGouH/7UkRM58Ufi/HWfDyKEXH9n0mMHdkviYgrA4i/fy8iPp4XP2mmdRAyL/4gXoRT4sd09irkxb8xgPhwmd1vnn9ey+t/hXi2Nc/vf2MR/1d/WL3Pf3Fw/rvSo//f7DPGU+/8otwz/r2Ip8byzz+d+EmP+M/1Gf+b39jb67Uu/UnETOf9p3XGOxrhsFRubGyV67t7t9c2Flcrq5XN+fm5lxdeWXhpYba8slatZP/mxvje07/84KT2X899/0uybHq3//mc4+W9J/33nbsPPtqp7B+Pf+u5nPi/+Wm2xfH4hSzOZ7Jyc/1Mp7zfLh/1zM9/98xJ7V8+bH/xLP//t3odtNuxjvJ0v386AMA5qO/urS9Wq5XtkS0079IfgTRGpjARj0QaAyl8Z6AHTNM0bfapnFX3I6Kf4yRxtqDvp2l64jaF/HwOCz3PAMM+MwEAAIN2eNE/7EwAAAAAAAAAAAAAAAAAAADg8rqIp6x1xzx8BHIyiEdoAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMxP8CAAD//9/x1Ys=")
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x2)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r7, 0x2)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x77359400}, 0x0)

0s ago: executing program 0 (id=478):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497850600000000000000cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0x0)
fcntl$setpipe(r2, 0x407, 0x6)

kernel console output (not intermixed with test programs):

U: 0 UID: 0 PID: 3476 Comm: syz.2.3 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   32.851267][ T3476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   32.851281][ T3476] Call Trace:
[   32.851293][ T3476]  <TASK>
[   32.851301][ T3476]  __dump_stack+0x1d/0x30
[   32.851325][ T3476]  dump_stack_lvl+0xe8/0x140
[   32.851374][ T3476]  dump_stack+0x15/0x1b
[   32.851451][ T3476]  warn_alloc+0x12b/0x1a0
[   32.851476][ T3476]  ? audit_log_end+0x1d7/0x1f0
[   32.851513][ T3476]  ? audit_log_end+0x1d7/0x1f0
[   32.851544][ T3476]  __vmalloc_node_range_noprof+0x9c/0xe00
[   32.851677][ T3476]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   32.851774][ T3476]  ? slow_avc_audit+0x104/0x140
[   32.851797][ T3476]  ? should_fail_ex+0x30/0x280
[   32.851890][ T3476]  ? xskq_create+0x36/0xe0
[   32.851917][ T3476]  vmalloc_user_noprof+0x7d/0xb0
[   32.851992][ T3476]  ? xskq_create+0x80/0xe0
[   32.852017][ T3476]  xskq_create+0x80/0xe0
[   32.852066][ T3476]  xsk_init_queue+0x95/0xf0
[   32.852090][ T3476]  xsk_setsockopt+0x35c/0x510
[   32.852131][ T3476]  ? __pfx_xsk_setsockopt+0x10/0x10
[   32.852155][ T3476]  __sys_setsockopt+0x184/0x200
[   32.852216][ T3476]  __x64_sys_setsockopt+0x64/0x80
[   32.852243][ T3476]  x64_sys_call+0x2bd5/0x2fb0
[   32.852262][ T3476]  do_syscall_64+0xd2/0x200
[   32.852294][ T3476]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   32.852316][ T3476]  ? clear_bhb_loop+0x40/0x90
[   32.852334][ T3476]  ? clear_bhb_loop+0x40/0x90
[   32.852360][ T3476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   32.852381][ T3476] RIP: 0033:0x7facbeffe9a9
[   32.852398][ T3476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.852413][ T3476] RSP: 002b:00007facbd65f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   32.852484][ T3476] RAX: ffffffffffffffda RBX: 00007facbf225fa0 RCX: 00007facbeffe9a9
[   32.852499][ T3476] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[   32.852513][ T3476] RBP: 00007facbf080d69 R08: 0000000000000004 R09: 0000000000000000
[   32.852528][ T3476] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   32.852538][ T3476] R13: 0000000000000000 R14: 00007facbf225fa0 R15: 00007ffecfd9b668
[   32.852559][ T3476]  </TASK>
[   32.852569][ T3476] Mem-Info:
[   32.894647][ T3482] netlink: 'syz.0.1': attribute type 21 has an invalid length.
[   32.898713][ T3476] active_anon:5170 inactive_anon:0 isolated_anon:0
[   32.898713][ T3476]  active_file:5527 inactive_file:2172 isolated_file:0
[   32.898713][ T3476]  unevictable:0 dirty:1275 writeback:0
[   32.898713][ T3476]  slab_reclaimable:2786 slab_unreclaimable:12937
[   32.898713][ T3476]  mapped:28919 shmem:175 pagetables:933
[   32.898713][ T3476]  sec_pagetables:0 bounce:0
[   32.898713][ T3476]  kernel_misc_reclaimable:0
[   32.898713][ T3476]  free:1911889 free_pcp:5223 free_cma:0
[   32.916482][ T3482] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1'.
[   32.920068][ T3476] Node 0 active_anon:20680kB inactive_anon:0kB active_file:22224kB inactive_file:8688kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115676kB dirty:5100kB writeback:0kB shmem:700kB writeback_tmp:0kB kernel_stack:3264kB pagetables:3848kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   32.924959][ T3482] netlink: 'syz.0.1': attribute type 1 has an invalid length.
[   32.929743][ T3476] Node 0 
[   32.968061][ T3480] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   32.972204][ T3476] DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   32.980531][ T3480] Cannot find del_set index 0 as target
[   32.981464][ T3476] lowmem_reserve[]:
[   33.011368][ T3480] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5'.
[   33.027161][ T3476]  0 2882 7860 7860
[   33.027205][ T3476] Node 0 DMA32 free:2947820kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951348kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   33.274192][ T3476] lowmem_reserve[]: 0 0 4978 4978
[   33.274232][ T3476] Node 0 Normal free:4667728kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20680kB inactive_anon:0kB active_file:22340kB inactive_file:8688kB unevictable:0kB writepending:5216kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:21324kB local_pcp:14124kB free_cma:0kB
[   33.274347][ T3476] lowmem_reserve[]: 0 0 0 0
[   33.274379][ T3476] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   33.274610][ T3476] Node 0 DMA32: 5*4kB (M) 3*8kB (M) 2*16kB (M) 3*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947820kB
[   33.274908][ T3476] Node 0 Normal: 1*4kB (U) 2*8kB (ME) 1*16kB (E) 1*32kB (U) 0*64kB 7*128kB (M) 9*256kB (M) 4*512kB (UME) 3*1024kB (M) 5*2048kB (UME) 1135*4096kB (M) = 4667588kB
[   33.275134][ T3476] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   33.275223][ T3476] 7960 total pagecache pages
[   33.275230][ T3476] 0 pages in swap cache
[   33.275237][ T3476] Free swap  = 124996kB
[   33.275326][ T3476] Total swap = 124996kB
[   33.275336][ T3476] 2097051 pages RAM
[   33.275344][ T3476] 0 pages HighMem/MovableOnly
[   33.275352][ T3476] 80814 pages reserved
[   33.489328][ T3495] netlink: 'syz.3.4': attribute type 10 has an invalid length.
[   33.566669][ T3495] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4'.
[   33.578205][ T3480] syz.4.5 (3480) used greatest stack depth: 10600 bytes left
[   33.647731][ T3497] loop1: detected capacity change from 0 to 128
[   33.656918][ T3501] FAULT_INJECTION: forcing a failure.
[   33.656918][ T3501] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   33.670210][ T3501] CPU: 1 UID: 0 PID: 3501 Comm: syz.2.10 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   33.670302][ T3501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   33.670317][ T3501] Call Trace:
[   33.670324][ T3501]  <TASK>
[   33.670332][ T3501]  __dump_stack+0x1d/0x30
[   33.670357][ T3501]  dump_stack_lvl+0xe8/0x140
[   33.670376][ T3501]  dump_stack+0x15/0x1b
[   33.670452][ T3501]  should_fail_ex+0x265/0x280
[   33.670489][ T3501]  should_fail+0xb/0x20
[   33.670522][ T3501]  should_fail_usercopy+0x1a/0x20
[   33.670550][ T3501]  _copy_to_user+0x20/0xa0
[   33.670642][ T3501]  simple_read_from_buffer+0xb5/0x130
[   33.670681][ T3501]  proc_fail_nth_read+0x100/0x140
[   33.670722][ T3501]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   33.670793][ T3501]  vfs_read+0x19d/0x6f0
[   33.670825][ T3501]  ? __sys_setsockopt+0x18e/0x200
[   33.670862][ T3501]  ? __rcu_read_unlock+0x4f/0x70
[   33.670945][ T3501]  ? __fget_files+0x184/0x1c0
[   33.670965][ T3501]  ksys_read+0xda/0x1a0
[   33.671001][ T3501]  __x64_sys_read+0x40/0x50
[   33.671036][ T3501]  x64_sys_call+0x2d77/0x2fb0
[   33.671060][ T3501]  do_syscall_64+0xd2/0x200
[   33.671098][ T3501]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   33.671193][ T3501]  ? clear_bhb_loop+0x40/0x90
[   33.671218][ T3501]  ? clear_bhb_loop+0x40/0x90
[   33.671260][ T3501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.671295][ T3501] RIP: 0033:0x7facbeffd3bc
[   33.671313][ T3501] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   33.671409][ T3501] RSP: 002b:00007facbd65f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   33.671455][ T3501] RAX: ffffffffffffffda RBX: 00007facbf225fa0 RCX: 00007facbeffd3bc
[   33.671468][ T3501] RDX: 000000000000000f RSI: 00007facbd65f0a0 RDI: 0000000000000007
[   33.671483][ T3501] RBP: 00007facbd65f090 R08: 0000000000000000 R09: 0000000000000000
[   33.671498][ T3501] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.671513][ T3501] R13: 0000000000000000 R14: 00007facbf225fa0 R15: 00007ffecfd9b668
[   33.671536][ T3501]  </TASK>
[   33.996034][ T3511] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   34.065125][ T3513] loop2: detected capacity change from 0 to 512
[   34.090132][ T3515] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15'.
[   34.140516][ T3517] loop0: detected capacity change from 0 to 512
[   34.147857][ T3513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.179293][ T3513] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   34.192053][ T3520] loop4: detected capacity change from 0 to 512
[   34.202938][ T3517] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.230957][ T3520] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.245955][ T3520] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   34.257489][ T3517] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   34.300159][ T3515] loop1: detected capacity change from 0 to 128
[   34.306857][ T3515] EXT4-fs: Ignoring removed nobh option
[   34.335252][ T3515] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   34.336214][ T3542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   34.356133][ T3542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   34.370009][ T3515] ext4 filesystem being mounted at /3/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   34.380580][ T3513] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.14: iget: bad i_size value: 2533274857506816
[   34.393230][ T3520] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.16: iget: bad i_size value: 2533274857506816
[   34.418747][ T3515] EXT4-fs (loop1): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro.
[   34.431384][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.450876][ T3515] syz.1.15 (3515) used greatest stack depth: 10192 bytes left
[   34.470739][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.480643][ T3517] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.17: iget: bad i_size value: 2533274857506816
[   34.524912][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   34.563661][ T3549] loop2: detected capacity change from 0 to 512
[   34.571217][ T3547] netlink: 12 bytes leftover after parsing attributes in process `syz.4.24'.
[   34.580130][ T3547] netlink: 28 bytes leftover after parsing attributes in process `syz.4.24'.
[   34.589087][ T3547] netlink: 12 bytes leftover after parsing attributes in process `syz.4.24'.
[   34.598988][ T3547] netlink: 28 bytes leftover after parsing attributes in process `syz.4.24'.
[   34.607923][ T3547] netlink: 'syz.4.24': attribute type 6 has an invalid length.
[   34.619095][ T3547] netlink: 8 bytes leftover after parsing attributes in process `syz.4.24'.
[   34.631254][ T3547] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[   34.643508][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.654324][ T3549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.667251][ T3547] ip6gretap0: entered promiscuous mode
[   34.680375][ T3551] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   34.692247][ T3549] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   34.772584][ T3549] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.22: iget: bad i_size value: 2533274857506816
[   34.849633][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.866322][ T3573] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   34.874603][ T3573] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   34.926803][ T3578] loop0: detected capacity change from 0 to 512
[   34.952801][ T3578] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   34.965950][ T3578] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   34.983116][ T3580] loop2: detected capacity change from 0 to 512
[   35.014608][ T3580] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   35.023601][ T3578] EXT4-fs (loop0): 1 truncate cleaned up
[   35.029796][ T3578] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.048348][ T3580] EXT4-fs warning (device loop2): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop2.
[   35.185182][ T3589] netlink: 8 bytes leftover after parsing attributes in process `syz.2.35'.
[   35.246692][ T3590] loop2: detected capacity change from 0 to 128
[   35.264276][ T3590] EXT4-fs: Ignoring removed nobh option
[   35.292642][ T3590] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   35.336879][ T3590] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   35.394248][ T3589] EXT4-fs (loop2): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro.
[   35.476432][ T3595] loop3: detected capacity change from 0 to 512
[   35.491520][ T3595] EXT4-fs: Ignoring removed oldalloc option
[   35.497997][ T3595] ext4: Unknown parameter 'smackfsfloor'
[   35.559883][ T3309] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   35.580710][ T3602] vhci_hcd: invalid port number 96
[   35.585907][ T3602] vhci_hcd: default hub control req: 0300 vfffc i0060 l0
[   35.636345][ T3606] loop4: detected capacity change from 0 to 512
[   35.653554][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.669570][ T3606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.691325][ T3606] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.762003][ T3606] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.41: iget: bad i_size value: 2533274857506816
[   35.819244][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.838523][ T3616] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   35.846743][ T3616] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   36.009806][ T3621] loop4: detected capacity change from 0 to 1024
[   36.024733][ T3621] netlink: 'syz.4.45': attribute type 6 has an invalid length.
[   36.085129][ T3624] loop4: detected capacity change from 0 to 512
[   36.091905][ T3624] =======================================================
[   36.091905][ T3624] WARNING: The mand mount option has been deprecated and
[   36.091905][ T3624]          and is ignored by this kernel. Remove the mand
[   36.091905][ T3624]          option from the mount to silence this warning.
[   36.091905][ T3624] =======================================================
[   36.133208][ T3551] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.145579][ T3624] EXT4-fs (loop4): orphan cleanup on readonly fs
[   36.156020][ T3624] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.46: bg 0: block 248: padding at end of block bitmap is not set
[   36.191329][ T3624] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.46: Failed to acquire dquot type 1
[   36.229332][ T3624] EXT4-fs (loop4): 1 truncate cleaned up
[   36.235776][ T3624] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   36.297483][ T3551] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.297881][    C0] hrtimer: interrupt took 47688 ns
[   36.314234][ T3627] loop3: detected capacity change from 0 to 8192
[   36.330919][ T3624] syz.4.46 (3624) used greatest stack depth: 9304 bytes left
[   36.340232][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.352351][ T3551] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.385851][ T3633] loop7: detected capacity change from 0 to 7
[   36.431119][ T3551] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.452205][ T3636] batadv_slave_1: entered promiscuous mode
[   36.468097][ T3551] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.487076][ T3551] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.498871][ T3551] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.517564][ T3636] batadv_slave_1: left promiscuous mode
[   36.527782][ T3642] FAULT_INJECTION: forcing a failure.
[   36.527782][ T3642] name failslab, interval 1, probability 0, space 0, times 0
[   36.540442][ T3642] CPU: 0 UID: 0 PID: 3642 Comm: syz.1.52 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   36.540469][ T3642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   36.540482][ T3642] Call Trace:
[   36.540488][ T3642]  <TASK>
[   36.540564][ T3642]  __dump_stack+0x1d/0x30
[   36.540585][ T3642]  dump_stack_lvl+0xe8/0x140
[   36.540604][ T3642]  dump_stack+0x15/0x1b
[   36.540669][ T3642]  should_fail_ex+0x265/0x280
[   36.540698][ T3642]  ? hash_ipportnet_create+0x21b/0x740
[   36.540729][ T3642]  should_failslab+0x8c/0xb0
[   36.540816][ T3642]  __kmalloc_cache_noprof+0x4c/0x320
[   36.540845][ T3642]  hash_ipportnet_create+0x21b/0x740
[   36.540876][ T3642]  ? __nla_parse+0x40/0x60
[   36.540892][ T3642]  ? __pfx_hash_ipportnet_create+0x10/0x10
[   36.540995][ T3642]  ip_set_create+0x3cc/0x960
[   36.541035][ T3642]  ? __nla_parse+0x40/0x60
[   36.541067][ T3642]  nfnetlink_rcv_msg+0x4c3/0x590
[   36.541110][ T3642]  ? selinux_capable+0x1f9/0x270
[   36.541139][ T3642]  netlink_rcv_skb+0x120/0x220
[   36.541205][ T3642]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   36.541245][ T3642]  nfnetlink_rcv+0x16b/0x1690
[   36.541270][ T3642]  ? __kfree_skb+0x109/0x150
[   36.541345][ T3642]  ? nlmon_xmit+0x4f/0x60
[   36.541364][ T3642]  ? consume_skb+0x49/0x150
[   36.541460][ T3642]  ? nlmon_xmit+0x4f/0x60
[   36.541479][ T3642]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   36.541556][ T3642]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   36.541587][ T3642]  ? __dev_queue_xmit+0x182/0x1fb0
[   36.541624][ T3642]  ? __account_obj_stock+0x211/0x350
[   36.541645][ T3642]  ? ref_tracker_free+0x37d/0x3e0
[   36.541703][ T3642]  ? __netlink_deliver_tap+0x4dc/0x500
[   36.541739][ T3642]  netlink_unicast+0x5a5/0x680
[   36.541786][ T3642]  netlink_sendmsg+0x58b/0x6b0
[   36.541807][ T3642]  ? __pfx_netlink_sendmsg+0x10/0x10
[   36.541826][ T3642]  __sock_sendmsg+0x142/0x180
[   36.541850][ T3642]  ____sys_sendmsg+0x31e/0x4e0
[   36.541885][ T3642]  ___sys_sendmsg+0x17b/0x1d0
[   36.541971][ T3642]  __x64_sys_sendmsg+0xd4/0x160
[   36.542007][ T3642]  x64_sys_call+0x2999/0x2fb0
[   36.542058][ T3642]  do_syscall_64+0xd2/0x200
[   36.542076][ T3642]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   36.542102][ T3642]  ? clear_bhb_loop+0x40/0x90
[   36.542175][ T3642]  ? clear_bhb_loop+0x40/0x90
[   36.542195][ T3642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.542274][ T3642] RIP: 0033:0x7f812627e9a9
[   36.542289][ T3642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.542355][ T3642] RSP: 002b:00007f81248e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   36.542381][ T3642] RAX: ffffffffffffffda RBX: 00007f81264a5fa0 RCX: 00007f812627e9a9
[   36.542470][ T3642] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[   36.542485][ T3642] RBP: 00007f81248e7090 R08: 0000000000000000 R09: 0000000000000000
[   36.542497][ T3642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.542508][ T3642] R13: 0000000000000000 R14: 00007f81264a5fa0 R15: 00007ffe87d61078
[   36.542527][ T3642]  </TASK>
[   36.862714][ T3646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.898293][ T3646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.923058][ T3644] loop2: detected capacity change from 0 to 4096
[   36.929984][ T3646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.946546][ T3649] loop4: detected capacity change from 0 to 512
[   36.957358][ T3646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.967616][ T3652] loop3: detected capacity change from 0 to 512
[   36.969091][ T3646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.985727][ T3646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.999470][ T3655] loop0: detected capacity change from 0 to 512
[   37.009134][ T3646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.019061][ T3649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.029662][ T3644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.048443][ T3652] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.057990][ T3649] ext4 filesystem being mounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.068034][ T3646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.078374][ T3655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.096153][ T3655] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.106414][ T3652] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.127406][ T3646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.181841][ T3646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.190736][ T3655] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.56: iget: bad i_size value: 2533274857506816
[   37.203177][ T3646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.203337][ T3646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.223451][ T3669] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.55: iget: bad i_size value: 2533274857506816
[   37.249357][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.275983][ T3652] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.54: iget: bad i_size value: 2533274857506816
[   37.290767][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.312738][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.323629][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.337087][   T29] kauditd_printk_skb: 272 callbacks suppressed
[   37.337100][   T29] audit: type=1400 audit(1753061189.172:361): avc:  denied  { create } for  pid=3676 comm="syz.2.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   37.351039][ T3677] Zero length message leads to an empty skb
[   37.363476][   T29] audit: type=1400 audit(1753061189.192:362): avc:  denied  { getopt } for  pid=3676 comm="syz.2.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   37.423233][ T3684] loop2: detected capacity change from 0 to 128
[   37.453273][   T29] audit: type=1400 audit(1753061189.232:363): avc:  denied  { ioctl } for  pid=3675 comm="syz.4.61" path="socket:[3891]" dev="sockfs" ino=3891 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   37.478619][   T29] audit: type=1400 audit(1753061189.262:364): avc:  denied  { setopt } for  pid=3681 comm="syz.2.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   37.497840][   T29] audit: type=1400 audit(1753061189.262:365): avc:  denied  { ioctl } for  pid=3681 comm="syz.2.63" path="socket:[3894]" dev="sockfs" ino=3894 ioctlcmd=0x940b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   37.522855][   T29] audit: type=1400 audit(1753061189.262:366): avc:  denied  { mount } for  pid=3681 comm="syz.2.63" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   37.545213][   T29] audit: type=1400 audit(1753061189.262:367): avc:  denied  { unmount } for  pid=3681 comm="syz.2.63" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   37.621837][   T29] audit: type=1326 audit(1753061189.462:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3692 comm="syz.4.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e982de9a9 code=0x7ffc0000
[   37.626179][ T3684] syz.2.63: attempt to access beyond end of device
[   37.626179][ T3684] loop2: rw=0, sector=121, nr_sectors = 896 limit=128
[   37.646446][   T29] audit: type=1326 audit(1753061189.462:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3692 comm="syz.4.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e982de9a9 code=0x7ffc0000
[   37.681551][   T29] audit: type=1326 audit(1753061189.462:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3692 comm="syz.4.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e982de9a9 code=0x7ffc0000
[   37.752279][ T3700] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   37.761155][ T3700] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   37.794220][ T3706] loop4: detected capacity change from 0 to 512
[   37.811860][ T3706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.838498][ T3706] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.842869][ T3711] loop0: detected capacity change from 0 to 2048
[   37.879314][ T3706] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.72: iget: bad i_size value: 2533274857506816
[   37.903639][ T3711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.942649][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.952765][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.986250][ T3717] loop4: detected capacity change from 0 to 512
[   38.009942][ T3717] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.025395][ T3717] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   38.047160][ T3720] loop3: detected capacity change from 0 to 2048
[   38.061682][ T3720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.075936][  T161] kworker/u8:5: attempt to access beyond end of device
[   38.075936][  T161] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[   38.097385][ T3717] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.74: iget: bad i_size value: 2533274857506816
[   38.135651][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.154127][ T3727] __nla_validate_parse: 5 callbacks suppressed
[   38.154140][ T3727] netlink: 28 bytes leftover after parsing attributes in process `syz.1.77'.
[   38.169656][ T3727] netlink: 28 bytes leftover after parsing attributes in process `syz.1.77'.
[   38.185903][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.241283][ T3731] vhci_hcd: invalid port number 96
[   38.246443][ T3731] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   38.260091][ T3737] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   38.268480][ T3737] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   38.358009][ T3745] loop3: detected capacity change from 0 to 512
[   38.380605][ T3751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.87'.
[   38.390768][ T3745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.403955][ T3745] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   38.414541][ T3751] team0: Port device team_slave_0 removed
[   38.453913][ T3745] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.85: iget: bad i_size value: 2533274857506816
[   38.477816][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.653624][ T3765] loop3: detected capacity change from 0 to 512
[   38.670367][ T3765] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.682885][ T3765] ext4 filesystem being mounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   38.718416][ T3765] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.92: iget: bad i_size value: 2533274857506816
[   38.769591][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.266643][ T3770] loop0: detected capacity change from 0 to 128
[   39.273322][ T3770] EXT4-fs: Ignoring removed nobh option
[   39.282667][ T3770] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   39.296626][ T3770] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   39.310879][ T3770] netlink: 8 bytes leftover after parsing attributes in process `syz.0.94'.
[   39.644643][ T3311] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   39.675576][ T3773] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.687662][ T3775] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   39.695996][ T3775] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   39.731187][ T3773] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.785955][ T3773] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.828545][ T3786] loop0: detected capacity change from 0 to 512
[   39.851485][ T3786] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.864785][ T3786] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   39.879509][ T3773] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   39.916243][ T3786] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.98: iget: bad i_size value: 2533274857506816
[   39.941054][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.977909][ T3773] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.990365][ T3773] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.003565][ T3773] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.015293][ T3773] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.113450][ T3804] loop3: detected capacity change from 0 to 1024
[   40.148907][ T3804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.249133][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.357079][ T3821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.110'.
[   40.420184][ T3825] FAULT_INJECTION: forcing a failure.
[   40.420184][ T3825] name failslab, interval 1, probability 0, space 0, times 0
[   40.432859][ T3825] CPU: 1 UID: 0 PID: 3825 Comm: syz.3.112 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   40.432886][ T3825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   40.432897][ T3825] Call Trace:
[   40.432902][ T3825]  <TASK>
[   40.432907][ T3825]  __dump_stack+0x1d/0x30
[   40.432982][ T3825]  dump_stack_lvl+0xe8/0x140
[   40.432999][ T3825]  dump_stack+0x15/0x1b
[   40.433017][ T3825]  should_fail_ex+0x265/0x280
[   40.433051][ T3825]  should_failslab+0x8c/0xb0
[   40.433075][ T3825]  kmem_cache_alloc_noprof+0x50/0x310
[   40.433147][ T3825]  ? audit_log_start+0x365/0x6c0
[   40.433177][ T3825]  audit_log_start+0x365/0x6c0
[   40.433214][ T3825]  audit_seccomp+0x48/0x100
[   40.433243][ T3825]  ? __seccomp_filter+0x68c/0x10d0
[   40.433316][ T3825]  __seccomp_filter+0x69d/0x10d0
[   40.433342][ T3825]  ? alloc_file_pseudo+0x129/0x160
[   40.433376][ T3825]  __secure_computing+0x82/0x150
[   40.433396][ T3825]  syscall_trace_enter+0xcf/0x1e0
[   40.433493][ T3825]  do_syscall_64+0xac/0x200
[   40.433509][ T3825]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.433536][ T3825]  ? clear_bhb_loop+0x40/0x90
[   40.433560][ T3825]  ? clear_bhb_loop+0x40/0x90
[   40.433632][ T3825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.433655][ T3825] RIP: 0033:0x7f31a17cd3bc
[   40.433669][ T3825] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   40.433724][ T3825] RSP: 002b:00007f319fe37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   40.433739][ T3825] RAX: ffffffffffffffda RBX: 00007f31a19f5fa0 RCX: 00007f31a17cd3bc
[   40.433752][ T3825] RDX: 000000000000000f RSI: 00007f319fe370a0 RDI: 0000000000000005
[   40.433765][ T3825] RBP: 00007f319fe37090 R08: 0000000000000000 R09: 0000000000000000
[   40.433779][ T3825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   40.433790][ T3825] R13: 0000000000000000 R14: 00007f31a19f5fa0 R15: 00007ffed7922328
[   40.433807][ T3825]  </TASK>
[   40.434664][ T3826] 9pnet_fd: Insufficient options for proto=fd
[   40.622511][ T3830] loop0: detected capacity change from 0 to 1024
[   40.650440][ T3831] loop3: detected capacity change from 0 to 512
[   40.660917][ T3830] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.673814][ T3831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.686557][ T3831] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.699307][ T3831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.721352][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.751980][ T3837] can: request_module (can-proto-4) failed.
[   40.852841][ T3858] loop0: detected capacity change from 0 to 2048
[   40.873196][ T3858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.881256][ T3863] netlink: 'syz.3.121': attribute type 10 has an invalid length.
[   40.896808][ T3863] netlink: 40 bytes leftover after parsing attributes in process `syz.3.121'.
[   40.910753][ T3863] team0: Device geneve1 is up. Set it down before adding it as a team port
[   40.928508][ T3863] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   40.969833][ T3872] loop4: detected capacity change from 0 to 128
[   40.970653][ T3858] IPv4: Oversized IP packet from 127.202.26.0
[   40.976488][ T3872] EXT4-fs: Ignoring removed nobh option
[   40.995278][ T3875] loop2: detected capacity change from 0 to 128
[   41.004235][ T3874] loop3: detected capacity change from 0 to 512
[   41.009309][ T3872] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   41.018342][ T3874] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   41.034652][ T3875] EXT4-fs (loop2): filesystem is read-only
[   41.046221][ T3872] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   41.059186][ T3875] EXT4-fs (loop2): mounted filesystem ffb65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[   41.072242][ T3874] EXT4-fs (loop3): 1 truncate cleaned up
[   41.078752][ T3874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.097527][ T3872] netlink: 8 bytes leftover after parsing attributes in process `syz.4.123'.
[   41.222424][ T3309] EXT4-fs (loop2): unmounting filesystem ffb65be2-f6da-4727-8c75-0525a5b65a09.
[   41.243533][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   41.267563][ T3886] netlink: 'syz.4.126': attribute type 41 has an invalid length.
[   41.280705][ T3884] loop2: detected capacity change from 0 to 512
[   41.432130][ T3884] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   41.461680][ T3884] EXT4-fs (loop2): 1 truncate cleaned up
[   41.465015][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.468050][ T3884] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.492654][ T2910] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   41.519915][ T2910] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   41.532457][ T2910] EXT4-fs (loop0): This should not happen!! Data will be lost
[   41.532457][ T2910] 
[   41.542161][ T2910] EXT4-fs (loop0): Total free blocks count 0
[   41.548208][ T2910] EXT4-fs (loop0): Free/Dirty block details
[   41.554167][ T2910] EXT4-fs (loop0): free_blocks=2415919104
[   41.559973][ T2910] EXT4-fs (loop0): dirty_blocks=8208
[   41.565277][ T2910] EXT4-fs (loop0): Block reservation details
[   41.571303][ T2910] EXT4-fs (loop0): i_reserved_data_blocks=513
[   41.625325][ T3899] loop3: detected capacity change from 0 to 512
[   41.632488][ T2910] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   41.660847][ T3899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.722536][ T3899] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.848811][ T3903] loop0: detected capacity change from 0 to 2048
[   41.853080][ T3899] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.132: iget: bad i_size value: 2533274857506816
[   41.883818][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.909018][ T3903]  loop0: p1 < > p4
[   41.914290][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.918663][ T3903] loop0: p4 size 8388608 extends beyond EOD, truncated
[   41.945576][ T3908] FAULT_INJECTION: forcing a failure.
[   41.945576][ T3908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   41.958677][ T3908] CPU: 0 UID: 0 PID: 3908 Comm: syz.3.134 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   41.958707][ T3908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   41.958762][ T3908] Call Trace:
[   41.958769][ T3908]  <TASK>
[   41.958776][ T3908]  __dump_stack+0x1d/0x30
[   41.958799][ T3908]  dump_stack_lvl+0xe8/0x140
[   41.958819][ T3908]  dump_stack+0x15/0x1b
[   41.958837][ T3908]  should_fail_ex+0x265/0x280
[   41.958939][ T3908]  should_fail+0xb/0x20
[   41.958963][ T3908]  should_fail_usercopy+0x1a/0x20
[   41.958996][ T3908]  _copy_from_user+0x1c/0xb0
[   41.959040][ T3908]  do_sock_getsockopt+0xf1/0x240
[   41.959083][ T3908]  __x64_sys_getsockopt+0x11e/0x1a0
[   41.959121][ T3908]  x64_sys_call+0x12aa/0x2fb0
[   41.959143][ T3908]  do_syscall_64+0xd2/0x200
[   41.959222][ T3908]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.959315][ T3908]  ? clear_bhb_loop+0x40/0x90
[   41.959332][ T3908]  ? clear_bhb_loop+0x40/0x90
[   41.959351][ T3908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.959372][ T3908] RIP: 0033:0x7f31a17ce9a9
[   41.959386][ T3908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.959403][ T3908] RSP: 002b:00007f319fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   41.959446][ T3908] RAX: ffffffffffffffda RBX: 00007f31a19f5fa0 RCX: 00007f31a17ce9a9
[   41.959460][ T3908] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   41.959472][ T3908] RBP: 00007f319fe37090 R08: 0000000000000000 R09: 0000000000000000
[   41.959484][ T3908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.959541][ T3908] R13: 0000000000000000 R14: 00007f31a19f5fa0 R15: 00007ffed7922328
[   41.959559][ T3908]  </TASK>
[   41.964216][ T3911] loop2: detected capacity change from 0 to 512
[   42.076136][ T3914] loop3: detected capacity change from 0 to 2048
[   42.091544][ T3911] ext4: Unknown parameter 'dont_measure'
[   42.130665][ T3914] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.183826][ T3917] loop0: detected capacity change from 0 to 512
[   42.191853][ T3914] FAULT_INJECTION: forcing a failure.
[   42.191853][ T3914] name failslab, interval 1, probability 0, space 0, times 0
[   42.204640][ T3914] CPU: 0 UID: 0 PID: 3914 Comm: syz.3.138 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   42.204671][ T3914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   42.204684][ T3914] Call Trace:
[   42.204750][ T3914]  <TASK>
[   42.204759][ T3914]  __dump_stack+0x1d/0x30
[   42.204783][ T3914]  dump_stack_lvl+0xe8/0x140
[   42.204805][ T3914]  dump_stack+0x15/0x1b
[   42.204824][ T3914]  should_fail_ex+0x265/0x280
[   42.204856][ T3914]  should_failslab+0x8c/0xb0
[   42.204927][ T3914]  kmem_cache_alloc_node_noprof+0x57/0x320
[   42.204955][ T3914]  ? __alloc_skb+0x101/0x320
[   42.204986][ T3914]  __alloc_skb+0x101/0x320
[   42.205106][ T3914]  ? audit_log_start+0x365/0x6c0
[   42.205164][ T3914]  audit_log_start+0x380/0x6c0
[   42.205328][ T3914]  audit_seccomp+0x48/0x100
[   42.205362][ T3914]  ? __seccomp_filter+0x68c/0x10d0
[   42.205390][ T3914]  __seccomp_filter+0x69d/0x10d0
[   42.205419][ T3914]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   42.205510][ T3914]  ? vfs_write+0x75e/0x8e0
[   42.205538][ T3914]  ? __rcu_read_unlock+0x4f/0x70
[   42.205565][ T3914]  ? __fget_files+0x184/0x1c0
[   42.205615][ T3914]  __secure_computing+0x82/0x150
[   42.205643][ T3914]  syscall_trace_enter+0xcf/0x1e0
[   42.205703][ T3914]  do_syscall_64+0xac/0x200
[   42.205722][ T3914]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   42.205751][ T3914]  ? clear_bhb_loop+0x40/0x90
[   42.205777][ T3914]  ? clear_bhb_loop+0x40/0x90
[   42.205805][ T3914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.205958][ T3914] RIP: 0033:0x7f31a17ce9a9
[   42.206021][ T3914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.206050][ T3914] RSP: 002b:00007f319fe37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   42.206068][ T3914] RAX: ffffffffffffffda RBX: 00007f31a19f5fa0 RCX: 00007f31a17ce9a9
[   42.206079][ T3914] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000007
[   42.206134][ T3914] RBP: 00007f319fe37090 R08: 0000000000000000 R09: 0000000000000003
[   42.206219][ T3914] R10: 0000000000033000 R11: 0000000000000246 R12: 0000000000000001
[   42.206234][ T3914] R13: 0000000000000000 R14: 00007f31a19f5fa0 R15: 00007ffed7922328
[   42.206269][ T3914]  </TASK>
[   42.206435][ T3917] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   42.439814][ T3917] EXT4-fs (loop0): 1 truncate cleaned up
[   42.445865][ T3917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.463058][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.490245][ T3924] loop1: detected capacity change from 0 to 512
[   42.541766][ T3924] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.571197][   T29] kauditd_printk_skb: 434 callbacks suppressed
[   42.571210][   T29] audit: type=1326 audit(1753061194.402:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.600767][   T29] audit: type=1326 audit(1753061194.402:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.624131][   T29] audit: type=1326 audit(1753061194.412:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.647778][   T29] audit: type=1326 audit(1753061194.412:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.672196][   T29] audit: type=1326 audit(1753061194.412:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.695642][   T29] audit: type=1326 audit(1753061194.412:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.718980][   T29] audit: type=1326 audit(1753061194.412:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.742210][   T29] audit: type=1326 audit(1753061194.412:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.765559][   T29] audit: type=1326 audit(1753061194.412:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.767101][ T3924] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.788926][   T29] audit: type=1326 audit(1753061194.412:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3931 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31a17ce9a9 code=0x7ffc0000
[   42.872582][ T3938] netlink: 20 bytes leftover after parsing attributes in process `syz.3.144'.
[   42.941066][ T3943] loop4: detected capacity change from 0 to 512
[   42.947718][ T3943] ext4: Unknown parameter 'noacl'
[   43.013449][ T3946] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.140: iget: bad i_size value: 2533274857506816
[   43.078325][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.095151][ T3949] xt_CT: You must specify a L4 protocol and not use inversions on it
[   43.145891][ T3955] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   43.162318][ T3955] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   43.311722][ T3961] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   43.320030][ T3961] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   43.443784][ T3965] loop4: detected capacity change from 0 to 512
[   43.583231][ T3965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.598875][ T3965] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.669309][ T3965] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.152: iget: bad i_size value: 2533274857506816
[   43.696017][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.719095][ T3917] syz.0.136 (3917) used greatest stack depth: 6952 bytes left
[   43.742930][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.756392][ T3969] netlink: 'syz.4.153': attribute type 21 has an invalid length.
[   43.765430][ T3969] netlink: 132 bytes leftover after parsing attributes in process `syz.4.153'.
[   43.774451][ T3969] netlink: 'syz.4.153': attribute type 1 has an invalid length.
[   43.827620][ T3973] loop4: detected capacity change from 0 to 256
[   43.836013][ T3973] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   43.850963][ T3976] loop2: detected capacity change from 0 to 2048
[   43.896054][ T3984] loop3: detected capacity change from 0 to 512
[   43.924119][ T3984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.938396][ T3984] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.940241][ T3976] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.990828][ T3994] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.019577][ T3984] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.158: iget: bad i_size value: 2533274857506816
[   44.076132][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.088448][ T3994] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.121633][ T4001] loop0: detected capacity change from 0 to 2048
[   44.132454][ T4001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.150336][ T3994] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.170120][ T4006] netlink: 'syz.1.163': attribute type 21 has an invalid length.
[   44.180212][ T4006] netlink: 132 bytes leftover after parsing attributes in process `syz.1.163'.
[   44.189229][ T4006] netlink: 'syz.1.163': attribute type 1 has an invalid length.
[   44.211908][ T4008] netlink: 'syz.3.162': attribute type 10 has an invalid length.
[   44.220157][ T4008] netlink: 40 bytes leftover after parsing attributes in process `syz.3.162'.
[   44.232091][ T4001] loop9: detected capacity change from 0 to 7
[   44.243231][ T3994] netdevsim netdevsim4 netdevsim0 (unregistering): left promiscuous mode
[   44.251974][ T4003] netlink: 9 bytes leftover after parsing attributes in process `syz.2.155'.
[   44.261218][ T4001] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.270837][ T3994] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.281190][ T4001] Buffer I/O error on dev loop9, logical block 0, async page read
[   44.289062][ T4001]  loop9: unable to read partition table
[   44.294782][ T4001] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   44.294782][ T4001] 
) failed (rc=-5)
[   44.308243][ T4008] team0: Device geneve1 is up. Set it down before adding it as a team port
[   44.321454][ T4002] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   44.336860][ T4008] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   44.352395][ T3976] netlink: 5 bytes leftover after parsing attributes in process `syz.2.155'.
[   44.361880][ T4002] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   44.374399][ T4002] EXT4-fs (loop2): This should not happen!! Data will be lost
[   44.374399][ T4002] 
[   44.375265][ T4003] gretap0: entered promiscuous mode
[   44.384119][ T4002] EXT4-fs (loop2): Total free blocks count 0
[   44.395334][ T4002] EXT4-fs (loop2): Free/Dirty block details
[   44.401282][ T4002] EXT4-fs (loop2): free_blocks=2415919104
[   44.407105][ T4002] EXT4-fs (loop2): dirty_blocks=8208
[   44.412461][ T4002] EXT4-fs (loop2): Block reservation details
[   44.418481][ T4002] EXT4-fs (loop2): i_reserved_data_blocks=513
[   44.426340][ T4001] netlink: 200 bytes leftover after parsing attributes in process `+}[@'.
[   44.435095][ T3976] 0�X��D: renamed from gretap0
[   44.442349][ T3976] 0�X��D: left promiscuous mode
[   44.447357][ T3976] 0�X��D: entered allmulticast mode
[   44.454506][ T3976] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[   44.498330][ T3994] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   44.499649][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.516400][ T4017] loop3: detected capacity change from 0 to 128
[   44.526637][ T4017] EXT4-fs: Ignoring removed nobh option
[   44.534099][ T4019] FAULT_INJECTION: forcing a failure.
[   44.534099][ T4019] name failslab, interval 1, probability 0, space 0, times 0
[   44.537825][ T3994] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   44.546833][ T4019] CPU: 1 UID: 0 PID: 4019 Comm: syz.0.166 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   44.546861][ T4019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   44.546871][ T4019] Call Trace:
[   44.546876][ T4019]  <TASK>
[   44.546882][ T4019]  __dump_stack+0x1d/0x30
[   44.546899][ T4019]  dump_stack_lvl+0xe8/0x140
[   44.546920][ T4019]  dump_stack+0x15/0x1b
[   44.547001][ T4019]  should_fail_ex+0x265/0x280
[   44.547038][ T4019]  should_failslab+0x8c/0xb0
[   44.547083][ T4019]  kmem_cache_alloc_node_noprof+0x57/0x320
[   44.547116][ T4019]  ? __alloc_skb+0x101/0x320
[   44.547155][ T4019]  __alloc_skb+0x101/0x320
[   44.547203][ T4019]  netlink_alloc_large_skb+0xba/0xf0
[   44.547238][ T4019]  netlink_sendmsg+0x3cf/0x6b0
[   44.547336][ T4019]  ? __pfx_netlink_sendmsg+0x10/0x10
[   44.547359][ T4019]  __sock_sendmsg+0x142/0x180
[   44.547388][ T4019]  ____sys_sendmsg+0x31e/0x4e0
[   44.547429][ T4019]  ___sys_sendmsg+0x17b/0x1d0
[   44.547499][ T4019]  __x64_sys_sendmsg+0xd4/0x160
[   44.547542][ T4019]  x64_sys_call+0x2999/0x2fb0
[   44.547566][ T4019]  do_syscall_64+0xd2/0x200
[   44.547593][ T4019]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   44.547661][ T4019]  ? clear_bhb_loop+0x40/0x90
[   44.547703][ T4019]  ? clear_bhb_loop+0x40/0x90
[   44.547790][ T4019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.547815][ T4019] RIP: 0033:0x7fad930ce9a9
[   44.547833][ T4019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.547854][ T4019] RSP: 002b:00007fad91737038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   44.547942][ T4019] RAX: ffffffffffffffda RBX: 00007fad932f5fa0 RCX: 00007fad930ce9a9
[   44.547957][ T4019] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[   44.548044][ T4019] RBP: 00007fad91737090 R08: 0000000000000000 R09: 0000000000000000
[   44.548073][ T4019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.548086][ T4019] R13: 0000000000000000 R14: 00007fad932f5fa0 R15: 00007ffde854fc88
[   44.548110][ T4019]  </TASK>
[   44.658823][ T4017] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   44.667411][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   44.781697][ T3994] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   44.797650][ T4017] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   44.802389][ T3994] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   44.822842][ T4017] netlink: 8 bytes leftover after parsing attributes in process `syz.3.167'.
[   44.845997][ T3305] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   45.622561][ T4047] netlink: 'syz.1.176': attribute type 10 has an invalid length.
[   45.630835][ T4047] netlink: 40 bytes leftover after parsing attributes in process `syz.1.176'.
[   45.661272][ T4047] team0: Device geneve1 is up. Set it down before adding it as a team port
[   45.674291][ T4047] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   45.805419][ T4056] loop1: detected capacity change from 0 to 512
[   45.853944][ T4056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.899226][ T4056] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   45.950838][ T4074] loop4: detected capacity change from 0 to 512
[   45.969766][ T4077] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.178: iget: bad i_size value: 2533274857506816
[   46.029574][ T4074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.058240][ T4074] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.071046][ T4084] loop2: detected capacity change from 0 to 512
[   46.116860][ T4074] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.180: iget: bad i_size value: 2533274857506816
[   46.144715][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.145353][ T4084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.166417][ T4084] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.258160][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.270650][ T4084] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.182: iget: bad i_size value: 2533274857506816
[   46.301560][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.417669][ T4105] loop0: detected capacity change from 0 to 128
[   46.433365][ T4105] EXT4-fs: Ignoring removed nobh option
[   46.474738][ T4109] loop2: detected capacity change from 0 to 2048
[   46.639898][ T4105] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   46.653875][ T4105] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   46.683181][ T4109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.716463][ T4105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.186'.
[   46.818761][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.896626][ T3311] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   46.933603][ T4125] loop2: detected capacity change from 0 to 512
[   46.975776][ T4128] netlink: 'syz.0.195': attribute type 21 has an invalid length.
[   46.986091][ T4125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.008105][ T4128] netlink: 132 bytes leftover after parsing attributes in process `syz.0.195'.
[   47.017072][ T4128] netlink: 'syz.0.195': attribute type 1 has an invalid length.
[   47.079293][ T4125] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   47.176141][ T4125] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.196: iget: bad i_size value: 2533274857506816
[   47.217733][ T4136] loop0: detected capacity change from 0 to 512
[   47.257427][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.282955][ T4136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.295867][ T4136] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   47.307286][ T4139] FAULT_INJECTION: forcing a failure.
[   47.307286][ T4139] name failslab, interval 1, probability 0, space 0, times 0
[   47.319961][ T4139] CPU: 0 UID: 0 PID: 4139 Comm: syz.4.200 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   47.320185][ T4139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   47.320200][ T4139] Call Trace:
[   47.320207][ T4139]  <TASK>
[   47.320215][ T4139]  __dump_stack+0x1d/0x30
[   47.320233][ T4139]  dump_stack_lvl+0xe8/0x140
[   47.320250][ T4139]  dump_stack+0x15/0x1b
[   47.320267][ T4139]  should_fail_ex+0x265/0x280
[   47.320347][ T4139]  should_failslab+0x8c/0xb0
[   47.320427][ T4139]  __kmalloc_noprof+0xa5/0x3e0
[   47.320502][ T4139]  ? aio_setup_ring+0x1e8/0x760
[   47.320536][ T4139]  aio_setup_ring+0x1e8/0x760
[   47.320639][ T4139]  ioctx_alloc+0x2c4/0x4e0
[   47.320703][ T4139]  __se_sys_io_setup+0x6b/0x1b0
[   47.320738][ T4139]  __x64_sys_io_setup+0x31/0x40
[   47.320780][ T4139]  x64_sys_call+0x2f0e/0x2fb0
[   47.320801][ T4139]  do_syscall_64+0xd2/0x200
[   47.320860][ T4139]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   47.320882][ T4139]  ? clear_bhb_loop+0x40/0x90
[   47.320905][ T4139]  ? clear_bhb_loop+0x40/0x90
[   47.320928][ T4139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.320999][ T4139] RIP: 0033:0x7f3e982de9a9
[   47.321016][ T4139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.321034][ T4139] RSP: 002b:00007f3e9693f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[   47.321091][ T4139] RAX: ffffffffffffffda RBX: 00007f3e98505fa0 RCX: 00007f3e982de9a9
[   47.321102][ T4139] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000200
[   47.321111][ T4139] RBP: 00007f3e9693f090 R08: 0000000000000000 R09: 0000000000000000
[   47.321121][ T4139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   47.321130][ T4139] R13: 0000000000000000 R14: 00007f3e98505fa0 R15: 00007ffdb0cab778
[   47.321193][ T4139]  </TASK>
[   47.412235][ T4142] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.199: iget: bad i_size value: 2533274857506816
[   47.543367][ T4144] syz.1.198 uses obsolete (PF_INET,SOCK_PACKET)
[   47.550143][ T4144] syzkaller1: entered promiscuous mode
[   47.555726][ T4144] syzkaller1: entered allmulticast mode
[   47.578646][   T29] kauditd_printk_skb: 166 callbacks suppressed
[   47.578662][   T29] audit: type=1326 audit(1753061199.422:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f812627ea37 code=0x7ffc0000
[   47.585559][ T4144] loop1: detected capacity change from 0 to 764
[   47.610459][   T29] audit: type=1326 audit(1753061199.422:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f812627d310 code=0x7ffc0000
[   47.637903][   T29] audit: type=1326 audit(1753061199.422:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f812627e5ab code=0x7ffc0000
[   47.674299][ T4148] netlink: 'syz.4.202': attribute type 21 has an invalid length.
[   47.688743][ T4146] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.700770][ T4144] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   47.709555][   T29] audit: type=1326 audit(1753061199.512:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f812627d60a code=0x7ffc0000
[   47.732710][   T29] audit: type=1326 audit(1753061199.512:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f812627d60a code=0x7ffc0000
[   47.755793][   T29] audit: type=1326 audit(1753061199.512:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f812627d217 code=0x7ffc0000
[   47.779290][   T29] audit: type=1326 audit(1753061199.512:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f812628014a code=0x7ffc0000
[   47.806072][ T4148] netlink: 'syz.4.202': attribute type 1 has an invalid length.
[   47.814387][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.832779][ T4146] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.853902][   T29] audit: type=1400 audit(1753061199.552:984): avc:  denied  { mount } for  pid=4143 comm="syz.1.198" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   47.876233][   T29] audit: type=1326 audit(1753061199.552:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f812627d310 code=0x7ffc0000
[   47.899679][   T29] audit: type=1326 audit(1753061199.572:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4143 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f812627d6f7 code=0x7ffc0000
[   47.925167][ T4160] loop4: detected capacity change from 0 to 256
[   47.927829][ T4162] netlink: 'syz.3.207': attribute type 10 has an invalid length.
[   47.939889][ T4162] team0: Device geneve1 is up. Set it down before adding it as a team port
[   47.957605][ T4162] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   47.994152][ T4146] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.040932][ T4146] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.164941][ T4174] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   48.178066][ T4174] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   48.190463][ T4174] loop0: detected capacity change from 0 to 512
[   48.228712][ T4174] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   48.240299][ T4179] netlink: 'syz.1.212': attribute type 21 has an invalid length.
[   48.242371][ T4174] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.211: bad orphan inode 15
[   48.248386][ T4179] netlink: 'syz.1.212': attribute type 1 has an invalid length.
[   48.278230][ T4146] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.300278][ T4174] ext4_test_bit(bit=14, block=4) = 1
[   48.305636][ T4174] is_bad_inode(inode)=0
[   48.309909][ T4174] NEXT_ORPHAN(inode)=0
[   48.313978][ T4174] max_ino=32
[   48.317227][ T4174] i_nlink=1
[   48.325189][ T4146] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.348635][ T4174] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.371567][ T4146] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.394171][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.399622][ T4146] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.434453][ T4189] netlink: 'syz.1.217': attribute type 21 has an invalid length.
[   48.443576][ T4189] netlink: 'syz.1.217': attribute type 1 has an invalid length.
[   48.482520][ T4194] loop2: detected capacity change from 0 to 128
[   48.494267][ T4194] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   48.529261][ T4194] ext4 filesystem being mounted at /31/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   48.558869][ T3309] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   48.583870][ T4202] FAULT_INJECTION: forcing a failure.
[   48.583870][ T4202] name failslab, interval 1, probability 0, space 0, times 0
[   48.596646][ T4202] CPU: 1 UID: 0 PID: 4202 Comm: syz.0.221 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   48.596755][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   48.596769][ T4202] Call Trace:
[   48.596776][ T4202]  <TASK>
[   48.596785][ T4202]  __dump_stack+0x1d/0x30
[   48.596809][ T4202]  dump_stack_lvl+0xe8/0x140
[   48.596832][ T4202]  dump_stack+0x15/0x1b
[   48.596892][ T4202]  should_fail_ex+0x265/0x280
[   48.596926][ T4202]  should_failslab+0x8c/0xb0
[   48.596950][ T4202]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   48.596982][ T4202]  ? sidtab_sid2str_get+0xa0/0x130
[   48.597069][ T4202]  ? skb_put+0xa9/0xf0
[   48.597101][ T4202]  kmemdup_noprof+0x2b/0x70
[   48.597179][ T4202]  sidtab_sid2str_get+0xa0/0x130
[   48.597204][ T4202]  security_sid_to_context_core+0x1eb/0x2e0
[   48.597300][ T4202]  security_sid_to_context+0x27/0x40
[   48.597329][ T4202]  avc_audit_post_callback+0x9d/0x520
[   48.597372][ T4202]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   48.597407][ T4202]  common_lsm_audit+0x1bb/0x230
[   48.597461][ T4202]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   48.597494][ T4202]  ? avc_denied+0xe4/0x100
[   48.597526][ T4202]  slow_avc_audit+0x104/0x140
[   48.597562][ T4202]  avc_has_perm+0x128/0x150
[   48.597622][ T4202]  selinux_mount+0x2ba/0x310
[   48.597737][ T4202]  ? bpf_trace_run3+0x12c/0x1d0
[   48.597766][ T4202]  security_sb_mount+0x5f/0xb0
[   48.597803][ T4202]  ? path_mount+0x89/0xb20
[   48.597907][ T4202]  path_mount+0xa9/0xb20
[   48.597938][ T4202]  ? user_path_at+0x109/0x130
[   48.597964][ T4202]  __se_sys_mount+0x28f/0x2e0
[   48.598069][ T4202]  __x64_sys_mount+0x67/0x80
[   48.598101][ T4202]  x64_sys_call+0xd36/0x2fb0
[   48.598122][ T4202]  do_syscall_64+0xd2/0x200
[   48.598140][ T4202]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.598171][ T4202]  ? clear_bhb_loop+0x40/0x90
[   48.598192][ T4202]  ? clear_bhb_loop+0x40/0x90
[   48.598214][ T4202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.598234][ T4202] RIP: 0033:0x7fad930d014a
[   48.598249][ T4202] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.598266][ T4202] RSP: 002b:00007fad91736e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   48.598319][ T4202] RAX: ffffffffffffffda RBX: 00007fad91736ef0 RCX: 00007fad930d014a
[   48.598410][ T4202] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 0000000000000000
[   48.598422][ T4202] RBP: 0000200000000180 R08: 00007fad91736ef0 R09: 00000000000000e0
[   48.598434][ T4202] R10: 00000000000000e0 R11: 0000000000000246 R12: 0000200000000040
[   48.598446][ T4202] R13: 00007fad91736eb0 R14: 0000000000000000 R15: 00002000000001c0
[   48.598465][ T4202]  </TASK>
[   48.955641][ T4208] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.012280][ T4208] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.061924][ T4208] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.134287][ T4221] loop9: detected capacity change from 0 to 7
[   49.153365][ T4208] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.168081][ T4221] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.178514][ T4221] Buffer I/O error on dev loop9, logical block 0, async page read
[   49.186411][ T4221]  loop9: unable to read partition table
[   49.219213][ T4208] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.222000][ T4221] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   49.222000][ T4221] 
) failed (rc=-5)
[   49.246132][ T4223] loop4: detected capacity change from 0 to 512
[   49.258949][ T4208] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.269211][ T4223] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.287018][ T4208] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.295385][ T4223] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.308459][ T4223] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.311098][ T4208] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.399121][ T4229] loop2: detected capacity change from 0 to 2048
[   49.440081][ T4229] Alternate GPT is invalid, using primary GPT.
[   49.446364][ T4229]  loop2: p1 p2 p3
[   49.449543][ T4236] nfs4: Bad value for 'source'
[   49.528434][ T4243] loop2: detected capacity change from 0 to 128
[   49.545242][ T4243] EXT4-fs: Ignoring removed nobh option
[   49.566653][ T4243] ext4 filesystem being mounted at /35/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   49.579261][ T4243] __nla_validate_parse: 4 callbacks suppressed
[   49.579282][ T4243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.232'.
[   49.708488][ T4254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.727995][ T4254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.741508][ T4261] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.769798][ T4254] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.810321][ T4261] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.839675][ T4254] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.899563][ T4261] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.943990][ T4254] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.970154][ T4261] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.021423][ T4254] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.144535][ T4269] loop3: detected capacity change from 0 to 512
[   50.180750][ T4269] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   50.248964][ T4269] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.241: iget: bad i_size value: 2533274857506816
[   50.477470][ T4282] loop3: detected capacity change from 0 to 2048
[   50.542989][ T4286] loop3: detected capacity change from 0 to 256
[   50.574036][ T4286] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=4286 comm=syz.3.245
[   50.620180][ T4286] syzkaller1: entered promiscuous mode
[   50.625706][ T4286] syzkaller1: entered allmulticast mode
[   50.807813][ T4292] loop3: detected capacity change from 0 to 164
[   50.828852][ T4292] ISOFS: unable to read i-node block
[   50.834191][ T4292] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   51.150078][ T4301] loop1: detected capacity change from 0 to 512
[   51.159126][ T4300] SELinux:  Context system_u:object is not valid (left unmapped).
[   51.181398][ T4301] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.191919][ T4305] loop4: detected capacity change from 0 to 1024
[   51.236891][ T4301] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.251: iget: bad i_size value: 2533274857506816
[   51.301162][ T4315] FAULT_INJECTION: forcing a failure.
[   51.301162][ T4315] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   51.314552][ T4315] CPU: 0 UID: 0 PID: 4315 Comm: syz.4.255 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   51.314587][ T4315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   51.314662][ T4315] Call Trace:
[   51.314667][ T4315]  <TASK>
[   51.314672][ T4315]  __dump_stack+0x1d/0x30
[   51.314691][ T4315]  dump_stack_lvl+0xe8/0x140
[   51.314768][ T4315]  dump_stack+0x15/0x1b
[   51.314783][ T4315]  should_fail_ex+0x265/0x280
[   51.314853][ T4315]  should_fail_alloc_page+0xf2/0x100
[   51.314873][ T4315]  alloc_pages_bulk_noprof+0xef/0x540
[   51.314911][ T4315]  copy_splice_read+0xf3/0x5f0
[   51.314940][ T4315]  ? __pfx_copy_splice_read+0x10/0x10
[   51.315072][ T4315]  splice_direct_to_actor+0x26c/0x680
[   51.315099][ T4315]  ? __pfx_direct_splice_actor+0x10/0x10
[   51.315217][ T4315]  do_splice_direct+0xda/0x150
[   51.315242][ T4315]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   51.315336][ T4315]  do_sendfile+0x380/0x650
[   51.315360][ T4315]  __x64_sys_sendfile64+0x105/0x150
[   51.315380][ T4315]  x64_sys_call+0xb39/0x2fb0
[   51.315408][ T4315]  do_syscall_64+0xd2/0x200
[   51.315431][ T4315]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.315535][ T4315]  ? clear_bhb_loop+0x40/0x90
[   51.315579][ T4315]  ? clear_bhb_loop+0x40/0x90
[   51.315599][ T4315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.315617][ T4315] RIP: 0033:0x7f3e982de9a9
[   51.315631][ T4315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.315719][ T4315] RSP: 002b:00007f3e9693f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   51.315735][ T4315] RAX: ffffffffffffffda RBX: 00007f3e98505fa0 RCX: 00007f3e982de9a9
[   51.315745][ T4315] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[   51.315756][ T4315] RBP: 00007f3e9693f090 R08: 0000000000000000 R09: 0000000000000000
[   51.315766][ T4315] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   51.315777][ T4315] R13: 0000000000000000 R14: 00007f3e98505fa0 R15: 00007ffdb0cab778
[   51.315815][ T4315]  </TASK>
[   51.635905][ T4325] loop1: detected capacity change from 0 to 2048
[   51.673233][ T4339] loop4: detected capacity change from 0 to 512
[   51.700012][ T4339] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.744091][ T4339] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.262: iget: bad i_size value: 2533274857506816
[   51.776063][ T4349] 8021q: VLANs not supported on ipvlan0
[   51.816689][ T4354] loop3: detected capacity change from 0 to 512
[   51.859202][ T4354] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.903592][ T4354] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.268: iget: bad i_size value: 2533274857506816
[   52.615817][ T4254] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.657383][ T4254] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.670636][ T4254] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.681963][ T4254] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.690323][   T29] kauditd_printk_skb: 250 callbacks suppressed
[   52.690335][   T29] audit: type=1400 audit(1753061204.522:1237): avc:  denied  { connect } for  pid=4374 comm="syz.1.274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   52.758494][ T4381] loop3: detected capacity change from 0 to 512
[   52.779943][ T4381] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.795114][ T4386] loop4: detected capacity change from 0 to 164
[   52.802756][ T4382] loop1: detected capacity change from 0 to 2048
[   52.817076][ T4386] ISOFS: unable to read i-node block
[   52.822442][ T4386] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   52.865074][ T4392] 8021q: VLANs not supported on ipvlan0
[   52.870889][ T4392] FAULT_INJECTION: forcing a failure.
[   52.870889][ T4392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.884079][ T4392] CPU: 1 UID: 0 PID: 4392 Comm: syz.2.281 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   52.884111][ T4392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   52.884126][ T4392] Call Trace:
[   52.884131][ T4392]  <TASK>
[   52.884136][ T4392]  __dump_stack+0x1d/0x30
[   52.884159][ T4392]  dump_stack_lvl+0xe8/0x140
[   52.884180][ T4392]  dump_stack+0x15/0x1b
[   52.884199][ T4392]  should_fail_ex+0x265/0x280
[   52.884249][ T4392]  should_fail+0xb/0x20
[   52.884280][ T4392]  should_fail_usercopy+0x1a/0x20
[   52.884336][ T4392]  _copy_from_user+0x1c/0xb0
[   52.884359][ T4392]  kstrtouint_from_user+0x69/0xf0
[   52.884387][ T4392]  ? 0xffffffff81000000
[   52.884416][ T4392]  ? selinux_file_permission+0x1e4/0x320
[   52.884445][ T4392]  proc_fail_nth_write+0x50/0x160
[   52.884483][ T4392]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   52.884604][ T4392]  vfs_write+0x266/0x8e0
[   52.884680][ T4392]  ? vfs_read+0x47f/0x6f0
[   52.884704][ T4392]  ? __rcu_read_unlock+0x4f/0x70
[   52.884741][ T4392]  ? __fget_files+0x184/0x1c0
[   52.884760][ T4392]  ? finish_task_switch+0xad/0x2b0
[   52.884797][ T4392]  ksys_write+0xda/0x1a0
[   52.884909][ T4392]  __x64_sys_write+0x40/0x50
[   52.884994][ T4392]  x64_sys_call+0x2cdd/0x2fb0
[   52.885066][ T4392]  do_syscall_64+0xd2/0x200
[   52.885186][ T4392]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.885300][ T4392]  ? clear_bhb_loop+0x40/0x90
[   52.885325][ T4392]  ? clear_bhb_loop+0x40/0x90
[   52.885353][ T4392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.885425][ T4392] RIP: 0033:0x7facbeffd45f
[   52.885442][ T4392] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   52.885487][ T4392] RSP: 002b:00007facbd65f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   52.885510][ T4392] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007facbeffd45f
[   52.885598][ T4392] RDX: 0000000000000001 RSI: 00007facbd65f0a0 RDI: 0000000000000004
[   52.885610][ T4392] RBP: 00007facbd65f090 R08: 0000000000000000 R09: 0000000000000000
[   52.885621][ T4392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   52.885634][ T4392] R13: 0000000000000000 R14: 00007facbf225fa0 R15: 00007ffecfd9b668
[   52.885658][ T4392]  </TASK>
[   52.938908][ T4393] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.277: iget: bad i_size value: 2533274857506816
[   53.210837][   T29] audit: type=1400 audit(1753061205.052:1238): avc:  denied  { create } for  pid=4404 comm="syz.3.285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   53.255938][ T4405] netlink: 'syz.3.285': attribute type 1 has an invalid length.
[   53.275077][   T29] audit: type=1400 audit(1753061205.112:1239): avc:  denied  { create } for  pid=4413 comm="syz.4.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   53.294675][   T29] audit: type=1400 audit(1753061205.112:1240): avc:  denied  { bind } for  pid=4413 comm="syz.4.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   53.314085][   T29] audit: type=1400 audit(1753061205.112:1241): avc:  denied  { listen } for  pid=4413 comm="syz.4.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   53.333646][   T29] audit: type=1400 audit(1753061205.112:1242): avc:  denied  { accept } for  pid=4413 comm="syz.4.287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   53.357999][   T29] audit: type=1326 audit(1753061205.162:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   53.381513][   T29] audit: type=1326 audit(1753061205.162:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   53.404961][   T29] audit: type=1326 audit(1753061205.162:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4403 comm="syz.1.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   53.437272][ T4417] SELinux:  Context system_u:object_r:clock_device_t:s0 is not valid (left unmapped).
[   53.438222][   T29] audit: type=1400 audit(1753061205.272:1246): avc:  denied  { ioctl } for  pid=4416 comm="syz.3.288" path="socket:[8450]" dev="sockfs" ino=8450 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   53.510150][ T4425] loop3: detected capacity change from 0 to 128
[   53.516689][ T4425] EXT4-fs: Ignoring removed nobh option
[   53.527430][ T4425] ext4 filesystem being mounted at /78/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   53.544675][ T4429] loop4: detected capacity change from 0 to 512
[   53.555784][ T4425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.289'.
[   53.568429][ T4429] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   53.604207][ T4429] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.291: iget: bad i_size value: 2533274857506816
[   53.639414][ T4439] netlink: 4 bytes leftover after parsing attributes in process `syz.3.295'.
[   53.675555][ T4443] netlink: 'syz.4.296': attribute type 1 has an invalid length.
[   53.695110][ T4444] loop1: detected capacity change from 0 to 512
[   53.701942][ T4443] bond1: entered promiscuous mode
[   53.707055][ T4443] bond1: entered allmulticast mode
[   53.713607][ T4443] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.722540][ T4439] loop3: detected capacity change from 0 to 512
[   53.730948][ T4444] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.786797][ T4451] netlink: 'syz.3.297': attribute type 8 has an invalid length.
[   53.805563][ T4451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.297'.
[   53.824291][ T4451] mmap: syz.3.297 (4451): VmData 167489536 exceed data ulimit 67108945. Update limits or use boot option ignore_rlimit_data.
[   54.149454][ T4459] loop2: detected capacity change from 0 to 512
[   54.158735][ T4459] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   54.166810][ T4459] EXT4-fs (loop2): orphan cleanup on readonly fs
[   54.174778][ T4459] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.299: corrupted inode contents
[   54.186681][ T4459] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #16: comm syz.2.299: mark_inode_dirty error
[   54.198231][ T4459] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.299: corrupted inode contents
[   54.210140][ T4459] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.299: mark_inode_dirty error
[   54.221479][ T4459] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.299: corrupted inode contents
[   54.229826][ T4261] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.234713][ T4459] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   54.246002][ T4261] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.250494][ T4459] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.299: corrupted inode contents
[   54.262842][ T4261] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.271494][ T4459] EXT4-fs error (device loop2): ext4_truncate:4597: inode #16: comm syz.2.299: mark_inode_dirty error
[   54.282463][ T4261] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.290650][ T4459] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   54.307121][ T4459] EXT4-fs (loop2): 1 truncate cleaned up
[   54.313465][ T2910] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[   54.341329][ T4459] netlink: 14 bytes leftover after parsing attributes in process `syz.2.299'.
[   54.350354][ T4459] hsr_slave_0: left promiscuous mode
[   54.356769][ T4459] hsr_slave_1: left promiscuous mode
[   54.458285][ T4474] loop0: detected capacity change from 0 to 512
[   54.470586][ T4474] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   54.530070][ T4474] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.304: iget: bad i_size value: 2533274857506816
[   54.579126][ T4487] loop1: detected capacity change from 0 to 2048
[   54.618468][ T4487] Alternate GPT is invalid, using primary GPT.
[   54.624853][ T4487]  loop1: p1 p2 p3
[   54.629161][ T4490] capability: warning: `syz.4.307' uses 32-bit capabilities (legacy support in use)
[   54.664334][ T4495] loop3: detected capacity change from 0 to 128
[   54.671086][ T4495] EXT4-fs: Ignoring removed nobh option
[   54.684460][ T4495] ext4 filesystem being mounted at /83/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.696879][ T4498] loop1: detected capacity change from 0 to 512
[   54.708540][ T4498] EXT4-fs: inline encryption not supported
[   54.720428][ T4498] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.738999][ T4498] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[   54.749884][ T4498] EXT4-fs (loop1): group descriptors corrupted!
[   54.765547][ T4498] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=4498 comm=syz.1.312
[   54.824889][ T4504] loop1: detected capacity change from 0 to 1024
[   54.865292][ T4510] loop4: detected capacity change from 0 to 512
[   54.881168][ T4510] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.936256][ T4515] loop1: detected capacity change from 0 to 1024
[   55.098478][ T4515] FAULT_INJECTION: forcing a failure.
[   55.098478][ T4515] name failslab, interval 1, probability 0, space 0, times 0
[   55.111184][ T4515] CPU: 1 UID: 0 PID: 4515 Comm: syz.1.317 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   55.111244][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.111259][ T4515] Call Trace:
[   55.111266][ T4515]  <TASK>
[   55.111273][ T4515]  __dump_stack+0x1d/0x30
[   55.111294][ T4515]  dump_stack_lvl+0xe8/0x140
[   55.111317][ T4515]  dump_stack+0x15/0x1b
[   55.111336][ T4515]  should_fail_ex+0x265/0x280
[   55.111445][ T4515]  ? __iomap_dio_rw+0x14b/0x1250
[   55.111550][ T4515]  should_failslab+0x8c/0xb0
[   55.111572][ T4515]  __kmalloc_cache_noprof+0x4c/0x320
[   55.111599][ T4515]  __iomap_dio_rw+0x14b/0x1250
[   55.111629][ T4515]  ? security_inode_alloc+0x37/0x100
[   55.111684][ T4515]  ? ext4_xattr_security_get+0x32/0x40
[   55.111710][ T4515]  ? __pfx_ext4_xattr_security_get+0x10/0x10
[   55.111742][ T4515]  ? __vfs_getxattr+0x2aa/0x2c0
[   55.111824][ T4515]  ? ext4_journal_check_start+0x11a/0x1b0
[   55.111924][ T4515]  iomap_dio_rw+0x40/0x90
[   55.111950][ T4515]  ext4_file_write_iter+0xad9/0xf00
[   55.112057][ T4515]  do_iter_readv_writev+0x41e/0x4c0
[   55.112090][ T4515]  vfs_writev+0x2df/0x8b0
[   55.112199][ T4515]  __se_sys_pwritev2+0xfc/0x1c0
[   55.112224][ T4515]  __x64_sys_pwritev2+0x67/0x80
[   55.112247][ T4515]  x64_sys_call+0x1cea/0x2fb0
[   55.112271][ T4515]  do_syscall_64+0xd2/0x200
[   55.112289][ T4515]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.112323][ T4515]  ? clear_bhb_loop+0x40/0x90
[   55.112341][ T4515]  ? clear_bhb_loop+0x40/0x90
[   55.112365][ T4515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.112388][ T4515] RIP: 0033:0x7f812627e9a9
[   55.112414][ T4515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.112429][ T4515] RSP: 002b:00007f81248e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   55.112445][ T4515] RAX: ffffffffffffffda RBX: 00007f81264a5fa0 RCX: 00007f812627e9a9
[   55.112456][ T4515] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000006
[   55.112466][ T4515] RBP: 00007f81248e7090 R08: 0000000000000000 R09: 0000000000000003
[   55.112476][ T4515] R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000001
[   55.112495][ T4515] R13: 0000000000000000 R14: 00007f81264a5fa0 R15: 00007ffe87d61078
[   55.112512][ T4515]  </TASK>
[   55.402474][ T4529] loop4: detected capacity change from 0 to 1024
[   55.472745][ T4524] loop3: detected capacity change from 0 to 1024
[   55.498525][ T4533] loop1: detected capacity change from 0 to 512
[   55.521660][ T4533] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   55.559930][ T4537] loop0: detected capacity change from 0 to 512
[   55.589585][ T4537] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   55.654400][ T4541] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.321: iget: bad i_size value: 2533274857506816
[   55.707912][ T4529] netlink: 4 bytes leftover after parsing attributes in process `syz.4.320'.
[   55.724978][ T4537] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.322: iget: bad i_size value: 2533274857506816
[   55.727952][ T4529] netlink: 4 bytes leftover after parsing attributes in process `syz.4.320'.
[   55.771681][ T4538] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   55.779275][ T4543] netlink: 'syz.1.323': attribute type 10 has an invalid length.
[   55.795054][ T4543] netlink: 40 bytes leftover after parsing attributes in process `syz.1.323'.
[   55.804853][ T4543] team0: Device geneve1 is up. Set it down before adding it as a team port
[   55.818465][ T4543] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   55.910416][ T4553] usb usb1: usbfs: process 4553 (syz.4.325) did not claim interface 0 before use
[   55.912377][ T4551] loop0: detected capacity change from 0 to 128
[   56.047231][ T4559] loop4: detected capacity change from 0 to 2048
[   56.074273][ T4560] syzkaller1: entered promiscuous mode
[   56.079808][ T4560] syzkaller1: entered allmulticast mode
[   56.160706][ T4568] loop4: detected capacity change from 0 to 1024
[   56.176421][ T4568] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   56.201947][ T4568] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.331: Invalid block bitmap block 0 in block_group 0
[   56.230151][ T4568] EXT4-fs (loop4): Remounting filesystem read-only
[   56.246916][ T4568] EXT4-fs (loop4): 1 orphan inode deleted
[   56.882184][ T4576] loop1: detected capacity change from 0 to 512
[   56.909735][ T4576] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.975455][ T4576] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.333: iget: bad i_size value: 2533274857506816
[   57.042833][ T4587] loop3: detected capacity change from 0 to 164
[   57.056609][ T4580] loop1: detected capacity change from 0 to 2048
[   57.063302][ T4587] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   57.165896][ T4592] netlink: 'syz.1.337': attribute type 10 has an invalid length.
[   57.175205][ T4592] netlink: 40 bytes leftover after parsing attributes in process `syz.1.337'.
[   57.192511][ T4592] team0: Device geneve1 is up. Set it down before adding it as a team port
[   57.192901][ T4587] Invalid ELF header magic: != ELF
[   57.210118][ T4592] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   57.291750][ T4598] sch_fq: defrate 4294967295 ignored.
[   57.497303][ T4608] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.551391][ T4608] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.604001][ T4616] loop2: detected capacity change from 0 to 512
[   57.612541][ T4608] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.631365][ T4616] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.672658][ T4608] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.698784][ T4616] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.345: iget: bad i_size value: 2533274857506816
[   57.743015][   T29] kauditd_printk_skb: 307 callbacks suppressed
[   57.743026][   T29] audit: type=1326 audit(1753061209.582:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.744239][ T4608] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.750529][   T29] audit: type=1326 audit(1753061209.592:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.786213][ T4608] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.804141][   T29] audit: type=1326 audit(1753061209.592:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.835781][   T29] audit: type=1326 audit(1753061209.592:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.859430][   T29] audit: type=1326 audit(1753061209.592:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.866814][ T4608] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.882767][   T29] audit: type=1326 audit(1753061209.592:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.882794][   T29] audit: type=1326 audit(1753061209.592:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.896266][ T4608] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.914378][   T29] audit: type=1326 audit(1753061209.592:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   57.914864][   T29] audit: type=1326 audit(1753061209.622:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f812627d60a code=0x7ffc0000
[   57.992576][   T29] audit: type=1326 audit(1753061209.622:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4620 comm="syz.1.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f81262b1265 code=0x7ffc0000
[   58.053884][ T4626] netlink: 'syz.0.349': attribute type 10 has an invalid length.
[   58.062181][ T4626] netlink: 40 bytes leftover after parsing attributes in process `syz.0.349'.
[   58.062275][ T4621] loop1: detected capacity change from 0 to 8192
[   58.091065][ T4626] team0: Device geneve1 is up. Set it down before adding it as a team port
[   58.104662][ T4626] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   58.156184][ T4633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.350'.
[   58.181141][ T4631] loop0: detected capacity change from 0 to 2048
[   58.192655][ T4635] FAULT_INJECTION: forcing a failure.
[   58.192655][ T4635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.205761][ T4635] CPU: 0 UID: 0 PID: 4635 Comm: syz.2.352 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   58.205859][ T4635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   58.205874][ T4635] Call Trace:
[   58.205882][ T4635]  <TASK>
[   58.205908][ T4635]  __dump_stack+0x1d/0x30
[   58.205929][ T4635]  dump_stack_lvl+0xe8/0x140
[   58.205947][ T4635]  dump_stack+0x15/0x1b
[   58.205963][ T4635]  should_fail_ex+0x265/0x280
[   58.206058][ T4635]  should_fail+0xb/0x20
[   58.206092][ T4635]  should_fail_usercopy+0x1a/0x20
[   58.206131][ T4635]  _copy_to_user+0x20/0xa0
[   58.206161][ T4635]  simple_read_from_buffer+0xb5/0x130
[   58.206211][ T4635]  proc_fail_nth_read+0x100/0x140
[   58.206252][ T4635]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   58.206340][ T4635]  vfs_read+0x19d/0x6f0
[   58.206375][ T4635]  ? __rcu_read_unlock+0x4f/0x70
[   58.206467][ T4635]  ? __rcu_read_unlock+0x4f/0x70
[   58.206490][ T4635]  ? __fget_files+0x184/0x1c0
[   58.206517][ T4635]  ksys_read+0xda/0x1a0
[   58.206613][ T4635]  __x64_sys_read+0x40/0x50
[   58.206713][ T4635]  x64_sys_call+0x2d77/0x2fb0
[   58.206730][ T4635]  do_syscall_64+0xd2/0x200
[   58.206749][ T4635]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.206774][ T4635]  ? clear_bhb_loop+0x40/0x90
[   58.206835][ T4635]  ? clear_bhb_loop+0x40/0x90
[   58.206858][ T4635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.206919][ T4635] RIP: 0033:0x7facbeffd3bc
[   58.206935][ T4635] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   58.206952][ T4635] RSP: 002b:00007facbd65f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   58.206968][ T4635] RAX: ffffffffffffffda RBX: 00007facbf225fa0 RCX: 00007facbeffd3bc
[   58.206978][ T4635] RDX: 000000000000000f RSI: 00007facbd65f0a0 RDI: 0000000000000007
[   58.206988][ T4635] RBP: 00007facbd65f090 R08: 0000000000000000 R09: 0000000000000000
[   58.207000][ T4635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.207010][ T4635] R13: 0000000000000000 R14: 00007facbf225fa0 R15: 00007ffecfd9b668
[   58.207055][ T4635]  </TASK>
[   58.458373][ T4631] Alternate GPT is invalid, using primary GPT.
[   58.464894][ T4631]  loop0: p1 p2 p3
[   58.548328][ T4643] loop2: detected capacity change from 0 to 2048
[   58.750331][ T4658] loop1: detected capacity change from 0 to 1024
[   58.763796][ T4658] EXT4-fs: Ignoring removed nobh option
[   58.769440][ T4658] EXT4-fs: Ignoring removed bh option
[   58.989243][ T4666] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.014054][ T4658] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   59.060817][ T4666] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.119603][ T4666] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.180576][ T4666] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.236260][ T4666] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.248088][ T4666] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.261457][ T4666] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.273212][ T4666] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.364294][ T4683] loop4: detected capacity change from 0 to 512
[   59.379467][ T4683] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.411761][ T4683] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.367: iget: bad i_size value: 2533274857506816
[   59.452040][ T4689] loop4: detected capacity change from 0 to 2048
[   59.489484][ T4689] Alternate GPT is invalid, using primary GPT.
[   59.495856][ T4689]  loop4: p1 p2 p3
[   59.523529][ T4691] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.570103][ T4691] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.620096][ T4691] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.669828][ T4691] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.706773][ T4699] loop2: detected capacity change from 0 to 512
[   59.722399][ T4691] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.733020][ T4699] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.736045][ T4691] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.756292][ T4691] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.767472][ T4691] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.030572][ T4715] loop2: detected capacity change from 0 to 512
[   60.049537][ T4715] EXT4-fs: Ignoring removed nobh option
[   60.061453][ T4715] EXT4-fs: journaled quota format not specified
[   60.076482][ T4717] loop1: detected capacity change from 0 to 128
[   60.093272][ T4717] EXT4-fs: Ignoring removed nobh option
[   60.234094][ T4717] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   60.335355][ T4727] loop1: detected capacity change from 0 to 2048
[   60.518715][ T4727] Alternate GPT is invalid, using primary GPT.
[   60.525116][ T4727]  loop1: p1 p2 p3
[   60.829814][ T4742] loop1: detected capacity change from 0 to 128
[   61.044709][ T4751] loop1: detected capacity change from 0 to 512
[   61.096777][ T4751] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.114470][ T4758] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.149993][ T4758] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.232692][ T4758] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.269574][ T4768] netlink: 'syz.1.391': attribute type 10 has an invalid length.
[   61.281060][ T4768] netlink: 40 bytes leftover after parsing attributes in process `syz.1.391'.
[   61.331988][ T4768] team0: Device geneve1 is up. Set it down before adding it as a team port
[   61.363180][ T4768] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   61.386886][ T4758] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.434500][ T4773] netlink: 536 bytes leftover after parsing attributes in process `syz.1.393'.
[   61.461592][ T4758] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.486264][ T4758] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.511568][ T4758] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.534959][ T4758] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.646250][ T4783] loop2: detected capacity change from 0 to 128
[   61.766491][ T4797] loop1: detected capacity change from 0 to 2048
[   61.766491][ T4799] loop2: detected capacity change from 0 to 512
[   61.766760][ T4799] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   61.813602][ T4802] netlink: 'syz.2.403': attribute type 10 has an invalid length.
[   61.821719][ T4802] netlink: 40 bytes leftover after parsing attributes in process `syz.2.403'.
[   61.831215][ T4797] Alternate GPT is invalid, using primary GPT.
[   61.831402][ T4797]  loop1: p1 p2 p3
[   61.872498][ T4802] team0: Device geneve1 is up. Set it down before adding it as a team port
[   61.885076][ T4802] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   61.989210][ T4821] netlink: 536 bytes leftover after parsing attributes in process `syz.2.410'.
[   61.998799][ T4812] loop4: detected capacity change from 0 to 8192
[   62.032563][ T4804] netlink: 24 bytes leftover after parsing attributes in process `syz.4.405'.
[   62.548061][ T4840] loop0: detected capacity change from 0 to 2048
[   62.581439][ T4842] FAULT_INJECTION: forcing a failure.
[   62.581439][ T4842] name failslab, interval 1, probability 0, space 0, times 0
[   62.594196][ T4842] CPU: 1 UID: 0 PID: 4842 Comm: syz.4.417 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   62.594270][ T4842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.594283][ T4842] Call Trace:
[   62.594290][ T4842]  <TASK>
[   62.594298][ T4842]  __dump_stack+0x1d/0x30
[   62.594316][ T4842]  dump_stack_lvl+0xe8/0x140
[   62.594339][ T4842]  dump_stack+0x15/0x1b
[   62.594356][ T4842]  should_fail_ex+0x265/0x280
[   62.594385][ T4842]  ? audit_log_d_path+0x8d/0x150
[   62.594448][ T4842]  should_failslab+0x8c/0xb0
[   62.594469][ T4842]  __kmalloc_cache_noprof+0x4c/0x320
[   62.594493][ T4842]  audit_log_d_path+0x8d/0x150
[   62.594521][ T4842]  audit_log_d_path_exe+0x42/0x70
[   62.594556][ T4842]  audit_log_task+0x1e9/0x250
[   62.594587][ T4842]  audit_seccomp+0x61/0x100
[   62.594655][ T4842]  ? __seccomp_filter+0x68c/0x10d0
[   62.594679][ T4842]  __seccomp_filter+0x69d/0x10d0
[   62.594703][ T4842]  ? update_load_avg+0x1da/0x820
[   62.594748][ T4842]  ? __list_add_valid_or_report+0x38/0xe0
[   62.594773][ T4842]  ? _raw_spin_unlock+0x26/0x50
[   62.594876][ T4842]  __secure_computing+0x82/0x150
[   62.594897][ T4842]  syscall_trace_enter+0xcf/0x1e0
[   62.594921][ T4842]  do_syscall_64+0xac/0x200
[   62.594936][ T4842]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.595045][ T4842]  ? clear_bhb_loop+0x40/0x90
[   62.595069][ T4842]  ? clear_bhb_loop+0x40/0x90
[   62.595106][ T4842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.595156][ T4842] RIP: 0033:0x7f3e982dd3bc
[   62.595172][ T4842] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   62.595261][ T4842] RSP: 002b:00007f3e9693f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   62.595304][ T4842] RAX: ffffffffffffffda RBX: 00007f3e98505fa0 RCX: 00007f3e982dd3bc
[   62.595317][ T4842] RDX: 000000000000000f RSI: 00007f3e9693f0a0 RDI: 0000000000000005
[   62.595328][ T4842] RBP: 00007f3e9693f090 R08: 0000000000000000 R09: 0000000000000000
[   62.595373][ T4842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   62.595386][ T4842] R13: 0000000000000000 R14: 00007f3e98505fa0 R15: 00007ffdb0cab778
[   62.595410][ T4842]  </TASK>
[   62.814511][   T29] kauditd_printk_skb: 300 callbacks suppressed
[   62.814523][   T29] audit: type=1326 audit(1753061214.452:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4841 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3e982dd45f code=0x7ffc0000
[   62.844149][   T29] audit: type=1326 audit(1753061214.452:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4841 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3e982dd60a code=0x7ffc0000
[   62.867524][   T29] audit: type=1326 audit(1753061214.452:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4841 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e982de9a9 code=0x7ffc0000
[   62.874748][ T4844] loop2: detected capacity change from 0 to 512
[   62.890895][   T29] audit: type=1326 audit(1753061214.452:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4841 comm="syz.4.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e982de9a9 code=0x7ffc0000
[   62.937000][ T4844] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   62.960238][ T4849] netlink: 'syz.4.419': attribute type 10 has an invalid length.
[   62.968619][ T4849] netlink: 40 bytes leftover after parsing attributes in process `syz.4.419'.
[   62.999231][ T4849] team0: Device geneve1 is up. Set it down before adding it as a team port
[   63.010965][ T4849] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   63.035011][ T4844] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.418: iget: bad i_size value: 2533274857506816
[   63.071075][   T29] audit: type=1326 audit(1753061214.912:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4851 comm="syz.1.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   63.094488][   T29] audit: type=1326 audit(1753061214.912:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4851 comm="syz.1.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   63.096138][ T4854] netlink: 'syz.0.420': attribute type 8 has an invalid length.
[   63.117803][   T29] audit: type=1326 audit(1753061214.912:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad930ce9a9 code=0x7ffc0000
[   63.149896][   T29] audit: type=1326 audit(1753061214.912:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad930ce9a9 code=0x7ffc0000
[   63.150215][ T4852] netlink: 'syz.1.421': attribute type 8 has an invalid length.
[   63.173335][   T29] audit: type=1326 audit(1753061214.912:1869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4853 comm="syz.0.420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fad930ce9a9 code=0x7ffc0000
[   63.207287][   T29] audit: type=1326 audit(1753061214.912:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4851 comm="syz.1.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f812627e9a9 code=0x7ffc0000
[   63.236854][ T4859] netlink: 12 bytes leftover after parsing attributes in process `syz.0.420'.
[   63.237131][ T4860] netlink: 12 bytes leftover after parsing attributes in process `syz.1.421'.
[   63.275360][ T4865] loop2: detected capacity change from 0 to 128
[   63.297814][ T4865] syz.2.424: attempt to access beyond end of device
[   63.297814][ T4865] loop2: rw=0, sector=2071, nr_sectors = 1 limit=128
[   63.317384][ T4865] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[   63.325346][ T4865] FAT-fs (loop2): Filesystem has been set read-only
[   63.358479][ T4872] loop3: detected capacity change from 0 to 128
[   63.378983][ T4874] loop2: detected capacity change from 0 to 128
[   63.457156][ T4877] loop4: detected capacity change from 0 to 512
[   63.499038][ T4877] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.636551][ T4883] loop4: detected capacity change from 0 to 2048
[   63.765187][ T4895] netlink: 'syz.4.434': attribute type 10 has an invalid length.
[   63.775293][ T4895] netlink: 40 bytes leftover after parsing attributes in process `syz.4.434'.
[   63.786198][ T4895] team0: Device geneve1 is up. Set it down before adding it as a team port
[   63.803540][ T4895] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   63.849232][ T4897] loop4: detected capacity change from 0 to 512
[   63.911484][ T4897] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   63.983422][ T4917] loop3: detected capacity change from 0 to 2048
[   64.006741][ T4897] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.435: iget: bad i_size value: 2533274857506816
[   64.035520][ T4924] Illegal XDP return value 4294967294 on prog  (id 441) dev N/A, expect packet loss!
[   64.071534][ T4927] loop3: detected capacity change from 0 to 128
[   64.083319][ T4929] loop0: detected capacity change from 0 to 512
[   64.100766][ T4929] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.124532][ T4933] loop4: detected capacity change from 0 to 2048
[   64.131395][ T4933] EXT4-fs: Ignoring removed mblk_io_submit option
[   64.158178][ T4933] EXT4-fs (loop4): can't mount with commit=, fs mounted w/o journal
[   64.171527][ T4933] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   64.227170][ T4941] netlink: 'syz.4.446': attribute type 10 has an invalid length.
[   64.238960][ T4941] netlink: 40 bytes leftover after parsing attributes in process `syz.4.446'.
[   64.252109][ T4941] team0: Device geneve1 is up. Set it down before adding it as a team port
[   64.279318][ T4941] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   64.329819][ T4944] IPv6: Can't replace route, no match found
[   64.350386][ T4946] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   64.391078][ T4950] loop0: detected capacity change from 0 to 512
[   64.411857][ T4950] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.430385][ T4956] netlink: 'syz.4.451': attribute type 8 has an invalid length.
[   64.540167][ T4960] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.449: iget: bad i_size value: 2533274857506816
[   64.593528][ T4962] loop0: detected capacity change from 0 to 128
[   64.603506][ T4964] loop3: detected capacity change from 0 to 128
[   64.603705][ T4962] ext4 filesystem being mounted at /76/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   64.610046][ T4964] EXT4-fs: Ignoring removed nobh option
[   64.649237][ T4964] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   64.696558][ T4968] loop3: detected capacity change from 0 to 2048
[   64.730902][ T4974] loop0: detected capacity change from 0 to 164
[   64.738290][ T4974] ISOFS: unable to read i-node block
[   64.743611][ T4974] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   64.790021][ T4976] loop3: detected capacity change from 0 to 164
[   64.797078][ T4976] ISOFS: unable to read i-node block
[   64.802438][ T4976] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   64.883345][ T4979] loop1: detected capacity change from 0 to 2048
[   64.939529][ T4979] Alternate GPT is invalid, using primary GPT.
[   64.946002][ T4979]  loop1: p1 p2 p3
[   65.003002][ T4987] SELinux:  policydb string  does not match my string SE Linux
[   65.011118][ T4987] SELinux: failed to load policy
[   65.029550][ T4991] loop1: detected capacity change from 0 to 128
[   65.039754][ T4991] ext4 filesystem being mounted at /88/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   65.120812][ T4997] loop1: detected capacity change from 0 to 512
[   65.130669][ T4983] syzkaller1: entered promiscuous mode
[   65.136167][ T4983] syzkaller1: entered allmulticast mode
[   65.151169][ T4997] ext4 filesystem being mounted at /90/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.193291][ T4997] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.463: iget: bad i_size value: 2533274857506816
[   65.248902][ T5004] loop1: detected capacity change from 0 to 128
[   65.255635][ T5004] EXT4-fs: Ignoring removed nobh option
[   65.266264][ T5004] ext4 filesystem being mounted at /92/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   65.342704][ T5015] netlink: 'syz.1.469': attribute type 1 has an invalid length.
[   65.368482][ T5017] loop4: detected capacity change from 0 to 2048
[   65.387635][ T5015] loop1: detected capacity change from 0 to 8192
[   65.409636][ T5017] Alternate GPT is invalid, using primary GPT.
[   65.416069][ T5017]  loop4: p1 p2 p3
[   65.452289][ T5020] loop4: detected capacity change from 0 to 128
[   65.462569][ T5020] ext4 filesystem being mounted at /121/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   65.657530][ T5029] FAULT_INJECTION: forcing a failure.
[   65.657530][ T5029] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.670731][ T5029] CPU: 1 UID: 0 PID: 5029 Comm: syz.3.474 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   65.670758][ T5029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   65.670768][ T5029] Call Trace:
[   65.670774][ T5029]  <TASK>
[   65.670780][ T5029]  __dump_stack+0x1d/0x30
[   65.670801][ T5029]  dump_stack_lvl+0xe8/0x140
[   65.670836][ T5029]  dump_stack+0x15/0x1b
[   65.670854][ T5029]  should_fail_ex+0x265/0x280
[   65.670892][ T5029]  should_fail+0xb/0x20
[   65.670915][ T5029]  should_fail_usercopy+0x1a/0x20
[   65.670971][ T5029]  _copy_from_user+0x1c/0xb0
[   65.670991][ T5029]  ___sys_sendmsg+0xc1/0x1d0
[   65.671116][ T5029]  __x64_sys_sendmsg+0xd4/0x160
[   65.671150][ T5029]  x64_sys_call+0x2999/0x2fb0
[   65.671208][ T5029]  do_syscall_64+0xd2/0x200
[   65.671225][ T5029]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   65.671254][ T5029]  ? clear_bhb_loop+0x40/0x90
[   65.671278][ T5029]  ? clear_bhb_loop+0x40/0x90
[   65.671302][ T5029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.671387][ T5029] RIP: 0033:0x7f31a17ce9a9
[   65.671403][ T5029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.671501][ T5029] RSP: 002b:00007f319fe37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.671522][ T5029] RAX: ffffffffffffffda RBX: 00007f31a19f5fa0 RCX: 00007f31a17ce9a9
[   65.671536][ T5029] RDX: 0000000020000010 RSI: 0000200000000080 RDI: 0000000000000003
[   65.671550][ T5029] RBP: 00007f319fe37090 R08: 0000000000000000 R09: 0000000000000000
[   65.671564][ T5029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.671577][ T5029] R13: 0000000000000000 R14: 00007f31a19f5fa0 R15: 00007ffed7922328
[   65.671599][ T5029]  </TASK>
[   65.859419][ T5024] loop4: detected capacity change from 0 to 512
[   65.874618][ T5031] loop0: detected capacity change from 0 to 512
[   65.899718][ T5031] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.920314][ T5024] EXT4-fs (loop4): 1 orphan inode deleted
[   65.938180][ T2875] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[   65.952606][ T5024] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.959615][ T5039] netlink: 'syz.3.477': attribute type 8 has an invalid length.
[   66.015412][ T5031] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.475: iget: bad i_size value: 2533274857506816
[   66.078680][ T3311] ==================================================================
[   66.086818][ T3311] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[   66.094586][ T3311] 
[   66.096932][ T3311] read-write to 0xffff888237d26f18 of 8 bytes by task 5015 on cpu 1:
[   66.105035][ T3311]  find_get_block_common+0x50e/0x960
[   66.110368][ T3311]  bdev_getblk+0x83/0x3d0
[   66.114746][ T3311]  __bread_gfp+0x51/0x250
[   66.119106][ T3311]  __fat_write_inode+0x14c/0x520
[   66.124077][ T3311]  fat_sync_inode+0x1a/0x30
[   66.128603][ T3311]  fat_truncate_blocks+0x1da/0x550
[   66.133736][ T3311]  fat_write_end+0xba/0x160
[   66.138256][ T3311]  generic_perform_write+0x30f/0x490
[   66.143549][ T3311]  __generic_file_write_iter+0x9e/0x120
[   66.149102][ T3311]  generic_file_write_iter+0x8d/0x2f0
[   66.154484][ T3311]  vfs_write+0x49d/0x8e0
[   66.158748][ T3311]  ksys_write+0xda/0x1a0
[   66.163010][ T3311]  __x64_sys_write+0x40/0x50
[   66.167618][ T3311]  x64_sys_call+0x2cdd/0x2fb0
[   66.172305][ T3311]  do_syscall_64+0xd2/0x200
[   66.176813][ T3311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.182712][ T3311] 
[   66.185039][ T3311] read to 0xffff888237d26f18 of 8 bytes by task 3311 on cpu 0:
[   66.192611][ T3311]  has_bh_in_lru+0x54/0x1f0
[   66.197134][ T3311]  __lru_add_drain_all+0x234/0x3f0
[   66.202262][ T3311]  lru_add_drain_all+0x10/0x20
[   66.207052][ T3311]  invalidate_bdev+0x47/0x70
[   66.211648][ T3311]  ext4_put_super+0x624/0x7d0
[   66.216349][ T3311]  generic_shutdown_super+0xe3/0x210
[   66.221655][ T3311]  kill_block_super+0x2a/0x70
[   66.226357][ T3311]  ext4_kill_sb+0x42/0x80
[   66.230692][ T3311]  deactivate_locked_super+0x75/0x1c0
[   66.236096][ T3311]  deactivate_super+0x97/0xa0
[   66.240790][ T3311]  cleanup_mnt+0x269/0x2e0
[   66.245212][ T3311]  __cleanup_mnt+0x19/0x20
[   66.249643][ T3311]  task_work_run+0x131/0x1a0
[   66.254248][ T3311]  exit_to_user_mode_loop+0xe4/0x100
[   66.259547][ T3311]  do_syscall_64+0x1d6/0x200
[   66.264151][ T3311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.270064][ T3311] 
[   66.272397][ T3311] value changed: 0x0000000000000000 -> 0xffff88810b534e38
[   66.279503][ T3311] 
[   66.281823][ T3311] Reported by Kernel Concurrency Sanitizer on:
[   66.287972][ T3311] CPU: 0 UID: 0 PID: 3311 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(voluntary) 
[   66.300579][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.310644][ T3311] ==================================================================