last executing test programs:

16.157222898s ago: executing program 2 (id=588):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0xfffffffffffffd2d, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f00000004c0)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x103642, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000026c0)=ANY=[@ANYBLOB='\x00'], 0x1, 0x36b, &(0x7f0000000a00)="$eJzs3U1vG1UXAODTvM1H85I6C4QECHFVNrCxkvAHGqFWQkQChRoVFkhTMgEr0zjyWEGuEHTHlt9RsWSHhPgDWcCeHbtsWHZRdVDsuPloCIvUHgrPI0X3xPce+4zHM7qb0dm//d3drc2yuZn1Yup6iqmImHoYsTiIhi4djlODeCaOux9vNW7/9tqHH3/y3ura2o31lG6u3np7JaV09fWfvvzq+2s/9/7/0Q9Xf5yNvcVP9/9Y+X3vpb2X9x/f+qJdpnaZtju9lKU7nU4vu1PkaaNdbjVT+qDIszJP7e0y756Y3yw6Ozv9lG1vLMzvdPOyTNl2P23l/dTrpF63n7LPs/Z2ajabaWE++DutB+vr2eownjtn3fVJFcQYdLur2cE1PPvUTOtBLQUBALW66P5/5pnu/6fD/n+Sju//+bc62P/PHF6/J9n/AwAAAAAAAAAAAADA8+BhVTWqqmqMxmr0kPDh/zWXx5g9df5P/dVdH+N17MG9uYji293Wbms4DudXN6MdReSxFI14dHBbGBnGN99du7GUBhZj4e43g/xrv0S0/ncyfzkasXh2/vIwPz3Jj4NxOuaP569EI148O3/lzPyZePONY/nNaMSvn0UnitgY3N6O8r9eTumd99dO5c8O1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw39BMI6/GsO/9biviSuwe9u9vHi1YPNkff5j/pL/+UjTi0dn9+ZfO7M9/OV65XO+xAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBI2b+3lRVF3p1UMOr5P3hlZhT8ddal4fL7p6auxARrLop86lm94eOqqsZV6txkT+VFgumI885gdfgrufhnvRAR56yZjYj6v41/YlDXHQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqc9T0u+5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqFPZv7eVFUXeHWNQ9zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8T/4MAAD//yeQEY0=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
write$binfmt_elf64(r4, 0x0, 0x78)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001780)=ANY=[@ANYBLOB="540000001000010400000000000000ffff00", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00R'], 0x54}, 0x1, 0x0, 0x0, 0x4048814}, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

15.794034664s ago: executing program 2 (id=593):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x4000032, 0x43a1bd76, 0x4, 0xa, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0xffffffffffffffff, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB, @ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
open$dir(&(0x7f0000000000)='./file1\x00', 0x0, 0x163)

15.606545942s ago: executing program 2 (id=594):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x24, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd70000000000008000000180001801400020073797a5f74756e0000000000000000001c00028018000380100001800800010009000000040003"], 0x48}}, 0x0)

15.569540634s ago: executing program 2 (id=595):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1, @ANYRES32], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = creat(&(0x7f00000004c0)='./bus\x00', 0x20)
ustat(0x6, &(0x7f00000000c0))
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r4, &(0x7f0000000000)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000b4bffc)=0x1, 0x4)
write(r4, &(0x7f0000000ac0)="a9701e65794ca64ad7c9a746d04bada2644be4fc3aefe913548632142ea140074cc4a4235da4945a44", 0x29)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r3)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x1c, 0x5f, 0x1, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {}, {0x5, 0x2}, {0x3, 0xe}}}, 0x24}}, 0x28010)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000580)={0x404, r5, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x5}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x4}, @ETHTOOL_A_LINKMODES_OURS={0x370, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x78, 0x5, "1bdc9bfe90cf9e8b2f6ea31d3da760373433e51bc026ee410af8556da0eeabfdd3524df5c6247db9301a166d856273203e75aebcc2e4299aaea4317079ffc9b60c3d305913558ad525842247b24391f2576710cfda78d243589596e0cdcb1245b461f3bab6a6678e88c8e3a18e90ef82faf9a4f2"}, @ETHTOOL_A_BITSET_BITS={0x134, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000000}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'GPL\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ']}\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'vfat\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, ',\'-+%$&\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ')+\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, 'ext4\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '{()\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '}\xb7-\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'GPL\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '\\{%,^#\\#\x00'}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '*\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\'\x98\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '/+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0xff, 0x5, "cd405705b3358010f258b86652bb86b0583c3fccfcaeefd28dc6094ee47da75cab844d2dd4b19793ab6a9443b3d24eb10d479d0f74ce85133d42dd26000886b8a81551d2e5d39166680b7c5de4b1f0765855ca6ae9638eca800465f561ac1be3eee6a0cd0cb3a8275bf2768aa9d9ec2724d466f3a48e193b1d0f47623aae05cce98605f5ff6167b8a482e9a8c9ad8690b7e2a9c25dee5d165d89b9b651348f5efc2f2201623453e863130c3aad36884c273ba317164102886fe0c727fb6023deeeb0e56565f12f062b43d7656fe42dc40524ffb90b6cb96eb7391013b411323a71e322b215ed994a5fdb38ccf6c3703f9481fc2a8c94551ac90b85"}, @ETHTOOL_A_BITSET_MASK={0xb9, 0x5, "fc1b4acaf98446348f85fe788a7c2fafc1cbc99b7096d10154b7e57348e0ca9c03feaaaa4a64b8226f11df84913258c493dc3bf56e685213895dca5f20577d977dd4f5a415770daba51f3eed57160bdb1fea304b1b924211f35b86f93b6f0ca5d7aec154839f56b30948417c71c4c43f38485478b93a6133f8a11dc4db86866e7f4e7c5cda22b21dff2d1719ed538ccc5863f7d2b76afe1825cc9d087067502bb329ef12810e2b47200549110e3334f4d1e668099a"}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x28b}, @ETHTOOL_A_LINKMODES_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x371256b8efb807eb}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x2}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}]}, 0x404}, 0x1, 0x0, 0x0, 0x4041}, 0x8000)
r8 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r8, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8900)

14.651785704s ago: executing program 2 (id=604):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e7ffff8e0000000000000000b52519c00000000000000000b93e0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000800000000000000000006f020000b9a2ae3dd09fe93ef58a8048f60ed43271fe322acf81d6c7ccba9ba09385dfe64407280e471b4540bfc9c08f627b56f96d344eef6802e2772af173a189b6b0de092883ed7ad42cff67deba0cb90d8ee1aa85835d0005be87af2bf88af73c62057929cc7857ff46db728b9ac1a9ce943089ecdccddbdb08ba6068718a4d43b40fbd05159f8ace151c1fda99da84b1f5dd4de895cd71580476876457b839cee23b587171988ddb810b9c9e12614ef36dc3f8c14771ef4d372949e833f0e71b61c7e431da00e6ccbe", @ANYRES32=r2, @ANYRES32=r1], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffb, 0x6, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x301, 0x0, 0x0, 0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000008349671ef6458db7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r9=>r1, @ANYRESOCT=r6, @ANYRES32=<r10=>r7, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000012c0), &(0x7f0000000600), 0x1761, r1}, 0x38)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380)={0x0, r0}, 0x8)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x10, &(0x7f0000000780)=ANY=[@ANYRESDEC=r4, @ANYRES64, @ANYRESDEC=r8, @ANYRESOCT=r9, @ANYRESOCT=r12, @ANYRES64=r12, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRES16=0x0, @ANYRES32=r10], &(0x7f0000000980)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f00000000c0)=r13, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x12024, 0x0, 0x9, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r14, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r15, @ANYBLOB="bf4400000000000000000c"], 0x2ac}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r14)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000bc0)={[{@errors_remount}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@stripe={'stripe', 0x3d, 0xb}}, {@auto_da_alloc}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000d80)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r16 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r17 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r16, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r17, 0x0, 0x10007ffffffff}, 0x18)
r18 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r18, &(0x7f0000000000), 0x208e24b)
sendmsg$unix(r12, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

14.083717968s ago: executing program 2 (id=606):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x248, &(0x7f0000000800)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vgUheFgpQiIqhQEXFRWqG2uLVOLg46q3RyKeJmdZQuxUURnKp2qIugxcHioEMkuVZqm1o1Nafe5wOXu8vdc7/nyH2fhMAlARrrapLpJK0kk0k6SYrjO9xZTVcPV9cntueTXu+xH4rBftV65ajdlSRrSR5IslUWeaGdrGw+tffTziP3vL7cufvdzScnxnqSh/b3dh89eGf2tQ9m7l/57IvvZotMp/u787p4xZDn2kVy0z9R7F+iaNfdA/6MuVfe/7Kf+5uT3DXIfydlqhfvjaXrtjq57+2z2r75/ee3jrOvwMXr9Tr998C1HtA4ZZJuinIqSbVcllNT1Wf4r1qXyxcXl16efH5xeeG5ukcq4KJ0k92HP7r04ZUT+f+2VeUf+O8764u2fv4fn9v4ur980Bpvn4Ca3FbN+vmffGb13sg/NI78Q3PJPzSX/ENzyT80l/xDc8k//I91/niz/ENzyT80l/xDcx3PPwDQLL1Ldd+BDNSl7vEHAAAAAAAAAAAAAAAAAAA4bX1ie/5oGlfNT95K9h9K0h5WvzX4P+Lk+sHj5R+L/m6/KapmI3n6jhEPMKL3ar77+oZv6q3/6e311l9dSNZeTXKt3T59/RWH19/fd+M52zvPjljgLypOrD/4xHjrn/TLRr31Z3aSj/vjz7Vh40+ZWwbz4eNP9/yfWD7XSz+PeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADG5tcAAAD//yPnbVU=")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002})
r1 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x98, 0x2d8, 0x0, 0x98, 0x238, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@dev={0xac, 0x14, 0x14, 0x36}, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xffffffff, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x6, @local}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast1, 'veth0_virt_wifi\x00', {0x7}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'ipvlan1\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x2, 0xa59135fd0ce801ee}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
writev(r0, &(0x7f0000000280)=[{&(0x7f00000001c0)="00000000000000000000a4ff964072", 0xf}, {0x0}], 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xd, &(0x7f0000000100)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010328bd7000fedbdf251c0000000c00018008000100", @ANYRES32=r7], 0x20}}, 0x10)

14.083067228s ago: executing program 32 (id=606):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x248, &(0x7f0000000800)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vgUheFgpQiIqhQEXFRWqG2uLVOLg46q3RyKeJmdZQuxUURnKp2qIugxcHioEMkuVZqm1o1Nafe5wOXu8vdc7/nyH2fhMAlARrrapLpJK0kk0k6SYrjO9xZTVcPV9cntueTXu+xH4rBftV65ajdlSRrSR5IslUWeaGdrGw+tffTziP3vL7cufvdzScnxnqSh/b3dh89eGf2tQ9m7l/57IvvZotMp/u787p4xZDn2kVy0z9R7F+iaNfdA/6MuVfe/7Kf+5uT3DXIfydlqhfvjaXrtjq57+2z2r75/ee3jrOvwMXr9Tr998C1HtA4ZZJuinIqSbVcllNT1Wf4r1qXyxcXl16efH5xeeG5ukcq4KJ0k92HP7r04ZUT+f+2VeUf+O8764u2fv4fn9v4ur980Bpvn4Ca3FbN+vmffGb13sg/NI78Q3PJPzSX/ENzyT80l/xDc8k//I91/niz/ENzyT80l/xDcx3PPwDQLL1Ldd+BDNSl7vEHAAAAAAAAAAAAAAAAAAA4bX1ie/5oGlfNT95K9h9K0h5WvzX4P+Lk+sHj5R+L/m6/KapmI3n6jhEPMKL3ar77+oZv6q3/6e311l9dSNZeTXKt3T59/RWH19/fd+M52zvPjljgLypOrD/4xHjrn/TLRr31Z3aSj/vjz7Vh40+ZWwbz4eNP9/yfWD7XSz+PeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADG5tcAAAD//yPnbVU=")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002})
r1 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x98, 0x2d8, 0x0, 0x98, 0x238, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@dev={0xac, 0x14, 0x14, 0x36}, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xffffffff, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x6, @local}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast1, 'veth0_virt_wifi\x00', {0x7}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'ipvlan1\x00', 'batadv_slave_1\x00', {}, {}, 0x0, 0x2, 0xa59135fd0ce801ee}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
writev(r0, &(0x7f0000000280)=[{&(0x7f00000001c0)="00000000000000000000a4ff964072", 0xf}, {0x0}], 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xd, &(0x7f0000000100)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010328bd7000fedbdf251c0000000c00018008000100", @ANYRES32=r7], 0x20}}, 0x10)

3.795602535s ago: executing program 4 (id=746):
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r3}, 0x10)
nanosleep(&(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8919, &(0x7f0000000000)={'nicvf0\x00', @ifru_map={0x8, 0x6, 0x1, 0x10}})
socket$inet6(0xa, 0x3, 0x3c)
socket$inet(0xa, 0x801, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
ppoll(&(0x7f0000000500)=[{r7}], 0x1, 0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000300)={'netdevsim0\x00', @random="f60f63971a2b"})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000000314010026bd7000ffdbdf250900020073797a30000000000800410073697700140033007767310000000000000000000000000059ef748d76b5563357f61c3233ca5c4a47620569b1f1929be73f417c9f6d36f12dbc"], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4008010)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")

3.2174056s ago: executing program 1 (id=750):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))

3.157682343s ago: executing program 1 (id=753):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0xfffffffffffffd2d, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f00000004c0)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x103642, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000026c0)=ANY=[@ANYBLOB='\x00'], 0x1, 0x36b, &(0x7f0000000a00)="$eJzs3U1vG1UXAODTvM1H85I6C4QECHFVNrCxkvAHGqFWQkQChRoVFkhTMgEr0zjyWEGuEHTHlt9RsWSHhPgDWcCeHbtsWHZRdVDsuPloCIvUHgrPI0X3xPce+4zHM7qb0dm//d3drc2yuZn1Yup6iqmImHoYsTiIhi4djlODeCaOux9vNW7/9tqHH3/y3ura2o31lG6u3np7JaV09fWfvvzq+2s/9/7/0Q9Xf5yNvcVP9/9Y+X3vpb2X9x/f+qJdpnaZtju9lKU7nU4vu1PkaaNdbjVT+qDIszJP7e0y756Y3yw6Ozv9lG1vLMzvdPOyTNl2P23l/dTrpF63n7LPs/Z2ajabaWE++DutB+vr2eownjtn3fVJFcQYdLur2cE1PPvUTOtBLQUBALW66P5/5pnu/6fD/n+Sju//+bc62P/PHF6/J9n/AwAAAAAAAAAAAADA8+BhVTWqqmqMxmr0kPDh/zWXx5g9df5P/dVdH+N17MG9uYji293Wbms4DudXN6MdReSxFI14dHBbGBnGN99du7GUBhZj4e43g/xrv0S0/ncyfzkasXh2/vIwPz3Jj4NxOuaP569EI148O3/lzPyZePONY/nNaMSvn0UnitgY3N6O8r9eTumd99dO5c8O1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw39BMI6/GsO/9biviSuwe9u9vHi1YPNkff5j/pL/+UjTi0dn9+ZfO7M9/OV65XO+xAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBI2b+3lRVF3p1UMOr5P3hlZhT8ddal4fL7p6auxARrLop86lm94eOqqsZV6txkT+VFgumI885gdfgrufhnvRAR56yZjYj6v41/YlDXHQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqc9T0u+5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqFPZv7eVFUXeHWNQ9zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8T/4MAAD//yeQEY0=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
write$binfmt_elf64(r4, &(0x7f0000000e80)=ANY=[], 0x78)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x4048814}, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.0011802s ago: executing program 5 (id=754):
pipe2$watch_queue(0x0, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0xfd, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x12000, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',directio,dfltuid=', @ANYRESHEX=0xee01, @ANYBLOB="24c2"])
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x8000)
close(0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r6}, 0x18)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r8 = dup2(r7, r7)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x4, 0x2b00})
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={0xffffffffffffffff, r8, 0x0, r0}, 0x10)

2.822280438s ago: executing program 4 (id=755):
pipe2$watch_queue(0x0, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0xfd, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x12000, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',directio,dfltuid=', @ANYRESHEX=0xee01, @ANYBLOB="24c2"])
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x8000)
close(0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r5}, 0x18)
r6 = open(&(0x7f0000000480)='.\x00', 0x48800, 0x50)
getdents(r6, 0x0, 0x0)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r8 = dup2(r7, r7)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x4, 0x2b00})

2.561227189s ago: executing program 1 (id=756):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

2.514004771s ago: executing program 1 (id=757):
pipe2$watch_queue(0x0, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0xfd, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x12000, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',directio,dfltuid=', @ANYRESHEX=0xee01, @ANYBLOB="24c2"])
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x8000)
close(0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r6}, 0x18)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r8 = dup2(r7, r7)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x4, 0x2b00})
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={0xffffffffffffffff, r8, 0x0, r0}, 0x10)

2.30246546s ago: executing program 5 (id=758):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
socket$kcm(0x29, 0x2, 0x0)
socket$inet6(0xa, 0x803, 0x6)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x14004040)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
read(r0, &(0x7f0000000300)=""/212, 0xd4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)

1.987130104s ago: executing program 3 (id=763):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x14004040)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)

1.925367936s ago: executing program 4 (id=764):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x7, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2f, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000))
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000a40)='./file0/../file0\x00', 0x0, 0x3cdc19, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000000c0), 0x401, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

1.83354359s ago: executing program 4 (id=765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x14, &(0x7f0000000380)=ANY=[@ANYBLOB="18cb0000000000000000000000000000000401000020646c210000c5e20004d9fa4a101047f263b336e30cbcfbffffffffff01000008000000b70300000000000085000000f2d501000000d5e6178b6306000000181100", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x809}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000007000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mq_unlink(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000009180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f00000004c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000340)="240000005800410f9c00f4f9008f1a08df70cae2c57d91ac8e3085b3a85c91fddf080001000501009f08000200016c0000", 0x73)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r7 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r7, 0x89e3, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='adfs\x00', 0x220ac08, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
signalfd(r5, &(0x7f00000001c0)={[0xffffffffffffffff]}, 0x8)

1.395604679s ago: executing program 5 (id=767):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x9}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040884)

1.37795021s ago: executing program 0 (id=768):
pipe2$watch_queue(0x0, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0xfd, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x12000, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',directio,dfltuid=', @ANYRESHEX=0xee01, @ANYBLOB="24c2"])
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x8000)
close(0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r6}, 0x18)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r8 = dup2(r7, r7)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x4, 0x2b00})
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={0xffffffffffffffff, r8, 0x0, r0}, 0x10)

1.37214696s ago: executing program 1 (id=769):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x20050890)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1000000}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000007c0)={'wg0\x00', <r8=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000800)={0x8c, r7, 0x20, 0x70bd28, 0x25dfdbff, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40080}, 0x4801)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250401f2800c0018000bac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240))
writev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000003c0)}], 0x1)

1.365531191s ago: executing program 5 (id=770):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r1, 0x7f, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000000000070400"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.066787354s ago: executing program 3 (id=771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x40f6, 0x80, 0x0, 0x224}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47f8, 0x0, 0x0, 0x0, 0x0)

1.034728355s ago: executing program 4 (id=772):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e7ffff8e0000000000000000b52519c00000000000000000b93e0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000800000000000000000006f020000b9a2ae3dd09fe93ef58a8048f60ed43271fe322acf81d6c7ccba9ba09385dfe64407280e471b4540bfc9c08f627b56f96d344eef6802e2772af173a189b6b0de092883ed7ad42cff67deba0cb90d8ee1aa85835d0005be87af2bf88af73c62057929cc7857ff46db728b9ac1a9ce943089ecdccddbdb08ba6068718a4d43b40fbd05159f8ace151c1fda99da84b1f5dd4de895cd71580476876457b839cee23b587171988ddb810b9c9e12614ef36dc3f8c14771ef4d372949e833f0e71b61c7e431da00e6ccbe", @ANYRES32=r2, @ANYRES32=r1], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffb, 0x6, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x301, 0x0, 0x0, 0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000008349671ef6458db7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r9=>r1, @ANYRESOCT=r6, @ANYRES32=<r10=>r7, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000012c0), &(0x7f0000000600), 0x1761, r1}, 0x38)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380)={0x0, r0}, 0x8)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x10, &(0x7f0000000780)=ANY=[@ANYRESDEC=r4, @ANYRES64, @ANYRESDEC=r8, @ANYRESOCT=r9, @ANYRESOCT=r12, @ANYRES64=r12, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRES16=0x0, @ANYRES32=r10], &(0x7f0000000980)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f00000000c0)=r13, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x12024, 0x0, 0x9, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r14, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r15, @ANYBLOB="bf4400000000000000000c"], 0x2ac}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r14)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000bc0)={[{@errors_remount}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@stripe={'stripe', 0x3d, 0xb}}, {@auto_da_alloc}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000d80)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r16 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r16, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r17, &(0x7f0000000000), 0x208e24b)

1.012623256s ago: executing program 5 (id=773):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)

957.330809ms ago: executing program 0 (id=774):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xa0, 0x2, 0x0, 0x0, 0x0, 0x9f, 0x101, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xf573aeb6eaaa7180, 0x0, 0x20, 0x7, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='cpu~00\t&&')

903.898991ms ago: executing program 5 (id=775):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x42, 0x61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

896.088271ms ago: executing program 0 (id=776):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))

778.225936ms ago: executing program 4 (id=777):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000100))
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x20050890)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f00000007c0)={'wg0\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000800)={0x8c, r8, 0x20, 0x70bd28, 0x25dfdbff, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40080}, 0x4801)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250401f2800c0018000bac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240))
writev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000003c0)}], 0x1)

777.462246ms ago: executing program 3 (id=778):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e7ffff8e0000000000000000b52519c00000000000000000b93e0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000800000000000000000006f020000b9a2ae3dd09fe93ef58a8048f60ed43271fe322acf81d6c7ccba9ba09385dfe64407280e471b4540bfc9c08f627b56f96d344eef6802e2772af173a189b6b0de092883ed7ad42cff67deba0cb90d8ee1aa85835d0005be87af2bf88af73c62057929cc7857ff46db728b9ac1a9ce943089ecdccddbdb08ba6068718a4d43b40fbd05159f8ace151c1fda99da84b1f5dd4de895cd71580476876457b839cee23b587171988ddb810b9c9e12614ef36dc3f8c14771ef4d372949e833f0e71b61c7e431da00e6ccbe", @ANYRES32=r2, @ANYRES32=r1], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffb, 0x6, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x301, 0x0, 0x0, 0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000008349671ef6458db7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r9=>r1, @ANYRESOCT=r6, @ANYRES32=<r10=>r7, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000012c0), &(0x7f0000000600), 0x1761, r1}, 0x38)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380)={0x0, r0}, 0x8)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x10, &(0x7f0000000780)=ANY=[@ANYRESDEC=r4, @ANYRES64, @ANYRESDEC=r8, @ANYRESOCT=r9, @ANYRESOCT=r12, @ANYRES64=r12, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRES16=0x0, @ANYRES32=r10], &(0x7f0000000980)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f00000000c0)=r13, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x12024, 0x0, 0x9, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r14, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r15, @ANYBLOB="bf4400000000000000000c"], 0x2ac}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r14)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000bc0)={[{@errors_remount}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@stripe={'stripe', 0x3d, 0xb}}, {@auto_da_alloc}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000d80)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r16 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r16, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r17, &(0x7f0000000000), 0x208e24b)

754.453717ms ago: executing program 0 (id=779):
pipe2$watch_queue(0x0, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0xfd, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x12000, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',directio,dfltuid=', @ANYRESHEX=0xee01, @ANYBLOB="24c2"])
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x8000)
close(0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r5}, 0x18)
r6 = open(&(0x7f0000000480)='.\x00', 0x48800, 0x50)
getdents(r6, 0x0, 0x0)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
dup2(r7, r7)

469.76748ms ago: executing program 3 (id=780):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, 0x0, 0x0, 0x14010, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fc000000000000000000000000000000060004400e1f0000"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

414.102332ms ago: executing program 1 (id=781):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x14004040)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)

406.194093ms ago: executing program 3 (id=782):
r0 = syz_open_dev$usbfs(0x0, 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

336.695426ms ago: executing program 3 (id=783):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r0, 0x7f, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000000000070400"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

60.235738ms ago: executing program 0 (id=784):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x24, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd70000000000008000000180001801400020073797a5f74756e0000000000000000001c00028018000380100001800800010009000000040003"], 0x48}}, 0x0)

0s ago: executing program 0 (id=785):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000280)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x18)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r8}, 0x10)
getresuid(&(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000180))
preadv(r6, &(0x7f0000000140)=[{&(0x7f0000000040)=""/162, 0xa2}], 0x1, 0x4f9, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x35, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000014000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3a0000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x44081}, 0x4000001)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
prlimit64(0x0, 0x7, &(0x7f0000000040)={0x4, 0x5}, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x4d, 0x0, &(0x7f0000000000))
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001200)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a8c000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a31000000004c0008800c00024000deffff55c3dd9e0c00014000000000000000000c00024000000000000000000c00024000000000000000090c00014000000000000000060c000140000000000000026314000480080002403cb140bb080001400000000314000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000180)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000071002c000000000095000300"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)

kernel console output (not intermixed with test programs):

k:3540: inode #12: comm syz.0.283: directory missing '.'
[   63.281927][ T4616] loop1: detected capacity change from 0 to 512
[   63.376064][ T4618] loop3: detected capacity change from 0 to 512
[   63.389340][ T4622] loop2: detected capacity change from 0 to 512
[   63.390690][ T4618] ext4: Unknown parameter '"x'
[   63.427543][ T4618] loop3: detected capacity change from 0 to 512
[   63.443377][ T4618] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   63.453318][ T4618] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   63.481261][ T4635] loop4: detected capacity change from 0 to 2048
[   63.484691][ T4634] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1538 sclass=netlink_audit_socket pid=4634 comm=syz.1.293
[   63.544753][ T4635] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.656769][ T4647] loop0: detected capacity change from 0 to 2048
[   63.775170][ T4647] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.811026][ T4648] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.294: bg 0: block 345: padding at end of block bitmap is not set
[   63.828641][ T4655] loop3: detected capacity change from 0 to 512
[   63.891845][ T4648] EXT4-fs (loop4): Remounting filesystem read-only
[   63.898667][ T4400] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   63.951778][ T4657] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.296: bg 0: block 345: padding at end of block bitmap is not set
[   64.032248][ T4657] EXT4-fs (loop0): Remounting filesystem read-only
[   64.039000][ T4400] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   64.191347][ T4665] netlink: 'syz.0.301': attribute type 4 has an invalid length.
[   64.287342][ T4669] netlink: 96 bytes leftover after parsing attributes in process `syz.4.303'.
[   64.325778][ T4674] loop0: detected capacity change from 0 to 2048
[   64.359719][ T4674] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.461334][ T4686] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.306: bg 0: block 345: padding at end of block bitmap is not set
[   64.465878][ T3373] IPVS: starting estimator thread 0...
[   64.490597][ T4686] EXT4-fs (loop0): Remounting filesystem read-only
[   64.567304][ T4684] IPVS: using max 2400 ests per chain, 120000 per kthread
[   64.587184][ T4401] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   64.661572][ T4688] siw: device registration error -23
[   64.670410][ T4688] loop2: detected capacity change from 0 to 512
[   64.705419][ T4686] syz.0.306 (4686) used greatest stack depth: 10248 bytes left
[   64.738402][ T4688] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.767506][ T4688] EXT4-fs error (device loop2): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.2.307: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   64.788026][ T4688] EXT4-fs error (device loop2): ext4_get_first_dir_block:3540: inode #12: comm syz.2.307: directory missing '.'
[   64.820870][ T4698] loop4: detected capacity change from 0 to 512
[   64.964197][ T4703] loop3: detected capacity change from 0 to 1024
[   64.975612][ T4703] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.173097][ T4710] siw: device registration error -23
[   65.184415][ T4710] loop4: detected capacity change from 0 to 512
[   65.279460][ T4710] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.302582][ T4710] EXT4-fs error (device loop4): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.4.313: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   65.323439][ T4710] EXT4-fs error (device loop4): ext4_get_first_dir_block:3540: inode #12: comm syz.4.313: directory missing '.'
[   65.337950][ T4716] FAULT_INJECTION: forcing a failure.
[   65.337950][ T4716] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.351154][ T4716] CPU: 1 UID: 0 PID: 4716 Comm: syz.0.315 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.351182][ T4716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   65.351197][ T4716] Call Trace:
[   65.351205][ T4716]  <TASK>
[   65.351213][ T4716]  __dump_stack+0x1d/0x30
[   65.351234][ T4716]  dump_stack_lvl+0xe8/0x140
[   65.351252][ T4716]  dump_stack+0x15/0x1b
[   65.351270][ T4716]  should_fail_ex+0x265/0x280
[   65.351364][ T4716]  should_fail+0xb/0x20
[   65.351410][ T4716]  should_fail_usercopy+0x1a/0x20
[   65.351434][ T4716]  _copy_from_user+0x1c/0xb0
[   65.351497][ T4716]  ___sys_recvmsg+0xaa/0x370
[   65.351543][ T4716]  ? _parse_integer+0x27/0x40
[   65.351658][ T4716]  do_recvmmsg+0x1ef/0x540
[   65.351689][ T4716]  ? fput+0x8f/0xc0
[   65.351712][ T4716]  __x64_sys_recvmmsg+0xe5/0x170
[   65.351746][ T4716]  x64_sys_call+0x27aa/0x3000
[   65.351771][ T4716]  do_syscall_64+0xd2/0x200
[   65.351851][ T4716]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.351887][ T4716]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.351920][ T4716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.351990][ T4716] RIP: 0033:0x7fea84cdf749
[   65.352009][ T4716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.352030][ T4716] RSP: 002b:00007fea8371e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   65.352052][ T4716] RAX: ffffffffffffffda RBX: 00007fea84f36090 RCX: 00007fea84cdf749
[   65.352064][ T4716] RDX: 0000000000000001 RSI: 0000200000004580 RDI: 0000000000000004
[   65.352136][ T4716] RBP: 00007fea8371e090 R08: 0000000000000000 R09: 0000000000000000
[   65.352151][ T4716] R10: 0000000040000001 R11: 0000000000000246 R12: 0000000000000001
[   65.352166][ T4716] R13: 00007fea84f36128 R14: 00007fea84f36090 R15: 00007fff1f932288
[   65.352188][ T4716]  </TASK>
[   65.591789][ T4718] FAULT_INJECTION: forcing a failure.
[   65.591789][ T4718] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.605018][ T4718] CPU: 0 UID: 0 PID: 4718 Comm: syz.2.316 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.605045][ T4718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   65.605057][ T4718] Call Trace:
[   65.605099][ T4718]  <TASK>
[   65.605109][ T4718]  __dump_stack+0x1d/0x30
[   65.605138][ T4718]  dump_stack_lvl+0xe8/0x140
[   65.605163][ T4718]  dump_stack+0x15/0x1b
[   65.605181][ T4718]  should_fail_ex+0x265/0x280
[   65.605240][ T4718]  should_fail+0xb/0x20
[   65.605288][ T4718]  should_fail_usercopy+0x1a/0x20
[   65.605387][ T4718]  _copy_from_user+0x1c/0xb0
[   65.605416][ T4718]  perf_copy_attr+0x145/0x610
[   65.605449][ T4718]  __se_sys_perf_event_open+0x67/0x11c0
[   65.605542][ T4718]  ? vfs_write+0x7e8/0x960
[   65.605573][ T4718]  ? __rcu_read_unlock+0x4f/0x70
[   65.605615][ T4718]  __x64_sys_perf_event_open+0x67/0x80
[   65.605685][ T4718]  x64_sys_call+0x7bd/0x3000
[   65.605706][ T4718]  do_syscall_64+0xd2/0x200
[   65.605733][ T4718]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.605826][ T4718]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.605866][ T4718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.605886][ T4718] RIP: 0033:0x7f9094bef749
[   65.605918][ T4718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.605938][ T4718] RSP: 002b:00007f909364f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   65.605961][ T4718] RAX: ffffffffffffffda RBX: 00007f9094e45fa0 RCX: 00007f9094bef749
[   65.605976][ T4718] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000140
[   65.605990][ T4718] RBP: 00007f909364f090 R08: 0000000000000002 R09: 0000000000000000
[   65.606001][ T4718] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001
[   65.606083][ T4718] R13: 00007f9094e46038 R14: 00007f9094e45fa0 R15: 00007ffc35cbd088
[   65.606106][ T4718]  </TASK>
[   65.878979][ T4723] netlink: 4 bytes leftover after parsing attributes in process `syz.2.319'.
[   65.905696][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   65.916820][ T4729] netlink: 20 bytes leftover after parsing attributes in process `syz.1.320'.
[   65.937459][ T4729] netlink: 'syz.1.320': attribute type 3 has an invalid length.
[   65.941474][ T4721] wg1 speed is unknown, defaulting to 1000
[   65.953772][ T4732] loop2: detected capacity change from 0 to 164
[   65.966437][ T4732] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   65.994152][ T4731] wg1 speed is unknown, defaulting to 1000
[   66.008531][   T29] kauditd_printk_skb: 53 callbacks suppressed
[   66.008545][   T29] audit: type=1326 audit(1764109572.422:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4737 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599a0cf749 code=0x7ffc0000
[   66.038494][   T29] audit: type=1326 audit(1764109572.422:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4737 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599a0cf749 code=0x7ffc0000
[   66.061880][   T29] audit: type=1326 audit(1764109572.422:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4737 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f599a0cf749 code=0x7ffc0000
[   66.085033][   T29] audit: type=1326 audit(1764109572.422:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4737 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599a0cf749 code=0x7ffc0000
[   66.108322][   T29] audit: type=1326 audit(1764109572.422:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4737 comm="syz.1.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599a0cf749 code=0x7ffc0000
[   66.166013][ T4732] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   66.178966][ T4732] Symlink component flag not implemented
[   66.184831][ T4732] Symlink component flag not implemented
[   66.191545][ T4732] Symlink component flag not implemented (7)
[   66.197605][ T4732] Symlink component flag not implemented (116)
[   66.268745][ T4748] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4748 comm=syz.2.328
[   66.371460][   T29] audit: type=1400 audit(1764109572.782:664): avc:  denied  { create } for  pid=4750 comm="syz.1.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   66.397242][   T29] audit: type=1400 audit(1764109572.812:665): avc:  denied  { bind } for  pid=4750 comm="syz.1.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   66.400356][ T4748] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.424002][ T4755] loop0: detected capacity change from 0 to 2048
[   66.427532][ T4748] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.448854][ T4755] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.487279][   T12] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.515045][ T4760] loop4: detected capacity change from 0 to 2048
[   66.521529][   T12] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.531222][   T12] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.540824][   T12] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.541740][ T4761] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.330: bg 0: block 345: padding at end of block bitmap is not set
[   66.564343][ T4761] EXT4-fs (loop0): Remounting filesystem read-only
[   66.571695][ T4760] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.587787][ T4401] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   66.661049][   T29] audit: type=1400 audit(1764109573.072:666): avc:  denied  { write } for  pid=4771 comm="syz.0.335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   66.669680][ T4773] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.331: bg 0: block 345: padding at end of block bitmap is not set
[   66.694944][ T4773] EXT4-fs (loop4): Remounting filesystem read-only
[   66.702240][ T4770] loop2: detected capacity change from 0 to 4096
[   66.705549][ T2810] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   66.763438][ T4778] FAULT_INJECTION: forcing a failure.
[   66.763438][ T4778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.776712][ T4778] CPU: 0 UID: 0 PID: 4778 Comm: syz.2.337 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.776743][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.776760][ T4778] Call Trace:
[   66.776767][ T4778]  <TASK>
[   66.776776][ T4778]  __dump_stack+0x1d/0x30
[   66.776833][ T4778]  dump_stack_lvl+0xe8/0x140
[   66.776861][ T4778]  dump_stack+0x15/0x1b
[   66.776883][ T4778]  should_fail_ex+0x265/0x280
[   66.777022][ T4778]  should_fail+0xb/0x20
[   66.777050][ T4778]  should_fail_usercopy+0x1a/0x20
[   66.777199][ T4778]  _copy_from_user+0x1c/0xb0
[   66.777227][ T4778]  ___sys_sendmsg+0xc1/0x1d0
[   66.777264][ T4778]  __x64_sys_sendmsg+0xd4/0x160
[   66.777289][ T4778]  x64_sys_call+0x191e/0x3000
[   66.777314][ T4778]  do_syscall_64+0xd2/0x200
[   66.777341][ T4778]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.777382][ T4778]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.777416][ T4778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.777471][ T4778] RIP: 0033:0x7f9094bef749
[   66.777487][ T4778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.777505][ T4778] RSP: 002b:00007f909364f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.777542][ T4778] RAX: ffffffffffffffda RBX: 00007f9094e45fa0 RCX: 00007f9094bef749
[   66.777555][ T4778] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000006
[   66.777584][ T4778] RBP: 00007f909364f090 R08: 0000000000000000 R09: 0000000000000000
[   66.777597][ T4778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.777656][ T4778] R13: 00007f9094e46038 R14: 00007f9094e45fa0 R15: 00007ffc35cbd088
[   66.777676][ T4778]  </TASK>
[   66.953829][   T29] audit: type=1400 audit(1764109573.362:667): avc:  denied  { setopt } for  pid=4779 comm="syz.0.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   66.975059][   T29] audit: type=1400 audit(1764109573.362:668): avc:  denied  { connect } for  pid=4779 comm="syz.0.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   67.061118][ T4788] loop2: detected capacity change from 0 to 128
[   67.098048][ T4788] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   67.140631][ T4783] loop4: detected capacity change from 0 to 164
[   67.153485][ T4783] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   67.169665][ T4783] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   67.179037][ T4783] Symlink component flag not implemented
[   67.184723][ T4783] Symlink component flag not implemented
[   67.196823][ T4799] loop1: detected capacity change from 0 to 2048
[   67.213178][ T4801] loop0: detected capacity change from 0 to 128
[   67.221332][ T4799] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.237922][ T4801] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   67.311696][ T4806] FAULT_INJECTION: forcing a failure.
[   67.311696][ T4806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.324923][ T4806] CPU: 1 UID: 0 PID: 4806 Comm: syz.2.347 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.324955][ T4806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.324970][ T4806] Call Trace:
[   67.324977][ T4806]  <TASK>
[   67.324984][ T4806]  __dump_stack+0x1d/0x30
[   67.325007][ T4806]  dump_stack_lvl+0xe8/0x140
[   67.325027][ T4806]  dump_stack+0x15/0x1b
[   67.325127][ T4806]  should_fail_ex+0x265/0x280
[   67.325162][ T4806]  should_fail+0xb/0x20
[   67.325179][ T4806]  should_fail_usercopy+0x1a/0x20
[   67.325205][ T4806]  _copy_to_user+0x20/0xa0
[   67.325237][ T4806]  simple_read_from_buffer+0xb5/0x130
[   67.325331][ T4806]  proc_fail_nth_read+0x10e/0x150
[   67.325361][ T4806]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   67.325398][ T4806]  vfs_read+0x1a8/0x770
[   67.325424][ T4806]  ? __rcu_read_unlock+0x4f/0x70
[   67.325466][ T4806]  ? __fget_files+0x184/0x1c0
[   67.325507][ T4806]  ? __sys_bind+0x223/0x2a0
[   67.325565][ T4806]  ksys_read+0xda/0x1a0
[   67.325687][ T4806]  __x64_sys_read+0x40/0x50
[   67.325773][ T4806]  x64_sys_call+0x27c0/0x3000
[   67.325795][ T4806]  do_syscall_64+0xd2/0x200
[   67.325868][ T4806]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.325901][ T4806]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   67.325963][ T4809] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.345: bg 0: block 345: padding at end of block bitmap is not set
[   67.325941][ T4806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.326119][ T4806] RIP: 0033:0x7f9094bee15c
[   67.326140][ T4806] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   67.326164][ T4806] RSP: 002b:00007f909364f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   67.326190][ T4806] RAX: ffffffffffffffda RBX: 00007f9094e45fa0 RCX: 00007f9094bee15c
[   67.326226][ T4806] RDX: 000000000000000f RSI: 00007f909364f0a0 RDI: 0000000000000004
[   67.326242][ T4806] RBP: 00007f909364f090 R08: 0000000000000000 R09: 0000000000000000
[   67.326258][ T4806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.326321][ T4806] R13: 00007f9094e46038 R14: 00007f9094e45fa0 R15: 00007ffc35cbd088
[   67.326347][ T4806]  </TASK>
[   67.364954][ T4813] loop2: detected capacity change from 0 to 2048
[   67.365990][ T4809] EXT4-fs (loop1): Remounting filesystem read-only
[   67.427098][ T4813] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.427848][ T4401] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   67.579359][ T4826] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   67.589230][ T4826] batman_adv: batadv0: Removing interface: batadv_slave_0
[   67.599260][ T4826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.606759][ T4826] batman_adv: batadv0: Removing interface: batadv_slave_1
[   67.627574][ T4823] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.350: bg 0: block 345: padding at end of block bitmap is not set
[   67.643105][ T4823] EXT4-fs (loop2): Remounting filesystem read-only
[   67.649945][ T4401] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   67.690761][ T4830] FAULT_INJECTION: forcing a failure.
[   67.690761][ T4830] name failslab, interval 1, probability 0, space 0, times 0
[   67.703592][ T4830] CPU: 1 UID: 0 PID: 4830 Comm: syz.1.354 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.703626][ T4830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.703690][ T4830] Call Trace:
[   67.703697][ T4830]  <TASK>
[   67.703704][ T4830]  __dump_stack+0x1d/0x30
[   67.703749][ T4830]  dump_stack_lvl+0xe8/0x140
[   67.703767][ T4830]  dump_stack+0x15/0x1b
[   67.703782][ T4830]  should_fail_ex+0x265/0x280
[   67.703844][ T4830]  should_failslab+0x8c/0xb0
[   67.703923][ T4830]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   67.704010][ T4830]  ? __alloc_skb+0x101/0x320
[   67.704037][ T4830]  __alloc_skb+0x101/0x320
[   67.704063][ T4830]  alloc_skb_with_frags+0x7d/0x470
[   67.704092][ T4830]  ? selinux_file_open+0x2df/0x330
[   67.704170][ T4830]  sock_alloc_send_pskb+0x430/0x4e0
[   67.704191][ T4830]  ? mntput+0x4b/0x80
[   67.704207][ T4830]  tun_get_user+0x9b4/0x26e0
[   67.704237][ T4830]  ? ref_tracker_alloc+0x1f2/0x2f0
[   67.704314][ T4830]  ? selinux_file_permission+0x1e4/0x320
[   67.704341][ T4830]  tun_chr_write_iter+0x15e/0x210
[   67.704396][ T4830]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   67.704421][ T4830]  vfs_write+0x52a/0x960
[   67.704447][ T4830]  ksys_write+0xda/0x1a0
[   67.704499][ T4830]  __x64_sys_write+0x40/0x50
[   67.704527][ T4830]  x64_sys_call+0x2802/0x3000
[   67.704547][ T4830]  do_syscall_64+0xd2/0x200
[   67.704567][ T4830]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.704653][ T4830]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   67.704684][ T4830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.704703][ T4830] RIP: 0033:0x7f599a0ce1ff
[   67.704716][ T4830] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   67.704746][ T4830] RSP: 002b:00007f5998b2f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   67.704763][ T4830] RAX: ffffffffffffffda RBX: 00007f599a325fa0 RCX: 00007f599a0ce1ff
[   67.704773][ T4830] RDX: 0000000000000fe0 RSI: 0000200000001300 RDI: 00000000000000c8
[   67.704784][ T4830] RBP: 00007f5998b2f090 R08: 0000000000000000 R09: 0000000000000000
[   67.704794][ T4830] R10: 0000000000000fe0 R11: 0000000000000293 R12: 0000000000000001
[   67.704874][ T4830] R13: 00007f599a326038 R14: 00007f599a325fa0 R15: 00007ffe5c7347b8
[   67.704890][ T4830]  </TASK>
[   67.931170][ T4126] Bluetooth: hci0: command 0x1003 tx timeout
[   67.937410][ T3521] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   67.987985][ T4839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.358'.
[   67.999309][ T4839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.358'.
[   68.018388][ T4837] loop2: detected capacity change from 0 to 512
[   68.271055][ T4857] siw: device registration error -23
[   68.283228][ T4857] loop3: detected capacity change from 0 to 512
[   68.446712][ T4874] net_ratelimit: 19 callbacks suppressed
[   68.446730][ T4874] IPv6: addrconf: prefix option has invalid lifetime
[   68.546190][ T4872] FAULT_INJECTION: forcing a failure.
[   68.546190][ T4872] name failslab, interval 1, probability 0, space 0, times 0
[   68.558892][ T4872] CPU: 0 UID: 0 PID: 4872 Comm: syz.4.370 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.559003][ T4872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   68.559045][ T4872] Call Trace:
[   68.559052][ T4872]  <TASK>
[   68.559060][ T4872]  __dump_stack+0x1d/0x30
[   68.559083][ T4872]  dump_stack_lvl+0xe8/0x140
[   68.559117][ T4872]  dump_stack+0x15/0x1b
[   68.559138][ T4872]  should_fail_ex+0x265/0x280
[   68.559203][ T4872]  should_failslab+0x8c/0xb0
[   68.559237][ T4872]  __kvmalloc_node_noprof+0x12e/0x670
[   68.559282][ T4872]  ? traverse+0xa2/0x3a0
[   68.559306][ T4872]  traverse+0xa2/0x3a0
[   68.559375][ T4872]  ? __schedule+0x6b9/0xb30
[   68.559401][ T4872]  seq_lseek+0xb5/0x170
[   68.559423][ T4872]  __x64_sys_lseek+0xe8/0x160
[   68.559492][ T4872]  x64_sys_call+0x2818/0x3000
[   68.559521][ T4872]  do_syscall_64+0xd2/0x200
[   68.559546][ T4872]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   68.559573][ T4872]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   68.559647][ T4872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.559671][ T4872] RIP: 0033:0x7f544cf6f749
[   68.559717][ T4872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.559739][ T4872] RSP: 002b:00007f544b9ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[   68.559760][ T4872] RAX: ffffffffffffffda RBX: 00007f544d1c6090 RCX: 00007f544cf6f749
[   68.559771][ T4872] RDX: 0000000000000000 RSI: 0000000000002004 RDI: 000000000000000b
[   68.559851][ T4872] RBP: 00007f544b9ae090 R08: 0000000000000000 R09: 0000000000000000
[   68.559866][ T4872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.559880][ T4872] R13: 00007f544d1c6128 R14: 00007f544d1c6090 R15: 00007fff2359dbb8
[   68.559900][ T4872]  </TASK>
[   68.864877][ T4857] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   68.877606][ T4882] openvswitch: netlink: Missing key (keys=40, expected=80)
[   68.912759][ T4853] EXT4-fs error (device loop3): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.3.361: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   68.948251][ T4853] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.361: directory missing '.'
[   69.003663][ T4887] tmpfs: Bad value for 'nr_inodes'
[   69.110065][ T3321] EXT4-fs unmount: 84 callbacks suppressed
[   69.110084][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.363983][ T4909] loop0: detected capacity change from 0 to 512
[   69.375805][ T4913] can0: slcan on ttyS3.
[   69.428232][ T4913] can0 (unregistered): slcan off ttyS3.
[   69.438868][ T4913] can0: slcan on ttyS3.
[   69.455243][ T4915] loop1: detected capacity change from 0 to 512
[   69.477863][ T4906] netlink: 'syz.3.375': attribute type 1 has an invalid length.
[   69.485576][ T4906] netlink: 224 bytes leftover after parsing attributes in process `syz.3.375'.
[   69.517050][ T4912] can0 (unregistered): slcan off ttyS3.
[   69.570944][ T4915] netlink: 52 bytes leftover after parsing attributes in process `syz.1.386'.
[   69.582680][ T4922] loop0: detected capacity change from 0 to 512
[   69.654479][ T4922] netlink: 52 bytes leftover after parsing attributes in process `syz.0.389'.
[   69.702732][ T4932] FAULT_INJECTION: forcing a failure.
[   69.702732][ T4932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.715906][ T4932] CPU: 1 UID: 0 PID: 4932 Comm: syz.0.393 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.715934][ T4932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.716000][ T4932] Call Trace:
[   69.716009][ T4932]  <TASK>
[   69.716019][ T4932]  __dump_stack+0x1d/0x30
[   69.716047][ T4932]  dump_stack_lvl+0xe8/0x140
[   69.716074][ T4932]  dump_stack+0x15/0x1b
[   69.716097][ T4932]  should_fail_ex+0x265/0x280
[   69.716156][ T4932]  should_fail+0xb/0x20
[   69.716176][ T4932]  should_fail_usercopy+0x1a/0x20
[   69.716203][ T4932]  _copy_from_user+0x1c/0xb0
[   69.716335][ T4932]  ___sys_sendmsg+0xc1/0x1d0
[   69.716383][ T4932]  __x64_sys_sendmsg+0xd4/0x160
[   69.716406][ T4932]  x64_sys_call+0x191e/0x3000
[   69.716428][ T4932]  do_syscall_64+0xd2/0x200
[   69.716512][ T4932]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.716617][ T4932]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.716659][ T4932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.716753][ T4932] RIP: 0033:0x7fea84cdf749
[   69.716767][ T4932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.716789][ T4932] RSP: 002b:00007fea8373f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   69.716808][ T4932] RAX: ffffffffffffffda RBX: 00007fea84f35fa0 RCX: 00007fea84cdf749
[   69.716823][ T4932] RDX: 00000000000040c0 RSI: 00002000000000c0 RDI: 0000000000000003
[   69.716838][ T4932] RBP: 00007fea8373f090 R08: 0000000000000000 R09: 0000000000000000
[   69.716857][ T4932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.716900][ T4932] R13: 00007fea84f36038 R14: 00007fea84f35fa0 R15: 00007fff1f932288
[   69.716925][ T4932]  </TASK>
[   69.947786][ T4936] loop0: detected capacity change from 0 to 512
[   70.011952][ T4936] netlink: 52 bytes leftover after parsing attributes in process `syz.0.395'.
[   70.097079][ T4940] loop1: detected capacity change from 0 to 512
[   70.105551][ T4940] FAULT_INJECTION: forcing a failure.
[   70.105551][ T4940] name failslab, interval 1, probability 0, space 0, times 0
[   70.118261][ T4940] CPU: 0 UID: 0 PID: 4940 Comm: syz.1.397 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.118294][ T4940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   70.118309][ T4940] Call Trace:
[   70.118317][ T4940]  <TASK>
[   70.118401][ T4940]  __dump_stack+0x1d/0x30
[   70.118451][ T4940]  dump_stack_lvl+0xe8/0x140
[   70.118529][ T4940]  dump_stack+0x15/0x1b
[   70.118551][ T4940]  should_fail_ex+0x265/0x280
[   70.118594][ T4940]  should_failslab+0x8c/0xb0
[   70.118631][ T4940]  kmem_cache_alloc_noprof+0x50/0x480
[   70.118749][ T4940]  ? getname_flags+0x80/0x3b0
[   70.118782][ T4940]  getname_flags+0x80/0x3b0
[   70.118829][ T4940]  do_sys_openat2+0x60/0x110
[   70.118854][ T4940]  __x64_sys_openat+0xf2/0x120
[   70.118903][ T4940]  x64_sys_call+0x2eab/0x3000
[   70.118995][ T4940]  do_syscall_64+0xd2/0x200
[   70.119024][ T4940]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   70.119060][ T4940]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   70.119144][ T4940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.119165][ T4940] RIP: 0033:0x7f599a0cf749
[   70.119179][ T4940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.119196][ T4940] RSP: 002b:00007f5998b2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   70.119214][ T4940] RAX: ffffffffffffffda RBX: 00007f599a325fa0 RCX: 00007f599a0cf749
[   70.119225][ T4940] RDX: 000000000000275a RSI: 0000200000000100 RDI: ffffffffffffff9c
[   70.119236][ T4940] RBP: 00007f5998b2f090 R08: 0000000000000000 R09: 0000000000000000
[   70.119259][ T4940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.119273][ T4940] R13: 00007f599a326038 R14: 00007f599a325fa0 R15: 00007ffe5c7347b8
[   70.119296][ T4940]  </TASK>
[   70.323329][ T4946] loop3: detected capacity change from 0 to 4096
[   70.341158][ T4946] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.385002][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.494563][ T4955] loop1: detected capacity change from 0 to 512
[   70.582179][ T4955] netlink: 52 bytes leftover after parsing attributes in process `syz.1.404'.
[   70.654210][ T4972] loop3: detected capacity change from 0 to 128
[   70.667682][ T4972] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   70.684062][ T4972] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   70.782669][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   70.827330][ T4987] FAULT_INJECTION: forcing a failure.
[   70.827330][ T4987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.840523][ T4987] CPU: 1 UID: 0 PID: 4987 Comm: syz.3.418 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.840557][ T4987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   70.840589][ T4987] Call Trace:
[   70.840596][ T4987]  <TASK>
[   70.840604][ T4987]  __dump_stack+0x1d/0x30
[   70.840659][ T4987]  dump_stack_lvl+0xe8/0x140
[   70.840684][ T4987]  dump_stack+0x15/0x1b
[   70.840704][ T4987]  should_fail_ex+0x265/0x280
[   70.840737][ T4987]  should_fail+0xb/0x20
[   70.840756][ T4987]  should_fail_usercopy+0x1a/0x20
[   70.840842][ T4987]  _copy_from_user+0x1c/0xb0
[   70.840868][ T4987]  do_fcntl+0x448/0xdf0
[   70.840885][ T4987]  ? selinux_file_fcntl+0x1b4/0x1e0
[   70.840963][ T4987]  __se_sys_fcntl+0xb1/0x120
[   70.841059][ T4987]  __x64_sys_fcntl+0x43/0x50
[   70.841090][ T4987]  x64_sys_call+0x29a4/0x3000
[   70.841118][ T4987]  do_syscall_64+0xd2/0x200
[   70.841137][ T4987]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   70.841234][ T4987]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   70.841274][ T4987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.841336][ T4987] RIP: 0033:0x7f5d2a71f749
[   70.841354][ T4987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.841374][ T4987] RSP: 002b:00007f5d2917f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   70.841392][ T4987] RAX: ffffffffffffffda RBX: 00007f5d2a975fa0 RCX: 00007f5d2a71f749
[   70.841405][ T4987] RDX: 0000200000003280 RSI: 000000000000040c RDI: 0000000000000003
[   70.841419][ T4987] RBP: 00007f5d2917f090 R08: 0000000000000000 R09: 0000000000000000
[   70.841433][ T4987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.841462][ T4987] R13: 00007f5d2a976038 R14: 00007f5d2a975fa0 R15: 00007fffdd9958b8
[   70.841480][ T4987]  </TASK>
[   71.085609][ T5000] netlink: 28 bytes leftover after parsing attributes in process `syz.0.424'.
[   71.103210][ T4992] loop2: detected capacity change from 0 to 512
[   71.210171][ T4992] netlink: 52 bytes leftover after parsing attributes in process `syz.2.420'.
[   71.282342][ T5007] loop3: detected capacity change from 0 to 512
[   71.543670][ T5022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.431'.
[   71.607994][ T5021] netlink: 'syz.1.431': attribute type 30 has an invalid length.
[   71.671403][ T5028] loop1: detected capacity change from 0 to 512
[   71.769900][ T5030] loop1: detected capacity change from 0 to 8192
[   71.785962][ T5030] msdos: Unknown parameter '����'
[   71.866918][   T29] kauditd_printk_skb: 546 callbacks suppressed
[   71.866932][   T29] audit: type=1400 audit(1764109578.272:1215): avc:  denied  { ioctl } for  pid=5032 comm="syz.1.435" path="socket:[8826]" dev="sockfs" ino=8826 ioctlcmd=0x8910 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   71.946952][   T29] audit: type=1400 audit(1764109578.282:1216): avc:  denied  { create } for  pid=5032 comm="syz.1.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   72.099227][ T5039] loop1: detected capacity change from 0 to 512
[   72.261028][   T29] audit: type=1400 audit(1764109578.662:1217): avc:  denied  { bind } for  pid=5048 comm="syz.2.443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   72.328685][ T5052] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.376157][ T5056] loop4: detected capacity change from 0 to 1024
[   72.393454][ T5056] EXT4-fs: Ignoring removed bh option
[   72.403196][ T5056] EXT4-fs: inline encryption not supported
[   72.452437][ T5052] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.465444][ T5056] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   72.516073][ T5056] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   72.578954][ T5063] FAULT_INJECTION: forcing a failure.
[   72.578954][ T5063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.580862][ T5052] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.592535][ T5063] CPU: 0 UID: 0 PID: 5063 Comm: syz.3.449 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.592571][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   72.592588][ T5063] Call Trace:
[   72.592595][ T5063]  <TASK>
[   72.592604][ T5063]  __dump_stack+0x1d/0x30
[   72.592709][ T5063]  dump_stack_lvl+0xe8/0x140
[   72.592736][ T5063]  dump_stack+0x15/0x1b
[   72.592760][ T5063]  should_fail_ex+0x265/0x280
[   72.592845][ T5063]  should_fail+0xb/0x20
[   72.592870][ T5063]  should_fail_usercopy+0x1a/0x20
[   72.592898][ T5063]  _copy_from_user+0x1c/0xb0
[   72.592933][ T5063]  ___sys_sendmsg+0xc1/0x1d0
[   72.593041][ T5063]  __x64_sys_sendmsg+0xd4/0x160
[   72.593073][ T5063]  x64_sys_call+0x191e/0x3000
[   72.593116][ T5063]  do_syscall_64+0xd2/0x200
[   72.593147][ T5063]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   72.593187][ T5063]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   72.593300][ T5063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.593329][ T5063] RIP: 0033:0x7f5d2a71f749
[   72.593352][ T5063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.593377][ T5063] RSP: 002b:00007f5d2917f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.593457][ T5063] RAX: ffffffffffffffda RBX: 00007f5d2a975fa0 RCX: 00007f5d2a71f749
[   72.593474][ T5063] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000007
[   72.593491][ T5063] RBP: 00007f5d2917f090 R08: 0000000000000000 R09: 0000000000000000
[   72.593508][ T5063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.593525][ T5063] R13: 00007f5d2a976038 R14: 00007f5d2a975fa0 R15: 00007fffdd9958b8
[   72.593629][ T5063]  </TASK>
[   72.595338][ T5056] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.445: lblock 2 mapped to illegal pblock 2 (length 1)
[   72.790711][ T5056] Quota error (device loop4): qtree_write_dquot: dquota write failed
[   72.806978][ T5056] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.445: lblock 0 mapped to illegal pblock 48 (length 1)
[   72.839622][ T5056] Quota error (device loop4): v2_write_file_info: Can't write info structure
[   72.848559][ T5056] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.445: Failed to acquire dquot type 0
[   72.889374][ T5052] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.917302][ T5056] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   72.946366][ T5056] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.445: mark_inode_dirty error
[   72.960084][ T5056] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   72.991068][ T5078] loop9: detected capacity change from 0 to 7
[   73.008272][ T5056] EXT4-fs (loop4): 1 orphan inode deleted
[   73.014673][ T5056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.016726][ T5078] buffer_io_error: 23 callbacks suppressed
[   73.016744][ T5078] Buffer I/O error on dev loop9, logical block 0, async page read
[   73.036992][   T12] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[   73.065649][ T5076] loop2: detected capacity change from 0 to 512
[   73.065729][   T12] Quota error (device loop4): remove_tree: Can't read quota data block 1
[   73.065812][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0
[   73.103149][ T5078] Buffer I/O error on dev loop9, logical block 0, async page read
[   73.111197][ T5078]  loop9: unable to read partition table
[   73.117176][ T5078] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   73.117176][ T5078] 
) failed (rc=-5)
[   73.136951][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.177695][   T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.187761][ T5056] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   73.208646][   T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.247041][   T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.278353][ T5076] __nla_validate_parse: 4 callbacks suppressed
[   73.278388][ T5076] netlink: 52 bytes leftover after parsing attributes in process `syz.2.455'.
[   73.330102][   T29] audit: type=1400 audit(1764109579.732:1218): avc:  denied  { setattr } for  pid=5077 comm="syz.3.456" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   73.570059][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.592933][ T3314] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[   73.617084][ T3314] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   73.637074][ T3314] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   73.764202][ T5095] loop4: detected capacity change from 0 to 256
[   73.779575][ T5097] loop3: detected capacity change from 0 to 128
[   73.787608][ T5095] msdos: Bad value for 'time_offset'
[   73.885252][ T5105] FAULT_INJECTION: forcing a failure.
[   73.885252][ T5105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.898566][ T5105] CPU: 1 UID: 0 PID: 5105 Comm: syz.2.465 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.898600][ T5105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   73.898616][ T5105] Call Trace:
[   73.898624][ T5105]  <TASK>
[   73.898674][ T5105]  __dump_stack+0x1d/0x30
[   73.898701][ T5105]  dump_stack_lvl+0xe8/0x140
[   73.898727][ T5105]  dump_stack+0x15/0x1b
[   73.898750][ T5105]  should_fail_ex+0x265/0x280
[   73.898795][ T5105]  should_fail+0xb/0x20
[   73.898844][ T5105]  should_fail_usercopy+0x1a/0x20
[   73.898871][ T5105]  _copy_from_user+0x1c/0xb0
[   73.898904][ T5105]  __se_sys_cachestat+0x71/0x630
[   73.898934][ T5105]  ? putname+0xda/0x100
[   73.899042][ T5105]  ? ksys_write+0x15f/0x1a0
[   73.899074][ T5105]  __x64_sys_cachestat+0x55/0x70
[   73.899170][ T5105]  x64_sys_call+0x2ca6/0x3000
[   73.899199][ T5105]  do_syscall_64+0xd2/0x200
[   73.899221][ T5105]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.899318][ T5105]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   73.899351][ T5105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.899427][ T5105] RIP: 0033:0x7f9094bef749
[   73.899446][ T5105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.899475][ T5105] RSP: 002b:00007f909364f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3
[   73.899499][ T5105] RAX: ffffffffffffffda RBX: 00007f9094e45fa0 RCX: 00007f9094bef749
[   73.899515][ T5105] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   73.899530][ T5105] RBP: 00007f909364f090 R08: 0000000000000000 R09: 0000000000000000
[   73.899544][ T5105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.899634][ T5105] R13: 00007f9094e46038 R14: 00007f9094e45fa0 R15: 00007ffc35cbd088
[   73.899659][ T5105]  </TASK>
[   74.128984][ T5106] bio_check_eod: 30 callbacks suppressed
[   74.129056][ T5106] syz.3.462: attempt to access beyond end of device
[   74.129056][ T5106] loop3: rw=2049, sector=185, nr_sectors = 16 limit=128
[   74.150881][ T5106] syz.3.462: attempt to access beyond end of device
[   74.150881][ T5106] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[   74.166545][ T5106] syz.3.462: attempt to access beyond end of device
[   74.166545][ T5106] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[   74.180423][ T5106] syz.3.462: attempt to access beyond end of device
[   74.180423][ T5106] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[   74.193969][ T5106] syz.3.462: attempt to access beyond end of device
[   74.193969][ T5106] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[   74.219019][ T5114] loop2: detected capacity change from 0 to 2048
[   74.243376][ T5106] syz.3.462: attempt to access beyond end of device
[   74.243376][ T5106] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[   74.258032][ T5106] syz.3.462: attempt to access beyond end of device
[   74.258032][ T5106] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[   74.271926][ T5106] syz.3.462: attempt to access beyond end of device
[   74.271926][ T5106] loop3: rw=2049, sector=305, nr_sectors = 8 limit=128
[   74.283870][ T5118] FAULT_INJECTION: forcing a failure.
[   74.283870][ T5118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.286086][ T5106] syz.3.462: attempt to access beyond end of device
[   74.286086][ T5106] loop3: rw=2049, sector=321, nr_sectors = 8 limit=128
[   74.298332][ T5118] CPU: 1 UID: 0 PID: 5118 Comm: syz.1.470 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.298405][ T5118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.298423][ T5118] Call Trace:
[   74.298434][ T5118]  <TASK>
[   74.298444][ T5118]  __dump_stack+0x1d/0x30
[   74.298510][ T5118]  dump_stack_lvl+0xe8/0x140
[   74.298541][ T5118]  dump_stack+0x15/0x1b
[   74.298564][ T5118]  should_fail_ex+0x265/0x280
[   74.298658][ T5118]  should_fail+0xb/0x20
[   74.298681][ T5118]  should_fail_usercopy+0x1a/0x20
[   74.298738][ T5118]  _copy_from_user+0x1c/0xb0
[   74.298773][ T5118]  ___sys_recvmsg+0xaa/0x370
[   74.298801][ T5118]  ? _parse_integer+0x27/0x40
[   74.298856][ T5118]  do_recvmmsg+0x1ef/0x540
[   74.298887][ T5118]  ? fput+0x8f/0xc0
[   74.298987][ T5118]  __x64_sys_recvmmsg+0xe5/0x170
[   74.299027][ T5118]  x64_sys_call+0x27aa/0x3000
[   74.299058][ T5118]  do_syscall_64+0xd2/0x200
[   74.299127][ T5118]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.299166][ T5118]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.299267][ T5118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.299296][ T5118] RIP: 0033:0x7f599a0cf749
[   74.299318][ T5118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.299342][ T5118] RSP: 002b:00007f5998b2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   74.299368][ T5118] RAX: ffffffffffffffda RBX: 00007f599a325fa0 RCX: 00007f599a0cf749
[   74.299386][ T5118] RDX: 0000000000000001 RSI: 0000200000006e40 RDI: 0000000000000004
[   74.299437][ T5118] RBP: 00007f5998b2f090 R08: 0000000000000000 R09: 0000000000000000
[   74.299454][ T5118] R10: 0000000000010003 R11: 0000000000000246 R12: 0000000000000001
[   74.299470][ T5118] R13: 00007f599a326038 R14: 00007f599a325fa0 R15: 00007ffe5c7347b8
[   74.299496][ T5118]  </TASK>
[   74.358683][ T5114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.360709][ T5106] syz.3.462: attempt to access beyond end of device
[   74.360709][ T5106] loop3: rw=2049, sector=337, nr_sectors = 8 limit=128
[   74.367118][ T5114] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.604389][ T5131] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.468: bg 0: block 345: padding at end of block bitmap is not set
[   74.651670][ T5133] FAULT_INJECTION: forcing a failure.
[   74.651670][ T5133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.664977][ T5133] CPU: 1 UID: 0 PID: 5133 Comm: syz.4.475 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.665013][ T5133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.665029][ T5133] Call Trace:
[   74.665038][ T5133]  <TASK>
[   74.665080][ T5133]  __dump_stack+0x1d/0x30
[   74.665103][ T5133]  dump_stack_lvl+0xe8/0x140
[   74.665123][ T5133]  dump_stack+0x15/0x1b
[   74.665144][ T5133]  should_fail_ex+0x265/0x280
[   74.665233][ T5133]  should_fail+0xb/0x20
[   74.665248][ T5133]  should_fail_usercopy+0x1a/0x20
[   74.665268][ T5133]  _copy_from_user+0x1c/0xb0
[   74.665300][ T5133]  ___sys_recvmsg+0xaa/0x370
[   74.665325][ T5133]  ? _parse_integer+0x27/0x40
[   74.665376][ T5133]  do_recvmmsg+0x1ef/0x540
[   74.665404][ T5133]  ? fput+0x8f/0xc0
[   74.665422][ T5133]  __x64_sys_recvmmsg+0xe5/0x170
[   74.665443][ T5133]  x64_sys_call+0x27aa/0x3000
[   74.665465][ T5133]  do_syscall_64+0xd2/0x200
[   74.665563][ T5133]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.665590][ T5133]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.665623][ T5133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.665728][ T5133] RIP: 0033:0x7f544cf6f749
[   74.665747][ T5133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.665770][ T5133] RSP: 002b:00007f544b9cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   74.665791][ T5133] RAX: ffffffffffffffda RBX: 00007f544d1c5fa0 RCX: 00007f544cf6f749
[   74.665811][ T5133] RDX: 0000000000000001 RSI: 00002000000057c0 RDI: 0000000000000003
[   74.665822][ T5133] RBP: 00007f544b9cf090 R08: 0000000000000000 R09: 0000000000000000
[   74.665838][ T5133] R10: 0000000000000082 R11: 0000000000000246 R12: 0000000000000001
[   74.665869][ T5133] R13: 00007f544d1c6038 R14: 00007f544d1c5fa0 R15: 00007fff2359dbb8
[   74.665893][ T5133]  </TASK>
[   74.666201][ T5131] EXT4-fs (loop2): Remounting filesystem read-only
[   74.814009][ T5138] loop3: detected capacity change from 0 to 164
[   74.816239][   T31] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   74.855755][ T5138] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   74.924331][   T29] audit: type=1326 audit(1764109581.332:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5141 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544cf6f749 code=0x7ffc0000
[   74.948020][   T29] audit: type=1326 audit(1764109581.332:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5141 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544cf6f749 code=0x7ffc0000
[   74.985235][   T29] audit: type=1326 audit(1764109581.392:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5141 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f544cf6f749 code=0x7ffc0000
[   75.080377][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.116335][ T5146] siw: device registration error -23
[   75.126085][ T5146] loop1: detected capacity change from 0 to 512
[   75.145147][ T5146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.157795][ T5146] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.174708][ T5146] EXT4-fs error (device loop1): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.1.478: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   75.195801][ T5146] EXT4-fs error (device loop1): ext4_get_first_dir_block:3540: inode #12: comm syz.1.478: directory missing '.'
[   75.213488][ T5144] loop3: detected capacity change from 0 to 8192
[   75.350541][ T5153]  loop3: p2 p3 p4
[   75.354579][ T5153] loop3: p2 start 164919041 is beyond EOD, truncated
[   75.361335][ T5153] loop3: p3 size 66846464 extends beyond EOD, truncated
[   75.420498][ T5152] loop4: detected capacity change from 0 to 512
[   75.458378][ T5153] loop3: p4 size 37048832 extends beyond EOD, truncated
[   75.927471][ T5144]  loop3: p2 p3 p4
[   75.931499][ T5144] loop3: p2 start 164919041 is beyond EOD, truncated
[   75.938389][ T5144] loop3: p3 size 66846464 extends beyond EOD, truncated
[   75.957937][ T5144] loop3: p4 size 37048832 extends beyond EOD, truncated
[   75.979016][ T5159] FAULT_INJECTION: forcing a failure.
[   75.979016][ T5159] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.992160][ T5159] CPU: 1 UID: 0 PID: 5159 Comm: syz.2.481 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.992190][ T5159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   75.992260][ T5159] Call Trace:
[   75.992267][ T5159]  <TASK>
[   75.992274][ T5159]  __dump_stack+0x1d/0x30
[   75.992299][ T5159]  dump_stack_lvl+0xe8/0x140
[   75.992320][ T5159]  dump_stack+0x15/0x1b
[   75.992390][ T5159]  should_fail_ex+0x265/0x280
[   75.992432][ T5159]  should_fail+0xb/0x20
[   75.992483][ T5159]  should_fail_usercopy+0x1a/0x20
[   75.992508][ T5159]  _copy_from_user+0x1c/0xb0
[   75.992532][ T5159]  ___sys_sendmsg+0xc1/0x1d0
[   75.992622][ T5159]  __x64_sys_sendmsg+0xd4/0x160
[   75.992647][ T5159]  x64_sys_call+0x191e/0x3000
[   75.992670][ T5159]  do_syscall_64+0xd2/0x200
[   75.992696][ T5159]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   75.992771][ T5159]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   75.992822][ T5159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.992843][ T5159] RIP: 0033:0x7f9094bef749
[   75.992860][ T5159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.992883][ T5159] RSP: 002b:00007f909364f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.992964][ T5159] RAX: ffffffffffffffda RBX: 00007f9094e45fa0 RCX: 00007f9094bef749
[   75.992980][ T5159] RDX: 0000000000008000 RSI: 0000200000001c00 RDI: 0000000000000006
[   75.992995][ T5159] RBP: 00007f909364f090 R08: 0000000000000000 R09: 0000000000000000
[   75.993007][ T5159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.993018][ T5159] R13: 00007f9094e46038 R14: 00007f9094e45fa0 R15: 00007ffc35cbd088
[   75.993036][ T5159]  </TASK>
[   76.211324][ T5144] loop3: detected capacity change from 0 to 1024
[   76.218706][ T5144] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.353202][ T5144] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c01c, mo2=0002]
[   76.365374][ T5166] capability: warning: `syz.2.486' uses deprecated v2 capabilities in a way that may be insecure
[   76.376369][ T5144] System zones: 0-1, 3-36
[   76.384877][ T5144] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.402801][ T5165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.486'.
[   76.412674][ T5165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.486'.
[   76.436277][ T5165] loop2: detected capacity change from 0 to 512
[   76.443423][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.453073][ T5165] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   76.611132][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.633241][ T5181] xt_connbytes: Forcing CT accounting to be enabled
[   76.645652][ T5181] Cannot find set identified by id 0 to match
[   76.667762][ T5185] loop2: detected capacity change from 0 to 164
[   76.687381][ T5185] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.731324][ T5191] loop0: detected capacity change from 0 to 1024
[   76.766297][ T5191] EXT4-fs: Ignoring removed oldalloc option
[   76.772904][ T5191] EXT4-fs: Ignoring removed oldalloc option
[   76.778968][ T5191] EXT4-fs: Ignoring removed i_version option
[   76.790040][ T5193] loop1: detected capacity change from 0 to 1024
[   76.814993][ T5195] loop4: detected capacity change from 0 to 1024
[   76.822569][ T5191] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[   76.836892][ T5195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.845384][ T5195] EXT4-fs (loop4): bad geometry: first data block is 0 with a 1k block and cluster size
[   76.855894][ T5193] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.871346][ T5193] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 12. Delete some EAs or run e2fsck.
[   76.871846][ T5185] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   76.896377][ T5191] netlink: 36 bytes leftover after parsing attributes in process `syz.0.497'.
[   76.905434][   T29] kauditd_printk_skb: 15 callbacks suppressed
[   76.905453][   T29] audit: type=1400 audit(1764109583.312:1237): avc:  denied  { validate_trans } for  pid=5190 comm="syz.0.497" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   76.936766][ T5193] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.498: bg 0: block 260: invalid block bitmap
[   76.956192][ T5185] Symlink component flag not implemented
[   76.958457][ T5202] FAULT_INJECTION: forcing a failure.
[   76.958457][ T5202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.961920][ T5185] Symlink component flag not implemented
[   76.975006][ T5202] CPU: 1 UID: 0 PID: 5202 Comm: syz.0.499 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.975039][ T5202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   76.975133][ T5202] Call Trace:
[   76.975143][ T5202]  <TASK>
[   76.975153][ T5202]  __dump_stack+0x1d/0x30
[   76.975218][ T5202]  dump_stack_lvl+0xe8/0x140
[   76.975246][ T5202]  dump_stack+0x15/0x1b
[   76.975271][ T5202]  should_fail_ex+0x265/0x280
[   76.975407][ T5202]  should_fail+0xb/0x20
[   76.975428][ T5202]  should_fail_usercopy+0x1a/0x20
[   76.975462][ T5202]  _copy_to_user+0x20/0xa0
[   76.975619][ T5202]  simple_read_from_buffer+0xb5/0x130
[   76.975656][ T5202]  proc_fail_nth_read+0x10e/0x150
[   76.975696][ T5202]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   76.975737][ T5202]  vfs_read+0x1a8/0x770
[   76.975808][ T5202]  ? __rcu_read_unlock+0x4f/0x70
[   76.975842][ T5202]  ? __fget_files+0x184/0x1c0
[   76.975883][ T5202]  ksys_read+0xda/0x1a0
[   76.975928][ T5202]  __x64_sys_read+0x40/0x50
[   76.975962][ T5202]  x64_sys_call+0x27c0/0x3000
[   76.976071][ T5202]  do_syscall_64+0xd2/0x200
[   76.976102][ T5202]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   76.976144][ T5202]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   76.976228][ T5202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.976260][ T5202] RIP: 0033:0x7fea84cde15c
[   76.976290][ T5202] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   76.976316][ T5202] RSP: 002b:00007fea8373f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   76.976343][ T5202] RAX: ffffffffffffffda RBX: 00007fea84f35fa0 RCX: 00007fea84cde15c
[   76.976361][ T5202] RDX: 000000000000000f RSI: 00007fea8373f0a0 RDI: 0000000000000004
[   76.976378][ T5202] RBP: 00007fea8373f090 R08: 0000000000000000 R09: 0000000000000000
[   76.976395][ T5202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.976412][ T5202] R13: 00007fea84f36038 R14: 00007fea84f35fa0 R15: 00007fff1f932288
[   76.976472][ T5202]  </TASK>
[   76.997426][ T5193] EXT4-fs error (device loop1): ext4_free_inode:354: comm syz.1.498: bit already cleared for inode 15
[   77.000885][ T5185] Symlink component flag not implemented (7)
[   77.033284][ T5204] netlink: '�': attribute type 3 has an invalid length.
[   77.034679][ T5185] Symlink component flag not implemented (116)
[   77.201562][ T5208] netlink: 240 bytes leftover after parsing attributes in process `syz.0.500'.
[   77.207078][ T5204] netlink: '�': attribute type 3 has an invalid length.
[   77.222681][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.387558][ T5219] loop1: detected capacity change from 0 to 512
[   77.395075][   T29] audit: type=1400 audit(1764109583.802:1238): avc:  denied  { mounton } for  pid=5213 comm="syz.1.504" path="/113/file0" dev="tmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   77.407271][ T5219] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   77.484005][ T5220] siw: device registration error -23
[   77.496323][ T5220] loop3: detected capacity change from 0 to 512
[   77.538061][ T5219] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.504: bg 0: block 104: invalid block bitmap
[   77.556312][ T5219] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   77.566025][ T5219] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.504: invalid indirect mapped block 1 (level 1)
[   77.620586][ T5220] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.633373][ T5220] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.670471][ T5219] EXT4-fs (loop1): 1 truncate cleaned up
[   77.697778][ T5220] EXT4-fs error (device loop3): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.3.503: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   77.718713][ T5220] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.503: directory missing '.'
[   77.743921][ T5219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.823947][ T5219] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.848297][   T29] audit: type=1400 audit(1764109584.252:1239): avc:  denied  { bind } for  pid=5227 comm="syz.4.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   77.904570][ T5230] loop2: detected capacity change from 0 to 128
[   77.914343][ T5230] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   77.926748][ T5230] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   77.964575][ T5234] loop4: detected capacity change from 0 to 2048
[   77.984014][ T5234] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.999517][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.009151][ T5234] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.033265][ T3320] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   78.151451][ T5252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'.
[   78.174509][ T5252] loop3: detected capacity change from 0 to 512
[   78.224873][ T5246] loop0: detected capacity change from 0 to 4096
[   78.250690][ T5252] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[   78.258937][ T5252] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.510: iget: bad i_size value: 12154757448730
[   78.272070][ T5252] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.510: couldn't read orphan inode 13 (err -117)
[   78.285337][ T5252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.321945][ T5246] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.437922][ T5260] loop2: detected capacity change from 0 to 512
[   78.459230][ T5249] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.509: bg 0: block 345: padding at end of block bitmap is not set
[   78.477041][ T5258] loop1: detected capacity change from 0 to 2048
[   78.506328][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.519415][ T5260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.534738][ T5258] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.549185][ T5249] EXT4-fs (loop4): Remounting filesystem read-only
[   78.556271][ T3809] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   78.573574][ T5260] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.578816][ T5258] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.605168][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   78.626485][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   78.673374][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   78.701833][ T5267] netlink: 16 bytes leftover after parsing attributes in process `syz.0.517'.
[   78.712946][ T3809] Bluetooth: hci0: Frame reassembly failed (-84)
[   78.721254][ T5266] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.516: lblock 23 mapped to illegal pblock 18 (length 1)
[   78.726966][   T29] audit: type=1326 audit(1764109585.112:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.758799][   T29] audit: type=1326 audit(1764109585.112:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.761418][ T5269] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.515: bg 0: block 345: padding at end of block bitmap is not set
[   78.782178][   T29] audit: type=1326 audit(1764109585.112:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.782250][   T29] audit: type=1326 audit(1764109585.112:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.798276][ T5268] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.516: lblock 23 mapped to illegal pblock 18 (length 1)
[   78.819864][   T29] audit: type=1326 audit(1764109585.112:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.866842][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   78.880519][   T29] audit: type=1326 audit(1764109585.112:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.924092][   T29] audit: type=1326 audit(1764109585.112:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5265 comm="syz.0.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7fea84cdf749 code=0x7ffc0000
[   78.951987][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   78.973491][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   78.990829][ T5269] EXT4-fs (loop1): Remounting filesystem read-only
[   79.001398][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.010566][ T3809] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   79.024804][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.036078][ T5260] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.516: lblock 23 mapped to illegal pblock 18 (length 1)
[   79.068267][ T5273] loop3: detected capacity change from 0 to 2048
[   79.071263][ T5260] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.516: path /111/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   79.111765][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.119331][ T5273] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.144030][ T5273] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.204515][ T5283] loop4: detected capacity change from 0 to 128
[   79.217771][ T5283] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   79.230356][ T5283] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   79.292821][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.303295][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.322864][ T5291] FAULT_INJECTION: forcing a failure.
[   79.322864][ T5291] name failslab, interval 1, probability 0, space 0, times 0
[   79.322895][ T5291] CPU: 1 UID: 0 PID: 5291 Comm: syz.3.524 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   79.322923][ T5291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   79.322938][ T5291] Call Trace:
[   79.322945][ T5291]  <TASK>
[   79.322954][ T5291]  __dump_stack+0x1d/0x30
[   79.322984][ T5291]  dump_stack_lvl+0xe8/0x140
[   79.323063][ T5291]  dump_stack+0x15/0x1b
[   79.323087][ T5291]  should_fail_ex+0x265/0x280
[   79.323150][ T5291]  should_failslab+0x8c/0xb0
[   79.323180][ T5291]  kmem_cache_alloc_noprof+0x50/0x480
[   79.323252][ T5291]  ? getname_flags+0x80/0x3b0
[   79.323308][ T5291]  getname_flags+0x80/0x3b0
[   79.323392][ T5291]  __se_sys_quotactl+0x16a/0x670
[   79.323437][ T5291]  __x64_sys_quotactl+0x55/0x70
[   79.323470][ T5291]  x64_sys_call+0x15d6/0x3000
[   79.323500][ T5291]  do_syscall_64+0xd2/0x200
[   79.323528][ T5291]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   79.323644][ T5291]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   79.323740][ T5291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.323770][ T5291] RIP: 0033:0x7f5d2a71f749
[   79.323843][ T5291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.323868][ T5291] RSP: 002b:00007f5d2917f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[   79.323969][ T5291] RAX: ffffffffffffffda RBX: 00007f5d2a975fa0 RCX: 00007f5d2a71f749
[   79.323987][ T5291] RDX: 0000000000000000 RSI: 00002000000037c0 RDI: ffffffff80000200
[   79.324004][ T5291] RBP: 00007f5d2917f090 R08: 0000000000000000 R09: 0000000000000000
[   79.324027][ T5291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.324061][ T5291] R13: 00007f5d2a976038 R14: 00007f5d2a975fa0 R15: 00007fffdd9958b8
[   79.324088][ T5291]  </TASK>
[   79.518594][ T3314] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   79.661434][ T5302] loop4: detected capacity change from 0 to 2048
[   79.673540][ T5295] siw: device registration error -23
[   79.685601][ T5295] loop1: detected capacity change from 0 to 512
[   79.697381][ T5302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.739632][ T5295] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.752373][ T5295] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   79.770132][ T5295] EXT4-fs error (device loop1): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.1.520: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   79.791050][ T5295] EXT4-fs error (device loop1): ext4_get_first_dir_block:3540: inode #12: comm syz.1.520: directory missing '.'
[   79.822272][ T5302] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.901539][ T5299] loop2: detected capacity change from 0 to 8192
[   79.942376][ T5299] msdos: Unknown parameter '����'
[   79.996662][ T5308] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.527: bg 0: block 345: padding at end of block bitmap is not set
[   80.017856][ T5308] EXT4-fs (loop4): Remounting filesystem read-only
[   80.025399][ T2810] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   80.092023][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.141736][ T5314] loop4: detected capacity change from 0 to 1024
[   80.149392][ T5314] EXT4-fs: Ignoring removed oldalloc option
[   80.155456][ T5314] EXT4-fs: Ignoring removed oldalloc option
[   80.161474][ T5314] EXT4-fs: Ignoring removed i_version option
[   80.168722][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.190226][ T5316] vhci_hcd: default hub control req: 5f00 v0000 i0000 l0
[   80.198729][ T5314] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[   80.230452][ T5314] netlink: 36 bytes leftover after parsing attributes in process `syz.4.531'.
[   80.290739][ T5323] loop1: detected capacity change from 0 to 2048
[   80.323252][ T5323] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.337383][ T5323] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.437601][ T5334] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.535: bg 0: block 345: padding at end of block bitmap is not set
[   80.485608][ T5334] EXT4-fs (loop1): Remounting filesystem read-only
[   80.500165][ T3809] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   80.564165][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.629639][ T5341] loop1: detected capacity change from 0 to 8192
[   80.636906][ T5341] msdos: Unknown parameter '����'
[   80.673391][ T5346] netlink: 4 bytes leftover after parsing attributes in process `syz.1.543'.
[   80.683873][ T5346] netlink: 'syz.1.543': attribute type 4 has an invalid length.
[   80.691702][ T5346] netlink: 152 bytes leftover after parsing attributes in process `syz.1.543'.
[   80.705403][ T5346] .`: renamed from bond0 (while UP)
[   80.786986][ T4126] Bluetooth: hci0: command 0x1003 tx timeout
[   80.793179][ T3521] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   80.901888][ T5356] loop3: detected capacity change from 0 to 1024
[   80.908700][ T5356] EXT4-fs: Ignoring removed oldalloc option
[   80.914694][ T5356] EXT4-fs: Ignoring removed oldalloc option
[   80.920672][ T5356] EXT4-fs: Ignoring removed i_version option
[   80.937668][ T5356] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[   80.954557][ T5356] netlink: 36 bytes leftover after parsing attributes in process `syz.3.546'.
[   81.040013][ T5365] loop3: detected capacity change from 0 to 2048
[   81.059342][ T5365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.072395][ T5354] netlink: 'syz.1.545': attribute type 1 has an invalid length.
[   81.080088][ T5354] netlink: 224 bytes leftover after parsing attributes in process `syz.1.545'.
[   81.089929][ T5365] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.161921][ T5371] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.550: bg 0: block 345: padding at end of block bitmap is not set
[   81.176727][ T5371] EXT4-fs (loop3): Remounting filesystem read-only
[   81.185580][   T31] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   81.226216][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.288470][ T5377] loop3: detected capacity change from 0 to 8192
[   81.295189][ T5377] msdos: Unknown parameter '����'
[   81.360350][ T5385] loop3: detected capacity change from 0 to 1024
[   81.368641][ T5385] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.377210][ T5385] EXT4-fs (loop3): bad geometry: first data block is 0 with a 1k block and cluster size
[   81.450042][ T5391] loop2: detected capacity change from 0 to 2048
[   81.476969][ T5391] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.490394][ T5391] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.600647][ T5400] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.558: bg 0: block 345: padding at end of block bitmap is not set
[   81.687238][ T5400] EXT4-fs (loop2): Remounting filesystem read-only
[   81.695347][ T2810] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   81.716787][ T5405] loop4: detected capacity change from 0 to 164
[   81.742293][ T5405] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   81.786953][ T5405] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   81.812433][ T5405] Symlink component flag not implemented
[   81.818199][ T5405] Symlink component flag not implemented
[   81.824522][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.833211][ T5405] Symlink component flag not implemented (7)
[   81.839600][ T5405] Symlink component flag not implemented (116)
[   81.895575][ T5418] FAULT_INJECTION: forcing a failure.
[   81.895575][ T5418] name failslab, interval 1, probability 0, space 0, times 0
[   81.908320][ T5418] CPU: 0 UID: 0 PID: 5418 Comm: syz.1.567 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.908353][ T5418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.908399][ T5418] Call Trace:
[   81.908406][ T5418]  <TASK>
[   81.908453][ T5418]  __dump_stack+0x1d/0x30
[   81.908480][ T5418]  dump_stack_lvl+0xe8/0x140
[   81.908504][ T5418]  dump_stack+0x15/0x1b
[   81.908525][ T5418]  should_fail_ex+0x265/0x280
[   81.908582][ T5418]  should_failslab+0x8c/0xb0
[   81.908619][ T5418]  kmem_cache_alloc_noprof+0x50/0x480
[   81.908690][ T5418]  ? skb_clone+0x151/0x1f0
[   81.908721][ T5418]  skb_clone+0x151/0x1f0
[   81.908818][ T5418]  __netlink_deliver_tap+0x2c9/0x500
[   81.908841][ T5418]  netlink_unicast+0x66b/0x690
[   81.908879][ T5418]  netlink_sendmsg+0x58b/0x6b0
[   81.908909][ T5418]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.908930][ T5418]  __sock_sendmsg+0x145/0x180
[   81.908955][ T5418]  ____sys_sendmsg+0x31e/0x4e0
[   81.908979][ T5418]  ___sys_sendmsg+0x17b/0x1d0
[   81.909062][ T5418]  __x64_sys_sendmsg+0xd4/0x160
[   81.909086][ T5418]  x64_sys_call+0x191e/0x3000
[   81.909115][ T5418]  do_syscall_64+0xd2/0x200
[   81.909141][ T5418]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.909194][ T5418]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.909227][ T5418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.909256][ T5418] RIP: 0033:0x7f599a0cf749
[   81.909271][ T5418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.909288][ T5418] RSP: 002b:00007f5998b2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.909312][ T5418] RAX: ffffffffffffffda RBX: 00007f599a325fa0 RCX: 00007f599a0cf749
[   81.909329][ T5418] RDX: 0000000000040000 RSI: 0000200000000100 RDI: 0000000000000003
[   81.909345][ T5418] RBP: 00007f5998b2f090 R08: 0000000000000000 R09: 0000000000000000
[   81.909423][ T5418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.909483][ T5418] R13: 00007f599a326038 R14: 00007f599a325fa0 R15: 00007ffe5c7347b8
[   81.909507][ T5418]  </TASK>
[   82.134435][ T5422] loop0: detected capacity change from 0 to 2048
[   82.136602][ T5412] loop2: detected capacity change from 0 to 8192
[   82.156157][ T5412] msdos: Unknown parameter '����'
[   82.170778][ T5422] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.183498][ T5422] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.288116][ T5430] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.569: bg 0: block 345: padding at end of block bitmap is not set
[   82.320019][ T5430] EXT4-fs (loop0): Remounting filesystem read-only
[   82.326704][ T2810] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   82.490671][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.543255][ T5443] loop4: detected capacity change from 0 to 164
[   82.573738][ T5443] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.634681][ T5450] loop3: detected capacity change from 0 to 512
[   82.662954][ T5443] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.672652][ T5443] Symlink component flag not implemented
[   82.678392][ T5443] Symlink component flag not implemented
[   82.684674][ T5443] Symlink component flag not implemented (7)
[   82.690786][ T5443] Symlink component flag not implemented (116)
[   82.715341][ T5450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.729623][ T5456] loop2: detected capacity change from 0 to 164
[   82.736091][ T5450] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.747267][ T5456] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.770127][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.779465][ T5459] loop4: detected capacity change from 0 to 8192
[   82.786118][ T5459] msdos: Unknown parameter '����'
[   82.786377][ T5456] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   82.802610][ T5456] Symlink component flag not implemented
[   82.808332][ T5456] Symlink component flag not implemented
[   82.814214][ T5456] Symlink component flag not implemented (7)
[   82.820282][ T5456] Symlink component flag not implemented (116)
[   82.847627][   T29] kauditd_printk_skb: 24 callbacks suppressed
[   82.847645][   T29] audit: type=1400 audit(1764109589.262:1271): avc:  denied  { write } for  pid=5461 comm="syz.4.583" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   82.882807][   T29] audit: type=1400 audit(1764109589.292:1272): avc:  denied  { read } for  pid=5461 comm="syz.4.583" name="mISDNtimer" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   82.905929][   T29] audit: type=1400 audit(1764109589.292:1273): avc:  denied  { open } for  pid=5461 comm="syz.4.583" path="/dev/mISDNtimer" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   82.929305][   T29] audit: type=1400 audit(1764109589.292:1274): avc:  denied  { ioctl } for  pid=5461 comm="syz.4.583" path="/dev/mISDNtimer" dev="devtmpfs" ino=250 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   82.960927][ T5466] loop2: detected capacity change from 0 to 1024
[   82.967772][ T5466] EXT4-fs: Ignoring removed oldalloc option
[   82.973804][ T5466] EXT4-fs: Ignoring removed oldalloc option
[   82.979873][ T5466] EXT4-fs: Ignoring removed i_version option
[   83.012235][ T5466] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[   83.063947][ T5472] loop1: detected capacity change from 0 to 2048
[   83.110927][ T5472] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.247541][ T5472] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.303293][ T5482] loop2: detected capacity change from 0 to 512
[   83.326639][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.453003][ T5482] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 548)
[   83.461926][ T5482] FAT-fs (loop2): Filesystem has been set read-only
[   83.474689][ T5482] netlink: 52 bytes leftover after parsing attributes in process `syz.2.588'.
[   83.510266][   T29] audit: type=1400 audit(1764109589.912:1275): avc:  denied  { read write } for  pid=5491 comm="syz.0.592" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   83.534835][   T29] audit: type=1400 audit(1764109589.912:1276): avc:  denied  { open } for  pid=5491 comm="syz.0.592" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   83.558049][ T5495] loop2: detected capacity change from 0 to 164
[   83.604159][ T5495] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.633816][ T5493] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   83.642406][ T5493] Symlink component flag not implemented
[   83.648090][ T5493] Symlink component flag not implemented
[   83.660012][ T5493] Symlink component flag not implemented (7)
[   83.666072][ T5493] Symlink component flag not implemented (116)
[   83.776304][ T5502] loop2: detected capacity change from 0 to 4096
[   83.788471][ T5502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.835074][ T5504] loop1: detected capacity change from 0 to 512
[   83.945459][ T5510] loop3: detected capacity change from 0 to 1024
[   83.985642][ T5510] EXT4-fs: Ignoring removed oldalloc option
[   84.001986][ T5510] EXT4-fs: Ignoring removed oldalloc option
[   84.008021][ T5510] EXT4-fs: Ignoring removed i_version option
[   84.047022][ T5510] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[   84.057617][ T5504] netlink: 52 bytes leftover after parsing attributes in process `syz.1.596'.
[   84.090775][   T29] audit: type=1326 audit(1764109590.502:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5501 comm="syz.2.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9094bef749 code=0x7ffc0000
[   84.136367][   T29] audit: type=1326 audit(1764109590.502:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5501 comm="syz.2.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9094bef749 code=0x7ffc0000
[   84.159806][   T29] audit: type=1326 audit(1764109590.502:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5501 comm="syz.2.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9094bef749 code=0x7ffc0000
[   84.183245][   T29] audit: type=1326 audit(1764109590.502:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5501 comm="syz.2.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9094bef749 code=0x7ffc0000
[   84.214246][ T5517] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5517 comm=syz.2.595
[   84.279707][ T5524] loop9: detected capacity change from 0 to 7
[   84.297264][ T5524] Buffer I/O error on dev loop9, logical block 0, async page read
[   84.310187][ T5513] loop4: detected capacity change from 0 to 32768
[   84.316801][ T5524] Buffer I/O error on dev loop9, logical block 0, async page read
[   84.324709][ T5524]  loop9: unable to read partition table
[   84.330650][ T5524] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   84.330650][ T5524] 
) failed (rc=-5)
[   84.350588][ T5513]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   84.356014][ T5513] loop4: p1 start 460800 is beyond EOD, truncated
[   84.362542][ T5513] loop4: p2 size 83886080 extends beyond EOD, truncated
[   84.389531][ T5513] loop4: p5 start 460800 is beyond EOD, truncated
[   84.396036][ T5513] loop4: p6 size 83886080 extends beyond EOD, truncated
[   84.601453][ T3320] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 131109
[   84.615798][ T5529] siw: device registration error -23
[   84.629143][ T5529] loop3: detected capacity change from 0 to 512
[   84.651063][ T5529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.663807][ T5529] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.727798][ T5529] EXT4-fs error (device loop3): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.3.603: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   84.752510][ T5529] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.603: directory missing '.'
[   84.790526][ T3320] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 131109
[   85.011510][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.248371][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.325093][ T5539] netlink: 12 bytes leftover after parsing attributes in process `syz.1.608'.
[   85.400612][ T5540] wg1 speed is unknown, defaulting to 1000
[   85.445266][ T5555] loop1: detected capacity change from 0 to 1024
[   85.487456][ T5555] EXT4-fs: Ignoring removed oldalloc option
[   85.523404][ T5540] chnl_net:caif_netlink_parms(): no params data found
[   85.528188][ T5555] EXT4-fs: Ignoring removed oldalloc option
[   85.536685][ T5555] EXT4-fs: Ignoring removed i_version option
[   85.590363][ T5555] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[   85.633120][ T5540] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.640575][ T5540] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.658168][ T5540] bridge_slave_0: entered allmulticast mode
[   85.665391][ T5540] bridge_slave_0: entered promiscuous mode
[   85.691570][ T5563] loop1: detected capacity change from 0 to 512
[   85.698639][ T5540] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.705758][ T5540] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.714890][ T5540] bridge_slave_1: entered allmulticast mode
[   85.724277][ T5563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.736512][ T5540] bridge_slave_1: entered promiscuous mode
[   85.759332][ T5540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.770916][ T5540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.795646][ T5540] team0: Port device team_slave_0 added
[   85.803744][ T5540] team0: Port device team_slave_1 added
[   85.809867][ T5570] ������: renamed from vlan1 (while UP)
[   85.820015][ T5570] IPv6: NLM_F_CREATE should be specified when creating new route
[   85.827985][ T5570] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   85.835258][ T5570] IPv6: NLM_F_CREATE should be set when creating new route
[   85.857912][ T5540] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.865020][ T5540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.891041][ T5540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.902877][ T5540] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.909979][ T5540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.936164][ T5540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.964484][ T5540] hsr_slave_0: entered promiscuous mode
[   85.970885][ T5540] hsr_slave_1: entered promiscuous mode
[   85.976959][ T5540] debugfs: 'hsr0' already exists in 'hsr'
[   85.982697][ T5540] Cannot create hsr debugfs directory
[   86.114227][ T5540] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   86.124323][ T5540] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   86.147688][ T5540] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   86.158101][ T5540] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   86.171349][ T5581] xt_connbytes: Forcing CT accounting to be enabled
[   86.179400][ T5581] Cannot find set identified by id 0 to match
[   86.233718][ T5540] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.258894][ T5540] 8021q: adding VLAN 0 to HW filter on device team0
[   86.287459][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.294561][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.323966][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.331255][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.376429][ T5581] loop3: detected capacity change from 0 to 1024
[   86.383144][ T5592] loop0: detected capacity change from 0 to 512
[   86.383667][ T5581] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   86.390151][ T5592] EXT4-fs: Ignoring removed nobh option
[   86.398017][ T5581] EXT4-fs (loop3): bad geometry: first data block is 0 with a 1k block and cluster size
[   86.415086][ T3395] IPVS: starting estimator thread 0...
[   86.455858][ T5592] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.619: corrupted in-inode xattr: e_value size too large
[   86.478582][ T5592] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.619: couldn't read orphan inode 15 (err -117)
[   86.496095][ T5592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.516938][ T5593] IPVS: using max 2400 ests per chain, 120000 per kthread
[   86.517257][ T5592] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.560192][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.561365][ T5540] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.580681][ T5592] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.665234][ T5604] loop1: detected capacity change from 0 to 512
[   86.687269][ T5592] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.707156][ T5607] tipc: Started in network mode
[   86.712149][ T5607] tipc: Node identity 2e99041d20c1, cluster identity 4711
[   86.719540][ T5607] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   86.738647][ T5606] tipc: Resetting bearer <eth:syzkaller0>
[   86.758501][ T5606] tipc: Disabling bearer <eth:syzkaller0>
[   86.769421][ T5592] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.796515][ T5604] netlink: 52 bytes leftover after parsing attributes in process `syz.1.620'.
[   86.853112][ T5621] loop1: detected capacity change from 0 to 128
[   86.863465][ T4400] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.873784][ T5621] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   86.886883][ T5621] ext4 filesystem being mounted at /138/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   86.918841][ T4400] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.928350][ T4400] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.936577][ T4400] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.951209][ T5540] veth0_vlan: entered promiscuous mode
[   86.965384][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.980873][ T5540] veth1_vlan: entered promiscuous mode
[   87.034938][ T5540] veth0_macvtap: entered promiscuous mode
[   87.046741][ T5540] veth1_macvtap: entered promiscuous mode
[   87.069722][ T3318] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   87.082354][ T5540] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.099685][ T5540] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.114510][ T3809] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.129164][ T3809] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.155494][ T3809] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.173678][ T3809] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.195280][ T5632] loop3: detected capacity change from 0 to 2048
[   87.214473][ T5632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.219779][ T5636] wg1 speed is unknown, defaulting to 1000
[   87.228662][ T5632] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.287647][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.397743][ T5649] loop4: detected capacity change from 0 to 512
[   87.407385][ T5634] - (5634) used greatest stack depth: 10160 bytes left
[   87.480898][ T5653] loop1: detected capacity change from 0 to 2048
[   87.500004][ T5653] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.547595][ T5653] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.600404][ T5649] netlink: 52 bytes leftover after parsing attributes in process `syz.4.632'.
[   87.640968][ T5659] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.633: bg 0: block 345: padding at end of block bitmap is not set
[   87.664270][ T5659] EXT4-fs (loop1): Remounting filesystem read-only
[   87.672462][ T5661] loop4: detected capacity change from 0 to 1024
[   87.674231][ T4401] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   87.693766][ T5661] netlink: 12 bytes leftover after parsing attributes in process `syz.4.635'.
[   87.719749][ T5661] bridge1: port 1(veth0_to_bond) entered blocking state
[   87.726808][ T5661] bridge1: port 1(veth0_to_bond) entered disabled state
[   87.739168][ T5661] veth0_to_bond: entered allmulticast mode
[   87.754801][ T5661] veth0_to_bond: entered promiscuous mode
[   87.881511][ T5671] loop0: detected capacity change from 0 to 2048
[   87.918420][ T5675] loop1: detected capacity change from 0 to 2048
[   87.928523][ T5671] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.945813][ T5675] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.022007][ T5682] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.640: bg 0: block 345: padding at end of block bitmap is not set
[   88.042816][ T5683] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.641: bg 0: block 345: padding at end of block bitmap is not set
[   88.058361][ T5683] EXT4-fs (loop1): Remounting filesystem read-only
[   88.065155][ T5682] EXT4-fs (loop0): Remounting filesystem read-only
[   88.073128][ T4400] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   88.077029][ T3809] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   88.175581][   T29] kauditd_printk_skb: 81 callbacks suppressed
[   88.175597][   T29] audit: type=1326 audit(1764109594.582:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5646 comm="syz.3.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d2a71f749 code=0x7fc00000
[   88.288474][ T5688] loop3: detected capacity change from 0 to 2048
[   88.310152][   T29] audit: type=1400 audit(1764109594.722:1363): avc:  denied  { ioctl } for  pid=5690 comm="syz.1.646" path="socket:[11773]" dev="sockfs" ino=11773 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   88.350516][ T5688] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.364725][ T5691] gtp0: entered promiscuous mode
[   88.369774][ T5691] gtp0: entered allmulticast mode
[   88.434668][ T5696] loop5: detected capacity change from 0 to 2048
[   88.468310][ T5696] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.485404][ T5698] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.645: bg 0: block 345: padding at end of block bitmap is not set
[   88.500368][ T5698] EXT4-fs (loop3): Remounting filesystem read-only
[   88.507795][ T3809] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   88.537010][ T5705] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.647: bg 0: block 345: padding at end of block bitmap is not set
[   88.552849][ T5705] EXT4-fs (loop5): Remounting filesystem read-only
[   88.567343][ T2810] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   88.720574][ T5721] loop0: detected capacity change from 0 to 2048
[   88.739918][ T5721] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.831447][ T5725] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.655: bg 0: block 345: padding at end of block bitmap is not set
[   88.851167][ T5725] EXT4-fs (loop0): Remounting filesystem read-only
[   88.862598][ T3809] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   89.004929][ T5735] loop0: detected capacity change from 0 to 2048
[   89.037480][ T5735] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.057527][ T5739] netlink: 14 bytes leftover after parsing attributes in process `syz.4.656'.
[   89.153232][ T5743] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.659: bg 0: block 345: padding at end of block bitmap is not set
[   89.192815][ T5743] EXT4-fs (loop0): Remounting filesystem read-only
[   89.199476][ T3809] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   89.297911][ T5740] loop4: detected capacity change from 0 to 2048
[   89.320697][ T5745] loop0: detected capacity change from 0 to 2048
[   89.350017][ T5745] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.415924][ T5740] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.656: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 260(4), depth 0(0)
[   89.438554][ T2810] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set
[   89.477284][ T2810] EXT4-fs (loop0): Remounting filesystem read-only
[   89.483896][ T3809] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   89.500936][ T5740] EXT4-fs (loop4): get root inode failed
[   89.506628][ T5740] EXT4-fs (loop4): mount failed
[   89.531315][ T5752] EXT4-fs (loop0): ext4_do_writepages: jbd2_start: 9223372036854775807 pages, ino 15; err -30
[   89.688622][   T29] audit: type=1400 audit(1764109596.102:1364): avc:  denied  { create } for  pid=5761 comm="syz.5.666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   89.715405][   T29] audit: type=1400 audit(1764109596.132:1365): avc:  denied  { write } for  pid=5761 comm="syz.5.666" path="socket:[11867]" dev="sockfs" ino=11867 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   89.752473][ T5762] loop5: detected capacity change from 0 to 1024
[   89.774822][ T5762] EXT4-fs: Ignoring removed orlov option
[   89.787004][   T29] audit: type=1400 audit(1764109596.172:1366): avc:  denied  { view } for  pid=5763 comm="syz.3.667" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   90.100149][ T5773] loop1: detected capacity change from 0 to 1024
[   90.137410][ T5773] EXT4-fs: Ignoring removed oldalloc option
[   90.143387][ T5773] EXT4-fs: Ignoring removed oldalloc option
[   90.149370][ T5773] EXT4-fs: Ignoring removed i_version option
[   90.157209][ T5773] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[   90.405708][ T5784] loop9: detected capacity change from 0 to 7
[   90.424924][ T5784] Buffer I/O error on dev loop9, logical block 0, async page read
[   90.454128][ T5784] Buffer I/O error on dev loop9, logical block 0, async page read
[   90.462167][ T5784]  loop9: unable to read partition table
[   90.488420][ T5784] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   90.488420][ T5784] 
) failed (rc=-5)
[   90.781984][ T5786] loop0: detected capacity change from 0 to 512
[   90.960412][ T5739] syz.4.656 (5739) used greatest stack depth: 6184 bytes left
[   91.015163][ T5793] veth0_vlan: entered allmulticast mode
[   91.031876][   T29] audit: type=1326 audit(1764109597.442:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5789 comm="syz.5.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ae615f749 code=0x7ffc0000
[   91.055418][   T29] audit: type=1326 audit(1764109597.442:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5789 comm="syz.5.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ae615f749 code=0x7ffc0000
[   91.082939][ T5796] netlink: 664 bytes leftover after parsing attributes in process `syz.3.679'.
[   91.118605][ T5796] loop3: detected capacity change from 0 to 512
[   91.119651][   T29] audit: type=1400 audit(1764109597.442:1369): avc:  denied  { write } for  pid=5795 comm="syz.3.679" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   91.133069][ T5796] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   91.148482][   T29] audit: type=1326 audit(1764109597.502:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5789 comm="syz.5.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f4ae615f749 code=0x7ffc0000
[   91.160570][ T5796] EXT4-fs (loop3): 1 truncate cleaned up
[   91.181587][   T29] audit: type=1326 audit(1764109597.502:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5789 comm="syz.5.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ae615f749 code=0x7ffc0000
[   91.199343][ T5799] netlink: 16 bytes leftover after parsing attributes in process `syz.5.678'.
[   91.229739][ T4400] Bluetooth: hci0: Frame reassembly failed (-84)
[   91.244933][ T5803] loop0: detected capacity change from 0 to 2048
[   91.292613][ T5803] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.364919][ T5815] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.681: bg 0: block 345: padding at end of block bitmap is not set
[   91.380155][ T5815] EXT4-fs (loop0): Remounting filesystem read-only
[   91.397980][ T4400] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   91.450160][ T5817] loop4: detected capacity change from 0 to 512
[   91.540643][ T5817] netlink: 52 bytes leftover after parsing attributes in process `syz.4.686'.
[   91.565866][ T5823] vhci_hcd: default hub control req: 5f00 v0000 i0000 l0
[   91.691956][ T5829] loop1: detected capacity change from 0 to 512
[   91.872592][ T5843] siw: device registration error -23
[   91.886126][ T5843] loop3: detected capacity change from 0 to 512
[   92.501687][ T5843] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.559817][ T5842] EXT4-fs error (device loop3): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.3.696: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   92.580817][ T5852] loop0: detected capacity change from 0 to 512
[   92.611839][ T5842] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.696: directory missing '.'
[   92.680741][ T5852] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.741488][ T5860] loop1: detected capacity change from 0 to 512
[   92.752070][ T5851] EXT4-fs error (device loop0): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.0.699: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   92.772760][ T5851] EXT4-fs error (device loop0): ext4_get_first_dir_block:3540: inode #12: comm syz.0.699: directory missing '.'
[   92.967219][ T5860] netlink: 52 bytes leftover after parsing attributes in process `syz.1.701'.
[   93.100719][ T5885] loop1: detected capacity change from 0 to 2048
[   93.118581][ T5885] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.190100][ T5891] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.711: bg 0: block 345: padding at end of block bitmap is not set
[   93.207469][ T5891] EXT4-fs (loop1): Remounting filesystem read-only
[   93.216913][ T4401] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   93.268175][ T3521] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   93.275231][   T29] kauditd_printk_skb: 91 callbacks suppressed
[   93.275303][   T29] audit: type=1326 audit(1764109599.682:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5789 comm="syz.5.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ae615f749 code=0x7ffc0000
[   93.305373][   T29] audit: type=1326 audit(1764109599.682:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5789 comm="syz.5.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ae615f749 code=0x7ffc0000
[   93.418191][ T5897] usb usb8: usbfs: process 5897 (syz.1.714) did not claim interface 0 before use
[   93.464483][ T5899] netlink: 56 bytes leftover after parsing attributes in process `syz.1.715'.
[   93.490739][ T5901] loop1: detected capacity change from 0 to 512
[   93.497515][ T5901] EXT4-fs: Ignoring removed orlov option
[   93.503660][ T5901] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   93.514352][ T5901] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.716: corrupted in-inode xattr: e_value size too large
[   93.528884][ T5901] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.716: couldn't read orphan inode 15 (err -117)
[   93.544641][ T5901] netlink: 3 bytes leftover after parsing attributes in process `syz.1.716'.
[   93.553513][ T5901] 0�X���: renamed from caif0
[   93.559768][ T5901] 0�X���: entered allmulticast mode
[   93.564995][ T5901] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[   93.631611][ T5904] loop1: detected capacity change from 0 to 512
[   93.674457][ T5904] netlink: 52 bytes leftover after parsing attributes in process `syz.1.717'.
[   93.758346][ T5912] netlink: 664 bytes leftover after parsing attributes in process `syz.1.721'.
[   93.770460][ T5912] loop1: detected capacity change from 0 to 512
[   93.777835][ T5912] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   93.790304][ T5912] EXT4-fs (loop1): 1 truncate cleaned up
[   93.877355][ T5921] loop1: detected capacity change from 0 to 512
[   94.104568][ T5928] loop0: detected capacity change from 0 to 2048
[   94.116408][ T5926] siw: device registration error -23
[   94.130136][ T5926] loop5: detected capacity change from 0 to 512
[   94.209796][ T5926] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   94.231687][ T5928] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.384157][ T5941] vhci_hcd: default hub control req: 5f00 v0000 i0000 l0
[   94.433118][ T5944] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.727: bg 0: block 345: padding at end of block bitmap is not set
[   94.453460][ T5943] loop1: detected capacity change from 0 to 2048
[   94.491759][ T5944] EXT4-fs (loop0): Remounting filesystem read-only
[   94.509022][ T5943] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.519756][ T2810] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   94.571098][ T5954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.735'.
[   94.580076][ T5954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.735'.
[   94.650329][   T29] audit: type=1400 audit(2000000001.180:1465): avc:  denied  { setopt } for  pid=5953 comm="syz.0.735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   94.712650][ T5955] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.732: bg 0: block 345: padding at end of block bitmap is not set
[   94.826754][ T5957] siw: device registration error -23
[   94.839766][ T5957] loop4: detected capacity change from 0 to 512
[   94.924193][ T5957] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   94.973766][   T29] audit: type=1400 audit(2000000001.200:1466): avc:  denied  { read } for  pid=5953 comm="syz.0.735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   95.020204][ T5955] EXT4-fs (loop1): Remounting filesystem read-only
[   95.027107][ T4401] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   95.205141][ T5974] FAULT_INJECTION: forcing a failure.
[   95.205141][ T5974] name failslab, interval 1, probability 0, space 0, times 0
[   95.217881][ T5974] CPU: 0 UID: 0 PID: 5974 Comm: syz.1.740 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.217916][ T5974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.217933][ T5974] Call Trace:
[   95.217951][ T5974]  <TASK>
[   95.217961][ T5974]  __dump_stack+0x1d/0x30
[   95.217990][ T5974]  dump_stack_lvl+0xe8/0x140
[   95.218017][ T5974]  dump_stack+0x15/0x1b
[   95.218041][ T5974]  should_fail_ex+0x265/0x280
[   95.218084][ T5974]  should_failslab+0x8c/0xb0
[   95.218164][ T5974]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   95.218207][ T5974]  ? rds_rm_size+0x2c8/0x490
[   95.218231][ T5974]  krealloc_node_align_noprof+0xd7/0x340
[   95.218343][ T5974]  rds_rm_size+0x2c8/0x490
[   95.218373][ T5974]  rds_sendmsg+0x842/0x14a0
[   95.218408][ T5974]  ? __pfx_rds_sendmsg+0x10/0x10
[   95.218430][ T5974]  __sock_sendmsg+0x145/0x180
[   95.218465][ T5974]  ____sys_sendmsg+0x31e/0x4e0
[   95.218547][ T5974]  ___sys_sendmsg+0x17b/0x1d0
[   95.218591][ T5974]  __x64_sys_sendmsg+0xd4/0x160
[   95.218623][ T5974]  x64_sys_call+0x191e/0x3000
[   95.218672][ T5974]  do_syscall_64+0xd2/0x200
[   95.218694][ T5974]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   95.218728][ T5974]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   95.218773][ T5974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.218850][ T5974] RIP: 0033:0x7f599a0cf749
[   95.218870][ T5974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.218940][ T5974] RSP: 002b:00007f5998b2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.218965][ T5974] RAX: ffffffffffffffda RBX: 00007f599a325fa0 RCX: 00007f599a0cf749
[   95.218981][ T5974] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000003
[   95.219057][ T5974] RBP: 00007f5998b2f090 R08: 0000000000000000 R09: 0000000000000000
[   95.219073][ T5974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.219089][ T5974] R13: 00007f599a326038 R14: 00007f599a325fa0 R15: 00007ffe5c7347b8
[   95.219173][ T5974]  </TASK>
[   95.219520][ T5965] loop3: detected capacity change from 0 to 512
[   95.478334][ T5965] EXT4-fs: dax option not supported
[   95.510906][   T29] audit: type=1400 audit(2000000002.030:1467): avc:  denied  { remount } for  pid=5964 comm="syz.3.738" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   95.561436][ T5981] loop0: detected capacity change from 0 to 512
[   95.646547][ T5983] loop1: detected capacity change from 0 to 512
[   95.725593][   T29] audit: type=1400 audit(2000000002.250:1468): avc:  denied  { mounton } for  pid=5988 comm="syz.3.747" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[   95.806907][ T5990] siw: device registration error -23
[   95.818828][ T5990] loop4: detected capacity change from 0 to 512
[   95.889635][ T5990] ext4 filesystem being mounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   95.962890][   T29] audit: type=1400 audit(2000000002.390:1469): avc:  denied  { setopt } for  pid=5988 comm="syz.3.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   96.092119][ T5999] loop1: detected capacity change from 0 to 512
[   96.108783][ T5999] ext4 filesystem being mounted at /177/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.261947][ T6008] loop1: detected capacity change from 0 to 512
[   96.318373][ T6011] loop0: detected capacity change from 0 to 512
[   96.342104][ T6011] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.369289][ T6011] EXT4-fs error (device loop0): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.0.751: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[   96.413392][ T6011] EXT4-fs error (device loop0): ext4_get_first_dir_block:3540: inode #12: comm syz.0.751: directory missing '.'
[   97.038035][ T6033] __nla_validate_parse: 1 callbacks suppressed
[   97.038056][ T6033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.760'.
[   97.091159][ T6031] loop0: detected capacity change from 0 to 512
[   97.482555][ T6031] netlink: 52 bytes leftover after parsing attributes in process `syz.0.759'.
[   97.508766][   T29] audit: type=1326 audit(2000000004.030:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.4.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544cf6f749 code=0x7ffc0000
[   97.532163][   T29] audit: type=1326 audit(2000000004.040:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.4.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f544cf6f749 code=0x7ffc0000
[   97.555539][   T29] audit: type=1326 audit(2000000004.040:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.4.765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544cf6f749 code=0x7ffc0000
[   97.594764][ T6050] netlink: 16 bytes leftover after parsing attributes in process `syz.4.765'.
[   97.695762][ T6052] loop0: detected capacity change from 0 to 164
[   97.732942][ T6052] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.768567][ T6052] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.800020][ T6052] Symlink component flag not implemented
[   97.805816][ T6052] Symlink component flag not implemented
[   97.858320][ T6052] Symlink component flag not implemented (7)
[   97.864368][ T6052] Symlink component flag not implemented (116)
[   97.945432][ T6059] loop5: detected capacity change from 0 to 2048
[   97.978407][ T6059] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.054855][ T6066] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.770: bg 0: block 345: padding at end of block bitmap is not set
[   98.080627][ T6066] EXT4-fs (loop5): Remounting filesystem read-only
[   98.087435][ T4401] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   98.265728][ T6071] netlink: 664 bytes leftover after parsing attributes in process `syz.4.772'.
[   98.278219][ T6071] loop4: detected capacity change from 0 to 512
[   98.285207][ T6071] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   98.297537][ T6071] EXT4-fs (loop4): 1 truncate cleaned up
[   98.394608][ T6079] loop5: detected capacity change from 0 to 1024
[   98.402290][ T6079] EXT4-fs: Ignoring removed orlov option
[   98.412239][ T6065] netlink: 'syz.1.769': attribute type 1 has an invalid length.
[   98.419988][ T6065] netlink: 224 bytes leftover after parsing attributes in process `syz.1.769'.
[   98.433667][ T6082] loop0: detected capacity change from 0 to 512
[   98.471305][ T6082] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   98.539423][ T6089] netlink: 664 bytes leftover after parsing attributes in process `syz.3.778'.
[   98.551824][ T6089] loop3: detected capacity change from 0 to 512
[   98.559435][ T6089] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   98.580041][ T6089] EXT4-fs (loop3): 1 truncate cleaned up
[   98.757775][   T29] kauditd_printk_skb: 31 callbacks suppressed
[   98.757791][   T29] audit: type=1326 audit(2000000005.290:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6056 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599a0cf749 code=0x7fc00000
[   98.822202][ T6093] netlink: 'syz.4.777': attribute type 1 has an invalid length.
[   98.829927][ T6093] netlink: 224 bytes leftover after parsing attributes in process `syz.4.777'.
[   98.924290][ T6104] loop3: detected capacity change from 0 to 2048
[   98.942492][ T6104] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.117141][ T6108] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.783: bg 0: block 345: padding at end of block bitmap is not set
[   99.136288][ T6108] EXT4-fs (loop3): Remounting filesystem read-only
[   99.144520][ T3809] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   99.304495][ T6085] ==================================================================
[   99.312631][ T6085] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   99.319763][ T6085] 
[   99.322100][ T6085] write to 0xffff8881007ccf94 of 4 bytes by task 6079 on cpu 1:
[   99.329740][ T6085]  xas_set_mark+0x12b/0x140
[   99.334262][ T6085]  __folio_start_writeback+0x155/0x390
[   99.339747][ T6085]  ext4_bio_write_folio+0x5ad/0x9f0
[   99.344974][ T6085]  mpage_process_page_bufs+0x4a1/0x620
[   99.350452][ T6085]  mpage_prepare_extent_to_map+0x786/0xc00
[   99.356279][ T6085]  ext4_do_writepages+0xa05/0x2750
[   99.361400][ T6085]  ext4_writepages+0x176/0x300
[   99.366204][ T6085]  do_writepages+0x1c6/0x310
[   99.370833][ T6085]  file_write_and_wait_range+0x156/0x2c0
[   99.376485][ T6085]  generic_buffers_fsync_noflush+0x45/0x120
[   99.382397][ T6085]  ext4_sync_file+0x1ab/0x690
[   99.387086][ T6085]  vfs_fsync_range+0x10d/0x130
[   99.391878][ T6085]  ext4_buffered_write_iter+0x34f/0x3c0
[   99.397450][ T6085]  ext4_file_write_iter+0x387/0xf60
[   99.402676][ T6085]  iter_file_splice_write+0x666/0xa60
[   99.408104][ T6085]  direct_splice_actor+0x156/0x2a0
[   99.413237][ T6085]  splice_direct_to_actor+0x312/0x680
[   99.418628][ T6085]  do_splice_direct+0xda/0x150
[   99.423416][ T6085]  do_sendfile+0x380/0x650
[   99.427858][ T6085]  __x64_sys_sendfile64+0x105/0x150
[   99.433078][ T6085]  x64_sys_call+0x2bb4/0x3000
[   99.437767][ T6085]  do_syscall_64+0xd2/0x200
[   99.442284][ T6085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.448192][ T6085] 
[   99.450520][ T6085] read to 0xffff8881007ccf94 of 4 bytes by task 6085 on cpu 0:
[   99.458074][ T6085]  xas_find_marked+0x5dc/0x620
[   99.462846][ T6085]  find_get_entry+0x5d/0x380
[   99.467457][ T6085]  filemap_get_folios_tag+0x92/0x210
[   99.472765][ T6085]  mpage_prepare_extent_to_map+0x320/0xc00
[   99.478590][ T6085]  ext4_do_writepages+0x708/0x2750
[   99.483710][ T6085]  ext4_writepages+0x176/0x300
[   99.488489][ T6085]  do_writepages+0x1c6/0x310
[   99.493095][ T6085]  file_write_and_wait_range+0x156/0x2c0
[   99.498748][ T6085]  generic_buffers_fsync_noflush+0x45/0x120
[   99.504658][ T6085]  ext4_sync_file+0x1ab/0x690
[   99.509365][ T6085]  vfs_fsync_range+0x10d/0x130
[   99.514151][ T6085]  ext4_buffered_write_iter+0x34f/0x3c0
[   99.519721][ T6085]  ext4_file_write_iter+0x387/0xf60
[   99.524943][ T6085]  iter_file_splice_write+0x666/0xa60
[   99.530349][ T6085]  direct_splice_actor+0x156/0x2a0
[   99.535479][ T6085]  splice_direct_to_actor+0x312/0x680
[   99.540864][ T6085]  do_splice_direct+0xda/0x150
[   99.545643][ T6085]  do_sendfile+0x380/0x650
[   99.550096][ T6085]  __x64_sys_sendfile64+0x105/0x150
[   99.555314][ T6085]  x64_sys_call+0x2bb4/0x3000
[   99.560007][ T6085]  do_syscall_64+0xd2/0x200
[   99.564526][ T6085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.570433][ T6085] 
[   99.572849][ T6085] value changed: 0x0a000021 -> 0x04000021
[   99.578573][ T6085] 
[   99.580912][ T6085] Reported by Kernel Concurrency Sanitizer on:
[   99.587067][ T6085] CPU: 0 UID: 0 PID: 6085 Comm: syz.5.775 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.596712][ T6085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   99.606778][ T6085] ==================================================================
[   99.643520][   T29] audit: type=1326 audit(2000000006.170:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6087 comm="syz.4.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f544cf6f749 code=0x7fc00000
[   99.672905][ T5540] EXT4-fs unmount: 55 callbacks suppressed
[   99.672940][ T5540] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.696108][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.