last executing test programs:

4.179851831s ago: executing program 3 (id=1338):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000700)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',access=', @ANYBLOB="0300"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00'}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xa, 0x4, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f00006fb000/0x2000)=nil, 0x2000, &(0x7f0000000280)=""/150)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=<r4=>0xffffffffffffffff, @ANYBLOB="01000000010000001c0012000c000100"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x188)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="18001a00000000040000001812000035376eda56bf30ded5e244da9e18daec00ef01db621c3c39e9baa8e714", @ANYRES8=r4, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='leases_conflict\x00', r5}, 0x18)
timer_delete(0x0)

3.138679936s ago: executing program 3 (id=1365):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x0, 0x20002f7})

3.09000674s ago: executing program 3 (id=1367):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x204000, &(0x7f0000000000), 0x106, 0x2}}, 0x20)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x26, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000100000000000000010000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7270a02000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000185800000100000000000000000000001800000004000000000000000700000018000000080000000000000002000000850000001400007f0000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000186500000c0000000000000009000000852000000200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ffffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0xfa, &(0x7f0000000600)=""/250, 0x41000, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000a40)={0x5, 0x4, 0x400, 0x3}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000a80)=[{0x3, 0x2, 0xe, 0x2}, {0x5, 0x5, 0xc, 0xb}, {0x4, 0x2, 0x10, 0x8}, {0x2, 0x1, 0x1, 0x320b76fae275ea75}, {0x0, 0x5, 0x3, 0xa}, {0x1, 0x4, 0xa, 0x9}, {0x1, 0x2, 0x4, 0x8}, {0x4, 0x5, 0x6, 0x9}], 0x10, 0xffff}, 0x94)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

2.125351937s ago: executing program 3 (id=1379):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000046, &(0x7f0000000240)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@bsdgroups}, {@jqfmt_vfsv1}, {@nolazytime}, {@noblock_validity}, {@grpjquota}, {@jqfmt_vfsv1}, {@errors_remount}]}, 0x11, 0x565, &(0x7f0000000440)="$eJzs3U9rHGUYAPBnNtn+16ZQiopIoAcrtZsm8U8FD/VYtFjQe12SbSjZdEt2U5pYsD3YixcpgogF8a53j8UvoF+ioIUiJejBS2R2Z9K02W226bZJnd8PprxvZnafeXbmefvOzi4bQGGNpv+UIl6OiK+TiP0RkWTrhiNbOdrZbvnelal0SWJl5ZO/kvZ2aT9/rvxxe7POSxHx65cRR0vr4zYXl2ar9XptPuuPteYujjUXl46dn6vO1GZqFyYmJ0+8PTnx3rvvDCzXN878893Ht06d+Orw8rc/3zlwI4mTsS9btzaPJ3B1bWc0RrPXpBwnH9pwfADBtpNkq3eATRnK6rwc6RiwP4ayqgf+/76IiBWgoBL1DwWVzwPya/sBXQc/N+5+0LkAWp//cOe9kdjVvjbas5w8cGWUXu+ODCB+GuOXP2/eSJcY3PsQABu6ei0ijg8Prx//kmz827zjfWzzcAzjHzw7t9L5z5vd5j+l1flPdJn/7O1Su5uxcf2X7gwgTE/p/O/9rvPf1ZtWI0NZ74X2nK+cnDtfr6Vj24sRcSTKO9N+537Ojq4xTizfXukVf+38L13S+PlcMNuPO8M7H3zMdLVVfdK8c3evRbzSdf6brB7/pMvxT1+PM33GOFS7+VqvdRvn/3St/Bjxetfjf/+OVvLo+5Nj7fNhLD8r1vv7+qHfesXf6vzT47/n0fmPJGvv1zYfP8YPu/6t9Vr3QP7R//m/I/m03c4r7nK11Zofj9iRfLT+7xP3H5v38+3T/I8cfvT41+383x0Rn/WZ//WDP73aV/5bdPynH+v4P37j9oeff98rfn/j31vt1pHsL/2Mf53g5azXewc3+7oBAAAAAADAdlSKiH2RlCqr7VKpUul8vuNg7CnVG83W0XONhQvT0f6u7EiUS/md7v1rPg8xnn0eNu9PPNSfjIgDEfHN0O52vzLVqE9vdfIAAAAAAAAAAAAAAAAAAACwTezt8f3/1B9DW713wFPnJ7+huDas/0H80hOwLfn/H4pL/UNxqX8oLvUPxaX+objUPxSX+ofiUv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUGdOn06XleV7V6bS/vSlxYXZxqVj07XmbGVuYaoy1Zi/WJlpNGbqtcpUY26j56s3GhfHJ2Lh8lir1myNNReXzs41Fi60zp6fq87UztbKzyQrAAAAAAAAAAAAAAAAAAAAeL40F5dmq/V6bf75bJz6vZPGdtmfAjaGn2nQUmyDlAvR2OqRCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADu+y8AAP//j7QxOw==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x7, 0x6, 0x801}, 0x14}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r2, &(0x7f0000000100), 0x0, 0x5405, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
listen(r3, 0x9)

1.918982728s ago: executing program 3 (id=1382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@init_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
write$UHID_INPUT2(r2, &(0x7f0000003200)={0xc, {0x3b, "6c2450060f84cfce0059f92be3fbc44cce81cf6db39945ebd08f18764adae66029e17e29738c85b051ced2b488f35ca681091dd3c8976415c191cb"}}, 0x41)
preadv2(r2, &(0x7f0000000280)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)

1.602432349s ago: executing program 3 (id=1386):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

1.572163982s ago: executing program 4 (id=1387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@init_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
write$UHID_INPUT2(r2, &(0x7f0000003200)={0xc, {0x3b, "6c2450060f84cfce0059f92be3fbc44cce81cf6db39945ebd08f18764adae66029e17e29738c85b051ced2b488f35ca681091dd3c8976415c191cb"}}, 0x41)
preadv2(r2, &(0x7f0000000280)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)

1.541206595s ago: executing program 2 (id=1388):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x10004, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5000000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="d0700400400000001c00243a9b832912800c0001006d6163766c616e000c0002800800010008000000140035006d6163766c616e300000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4048090}, 0x8000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
ioctl$int_in(r0, 0x5421, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000000c0)={0xffffffffffffffff, 0x2, 0xa9, 0xd})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
syz_emit_ethernet(0x7e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6015690900482f00fc020000000000000000000000000000ff020000613c04d2964d41230bb69eb4000000000000000000004001242088a8000000020006000000000800000086dd88a888be08000000100000000100000000000000080022eb00000000200000000200000000000000a06aea5dcd3f475014906c61fcd45c69bb2667e1edd2e28c0a3cb14d5dbf4bfe1cf7ab"], 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
fdatasync(r4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x18)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ftruncate(r4, 0x5)

1.361702283s ago: executing program 4 (id=1389):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x204000, &(0x7f0000000000), 0x106, 0x2}}, 0x20)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x26, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000100000000000000010000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7270a02000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000185800000100000000000000000000001800000004000000000000000700000018000000080000000000000002000000850000001400007f0000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000186500000c0000000000000009000000852000000200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ffffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0xfa, &(0x7f0000000600)=""/250, 0x41000, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000a40)={0x5, 0x4, 0x400, 0x3}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000a80)=[{0x3, 0x2, 0xe, 0x2}, {0x5, 0x5, 0xc, 0xb}, {0x4, 0x2, 0x10, 0x8}, {0x2, 0x1, 0x1, 0x320b76fae275ea75}, {0x0, 0x5, 0x3, 0xa}, {0x1, 0x4, 0xa, 0x9}, {0x1, 0x2, 0x4, 0x8}, {0x4, 0x5, 0x6, 0x9}], 0x10, 0xffff}, 0x94)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

978.879352ms ago: executing program 1 (id=1394):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000046, &(0x7f0000000240)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@bsdgroups}, {@jqfmt_vfsv1}, {@nolazytime}, {@noblock_validity}, {@grpjquota}, {@jqfmt_vfsv1}, {@errors_remount}]}, 0x11, 0x565, &(0x7f0000000440)="$eJzs3U9rHGUYAPBnNtn+16ZQiopIoAcrtZsm8U8FD/VYtFjQe12SbSjZdEt2U5pYsD3YixcpgogF8a53j8UvoF+ioIUiJejBS2R2Z9K02W226bZJnd8PprxvZnafeXbmefvOzi4bQGGNpv+UIl6OiK+TiP0RkWTrhiNbOdrZbvnelal0SWJl5ZO/kvZ2aT9/rvxxe7POSxHx65cRR0vr4zYXl2ar9XptPuuPteYujjUXl46dn6vO1GZqFyYmJ0+8PTnx3rvvDCzXN878893Ht06d+Orw8rc/3zlwI4mTsS9btzaPJ3B1bWc0RrPXpBwnH9pwfADBtpNkq3eATRnK6rwc6RiwP4ayqgf+/76IiBWgoBL1DwWVzwPya/sBXQc/N+5+0LkAWp//cOe9kdjVvjbas5w8cGWUXu+ODCB+GuOXP2/eSJcY3PsQABu6ei0ijg8Prx//kmz827zjfWzzcAzjHzw7t9L5z5vd5j+l1flPdJn/7O1Su5uxcf2X7gwgTE/p/O/9rvPf1ZtWI0NZ74X2nK+cnDtfr6Vj24sRcSTKO9N+537Ojq4xTizfXukVf+38L13S+PlcMNuPO8M7H3zMdLVVfdK8c3evRbzSdf6brB7/pMvxT1+PM33GOFS7+VqvdRvn/3St/Bjxetfjf/+OVvLo+5Nj7fNhLD8r1vv7+qHfesXf6vzT47/n0fmPJGvv1zYfP8YPu/6t9Vr3QP7R//m/I/m03c4r7nK11Zofj9iRfLT+7xP3H5v38+3T/I8cfvT41+383x0Rn/WZ//WDP73aV/5bdPynH+v4P37j9oeff98rfn/j31vt1pHsL/2Mf53g5azXewc3+7oBAAAAAADAdlSKiH2RlCqr7VKpUul8vuNg7CnVG83W0XONhQvT0f6u7EiUS/md7v1rPg8xnn0eNu9PPNSfjIgDEfHN0O52vzLVqE9vdfIAAAAAAAAAAAAAAAAAAACwTezt8f3/1B9DW713wFPnJ7+huDas/0H80hOwLfn/H4pL/UNxqX8oLvUPxaX+objUPxSX+ofiUv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUGdOn06XleV7V6bS/vSlxYXZxqVj07XmbGVuYaoy1Zi/WJlpNGbqtcpUY26j56s3GhfHJ2Lh8lir1myNNReXzs41Fi60zp6fq87UztbKzyQrAAAAAAAAAAAAAAAAAAAAeL40F5dmq/V6bf75bJz6vZPGdtmfAjaGn2nQUmyDlAvR2OqRCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADu+y8AAP//j7QxOw==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x7, 0x6, 0x801}, 0x14}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r2, &(0x7f0000000100)=[{0x0}], 0x1, 0x5405, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
listen(r3, 0x9)

792.35372ms ago: executing program 1 (id=1396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@init_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
write$UHID_INPUT2(r2, &(0x7f0000003200)={0xc, {0x3b, "6c2450060f84cfce0059f92be3fbc44cce81cf6db39945ebd08f18764adae66029e17e29738c85b051ced2b488f35ca681091dd3c8976415c191cb"}}, 0x41)
preadv2(r2, &(0x7f0000000280)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)

752.862364ms ago: executing program 0 (id=1397):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

660.774444ms ago: executing program 2 (id=1398):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f00000000c0)={0x6, r0, 'id0\x00'})
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

636.214076ms ago: executing program 1 (id=1399):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
r7 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r7, &(0x7f0000000240)={'#! ', './file0', [{0x20, '}'}, {0x20, 'kfree\x00'}, {0x20, ']E\\'}, {}, {0x20, '\x00'}, {0x20, '-}**}'}], 0xa, "ecd87e96c83e1f8bdcca290d0fab512fa35a18730eabdd327f2f805afe3c145983fe197649f0a217"}, 0x49)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000018c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)

612.408248ms ago: executing program 0 (id=1400):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYRES32=r1, @ANYRES16=r1, @ANYBLOB="0103feffffff000000000100"], 0x30}, 0x1, 0x0, 0x0, 0x20040000}, 0x850)

584.578741ms ago: executing program 2 (id=1401):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x20000040)

554.379534ms ago: executing program 0 (id=1402):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r0}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000600)={'syztnl1\x00', &(0x7f0000000680)={'ip6gre0\x00', 0x0, 0x4, 0x3, 0x5, 0x5, 0x0, @private1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7, 0x20, 0x9, 0x9}})

539.171406ms ago: executing program 2 (id=1403):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002fc0), 0x0, 0x24000045)
r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x8, 0x94200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010bc0)='kfree\x00', r3}, 0x18)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='cpu>\t\t')
shutdown(r0, 0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r4, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r5, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r6}, 0x10)
bind$inet(r5, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r5, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=""/127, 0x7f}}], 0x1, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x2}, 0x8)

538.808186ms ago: executing program 1 (id=1404):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

497.63209ms ago: executing program 0 (id=1405):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r1, 0x400, 0x1)
fremovexattr(r1, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r2, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)
sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000a00)={0x1a0, r2, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x41}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_REG_RULES={0x84, 0x22, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x9}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x69}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x800}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x10001}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x6ca}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xd7ea}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x2}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x200}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x7}, @NL80211_ATTR_REG_RULES={0xd0, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xfffffffd}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x4}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3a}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x3}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7fffffff}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x40000000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9}]}, {0x54, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffffffff}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xa}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x845}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x76}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x2}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x24000c00}, 0x4044)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000240)={'pimreg0\x00', 0x200})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @local}, @in={0x2, 0x0, @remote}, @in={0x2, 0x4e24, @broadcast}, @in={0x2, 0x4e21, @loopback}], 0x40)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000020a01"], 0x248}, 0x1, 0x0, 0x0, 0x800}, 0x8080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0, 0x0, 0x10000000}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x4, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)

497.29121ms ago: executing program 1 (id=1406):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4a0, 0x1e8, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x3d0, 0xffffffff, 0xffffffff, 0x3d0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xff, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1e8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xc9, 0x7a3, 0x6, 'snmp_trap\x00', {0x369bc443}}}}, {{@ipv6={@remote, @local, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x29, 0x1, 0x1, 'syz0\x00'}}, @inet=@rpfilter={{0x28}, {0x1c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500)

421.620308ms ago: executing program 4 (id=1407):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x14)

368.774503ms ago: executing program 2 (id=1408):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)

368.483293ms ago: executing program 2 (id=1409):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x204000, &(0x7f0000000000), 0x106, 0x2}}, 0x20)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r4, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x26, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000100000000000000010000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7270a02000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000185800000100000000000000000000001800000004000000000000000700000018000000080000000000000002000000850000001400007f0000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000186500000c0000000000000009000000852000000200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ffffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0xfa, &(0x7f0000000600)=""/250, 0x41000, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000a40)={0x5, 0x4, 0x400, 0x3}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000a80)=[{0x3, 0x2, 0xe, 0x2}, {0x5, 0x5, 0xc, 0xb}, {0x4, 0x2, 0x10, 0x8}, {0x2, 0x1, 0x1, 0x320b76fae275ea75}, {0x0, 0x5, 0x3, 0xa}, {0x1, 0x4, 0xa, 0x9}, {0x1, 0x2, 0x4, 0x8}, {0x4, 0x5, 0x6, 0x9}], 0x10, 0xffff}, 0x94)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

367.730333ms ago: executing program 0 (id=1410):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x10004, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5000000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="d0700400400000001c00243a9b832912800c0001006d6163766c616e000c0002800800010008000000140035006d6163766c616e300000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4048090}, 0x8000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
ioctl$int_in(r0, 0x5421, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000000c0)={0xffffffffffffffff, 0x2, 0xa9, 0xd})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
syz_emit_ethernet(0x7e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6015690900482f00fc020000000000000000000000000000ff020000613c04d2964d41230bb69eb4000000000000000000004001242088a8000000020006000000000800000086dd88a888be08000000100000000100000000000000080022eb00000000200000000200000000000000a06aea5dcd3f475014906c61fcd45c69bb2667e1edd2e28c0a3cb14d5dbf4bfe1cf7ab"], 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
fdatasync(r4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ftruncate(r4, 0x5)

352.309775ms ago: executing program 4 (id=1411):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
clock_getres(0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x80}, 0x8)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f00000003c0)=0x2, 0x12)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000080000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r7}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="2000000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff00f4ffffff00"/28], 0x50)

322.770798ms ago: executing program 1 (id=1412):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
r1 = shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ff6000/0x2000)=nil)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000180)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{0x0}], 0x1}}], 0x48}, 0x0)
shmat(r1, &(0x7f0000ffb000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$unix(0xffffffffffffffff, &(0x7f0000000600)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r5}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r7 = socket(0x80000000000000a, 0x2, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000340), r7)

303.535129ms ago: executing program 4 (id=1413):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsopen(0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x840, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0xfd, 0x3, 0x2, 0x5c, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7800, 0x40, 0x4, 0x4}})

204.398689ms ago: executing program 4 (id=1414):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000046, &(0x7f0000000240)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@bsdgroups}, {@jqfmt_vfsv1}, {@nolazytime}, {@noblock_validity}, {@grpjquota}, {@jqfmt_vfsv1}, {@errors_remount}]}, 0x11, 0x565, &(0x7f0000000440)="$eJzs3U9rHGUYAPBnNtn+16ZQiopIoAcrtZsm8U8FD/VYtFjQe12SbSjZdEt2U5pYsD3YixcpgogF8a53j8UvoF+ioIUiJejBS2R2Z9K02W226bZJnd8PprxvZnafeXbmefvOzi4bQGGNpv+UIl6OiK+TiP0RkWTrhiNbOdrZbvnelal0SWJl5ZO/kvZ2aT9/rvxxe7POSxHx65cRR0vr4zYXl2ar9XptPuuPteYujjUXl46dn6vO1GZqFyYmJ0+8PTnx3rvvDCzXN878893Ht06d+Orw8rc/3zlwI4mTsS9btzaPJ3B1bWc0RrPXpBwnH9pwfADBtpNkq3eATRnK6rwc6RiwP4ayqgf+/76IiBWgoBL1DwWVzwPya/sBXQc/N+5+0LkAWp//cOe9kdjVvjbas5w8cGWUXu+ODCB+GuOXP2/eSJcY3PsQABu6ei0ijg8Prx//kmz827zjfWzzcAzjHzw7t9L5z5vd5j+l1flPdJn/7O1Su5uxcf2X7gwgTE/p/O/9rvPf1ZtWI0NZ74X2nK+cnDtfr6Vj24sRcSTKO9N+537Ojq4xTizfXukVf+38L13S+PlcMNuPO8M7H3zMdLVVfdK8c3evRbzSdf6brB7/pMvxT1+PM33GOFS7+VqvdRvn/3St/Bjxetfjf/+OVvLo+5Nj7fNhLD8r1vv7+qHfesXf6vzT47/n0fmPJGvv1zYfP8YPu/6t9Vr3QP7R//m/I/m03c4r7nK11Zofj9iRfLT+7xP3H5v38+3T/I8cfvT41+383x0Rn/WZ//WDP73aV/5bdPynH+v4P37j9oeff98rfn/j31vt1pHsL/2Mf53g5azXewc3+7oBAAAAAADAdlSKiH2RlCqr7VKpUul8vuNg7CnVG83W0XONhQvT0f6u7EiUS/md7v1rPg8xnn0eNu9PPNSfjIgDEfHN0O52vzLVqE9vdfIAAAAAAAAAAAAAAAAAAACwTezt8f3/1B9DW713wFPnJ7+huDas/0H80hOwLfn/H4pL/UNxqX8oLvUPxaX+objUPxSX+ofiUv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUGdOn06XleV7V6bS/vSlxYXZxqVj07XmbGVuYaoy1Zi/WJlpNGbqtcpUY26j56s3GhfHJ2Lh8lir1myNNReXzs41Fi60zp6fq87UztbKzyQrAAAAAAAAAAAAAAAAAAAAeL40F5dmq/V6bf75bJz6vZPGdtmfAjaGn2nQUmyDlAvR2OqRCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADu+y8AAP//j7QxOw==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x7, 0x6, 0x801}, 0x14}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r2, &(0x7f0000000100)=[{0x0}], 0x1, 0x5405, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
listen(r3, 0x9)

0s ago: executing program 0 (id=1415):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x200, @private2={0xfc, 0x2, '\x00', 0x1}, 0x4ac2d78a}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000009c0)=@gcm_256={{0x303}, "0100", "acba84f0a6731f234db1dc7f39000080d00600000003a9f4f600000000400080", "129c9707", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r0, 0x5421, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

kernel console output (not intermixed with test programs):

XT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   71.020157][ T5055] EXT4-fs (loop2): Remounting filesystem read-only
[   71.050752][ T5061] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.073626][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.101298][ T5069] netlink: 12 bytes leftover after parsing attributes in process `syz.4.585'.
[   71.111673][ T5061] netlink: 48 bytes leftover after parsing attributes in process `syz.3.581'.
[   71.136727][ T5061] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   71.158714][ T5061] EXT4-fs (loop3): Remounting filesystem read-only
[   71.200131][ T5073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.587'.
[   71.203658][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.456810][ T5091] loop3: detected capacity change from 0 to 1024
[   71.508323][ T5091] EXT4-fs: inline encryption not supported
[   71.553527][ T5091] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.561207][ T5095] netlink: 24 bytes leftover after parsing attributes in process `syz.4.595'.
[   71.595274][ T5091] netlink: 24 bytes leftover after parsing attributes in process `syz.3.594'.
[   71.658566][ T5091] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   71.708362][ T5091] EXT4-fs (loop3): Remounting filesystem read-only
[   71.773913][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.883002][ T5101] netlink: 28 bytes leftover after parsing attributes in process `syz.4.597'.
[   71.912304][ T5106] netlink: 'syz.3.596': attribute type 10 has an invalid length.
[   71.950315][ T5106] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   71.994550][ T5113] 9pnet_fd: Insufficient options for proto=fd
[   72.002259][ T5115] netlink: 12 bytes leftover after parsing attributes in process `syz.0.602'.
[   72.032508][ T5114] 9pnet_fd: Insufficient options for proto=fd
[   72.136660][ T5122] loop1: detected capacity change from 0 to 512
[   72.154879][ T5122] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   72.178595][ T5122] EXT4-fs (loop1): 1 truncate cleaned up
[   72.184647][ T5122] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.212657][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.234366][ T5126] loop3: detected capacity change from 0 to 1024
[   72.321258][ T5126] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   72.332351][ T5126] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   72.398959][ T5126] JBD2: no valid journal superblock found
[   72.404735][ T5126] EXT4-fs (loop3): Could not load journal inode
[   72.710218][ T5135] loop3: detected capacity change from 0 to 1024
[   72.778584][ T5135] EXT4-fs: Ignoring removed orlov option
[   72.857363][ T5135] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   72.974144][ T5135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.141966][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.222871][ T5158] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5158 comm=syz.3.618
[   73.323598][ T5158] loop3: detected capacity change from 0 to 128
[   73.420217][ T5173] loop3: detected capacity change from 0 to 1024
[   73.489257][ T5173] EXT4-fs: inline encryption not supported
[   73.671592][ T5173] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.710260][ T5191] loop1: detected capacity change from 0 to 1024
[   73.716155][ T5173] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   73.745737][ T5191] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   73.745833][ T5173] EXT4-fs (loop3): Remounting filesystem read-only
[   73.756845][ T5191] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   73.791333][ T5191] JBD2: no valid journal superblock found
[   73.797214][ T5191] EXT4-fs (loop1): Could not load journal inode
[   73.898175][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.923923][ T5197] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.943885][ T5198] loop1: detected capacity change from 0 to 1024
[   73.958251][ T5198] EXT4-fs: Ignoring removed orlov option
[   74.079392][ T5197] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.094653][ T5209] ip6gre1: entered promiscuous mode
[   74.099956][ T5209] ip6gre1: entered allmulticast mode
[   74.107319][ T5198] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   74.146084][ T5197] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.160106][ T5198] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.206267][ T5197] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.273629][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.286306][  T271] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.309486][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.339862][  T271] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.359304][  T271] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.627618][ T5229] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   74.640385][   T29] kauditd_printk_skb: 237 callbacks suppressed
[   74.640402][   T29] audit: type=1400 audit(1763498881.306:2019): avc:  denied  { ioctl } for  pid=5228 comm="syz.2.642" path="socket:[10756]" dev="sockfs" ino=10756 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   74.711237][   T29] audit: type=1400 audit(1763498881.306:2020): avc:  denied  { bind } for  pid=5228 comm="syz.2.642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   74.730500][   T29] audit: type=1326 audit(1763498881.366:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   74.753831][   T29] audit: type=1326 audit(1763498881.366:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   74.777183][   T29] audit: type=1326 audit(1763498881.376:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   74.800500][   T29] audit: type=1326 audit(1763498881.376:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   74.823896][   T29] audit: type=1326 audit(1763498881.376:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   75.307195][   T29] audit: type=1326 audit(1763498881.966:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   75.338614][   T29] audit: type=1326 audit(1763498881.966:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5226 comm="syz.1.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[   75.454788][ T5274] __nla_validate_parse: 14 callbacks suppressed
[   75.454808][ T5274] netlink: 24 bytes leftover after parsing attributes in process `syz.1.658'.
[   75.475629][ T5272] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5272 comm=syz.2.659
[   75.536090][   T29] audit: type=1400 audit(1763498882.086:2028): avc:  denied  { connect } for  pid=5271 comm="syz.2.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   75.648959][ T5284] loop4: detected capacity change from 0 to 512
[   75.707985][ T5284] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   75.857799][ T5284] EXT4-fs (loop4): 1 truncate cleaned up
[   75.864041][ T5284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.951623][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.019880][ T5298] tipc: Started in network mode
[   76.024853][ T5298] tipc: Node identity ac14140f, cluster identity 4711
[   76.038229][ T5300] FAULT_INJECTION: forcing a failure.
[   76.038229][ T5300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.051434][ T5300] CPU: 0 UID: 0 PID: 5300 Comm: syz.1.671 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.051468][ T5300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   76.051484][ T5300] Call Trace:
[   76.051556][ T5300]  <TASK>
[   76.051565][ T5300]  __dump_stack+0x1d/0x30
[   76.051588][ T5300]  dump_stack_lvl+0xe8/0x140
[   76.051608][ T5300]  dump_stack+0x15/0x1b
[   76.051624][ T5300]  should_fail_ex+0x265/0x280
[   76.051665][ T5300]  should_fail+0xb/0x20
[   76.051753][ T5300]  should_fail_usercopy+0x1a/0x20
[   76.051850][ T5300]  _copy_to_user+0x20/0xa0
[   76.051879][ T5300]  rng_dev_read+0x3ef/0x740
[   76.051952][ T5300]  ? __pfx_rng_dev_read+0x10/0x10
[   76.051984][ T5300]  vfs_readv+0x3fb/0x690
[   76.052071][ T5300]  __x64_sys_preadv+0xfd/0x1c0
[   76.052106][ T5300]  x64_sys_call+0x282e/0x3000
[   76.052135][ T5300]  do_syscall_64+0xd2/0x200
[   76.052239][ T5300]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   76.052326][ T5300]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   76.052362][ T5300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.052382][ T5300] RIP: 0033:0x7f1e76bdf6c9
[   76.052397][ T5300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.052439][ T5300] RSP: 002b:00007f1e75647038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   76.052458][ T5300] RAX: ffffffffffffffda RBX: 00007f1e76e35fa0 RCX: 00007f1e76bdf6c9
[   76.052470][ T5300] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[   76.052529][ T5300] RBP: 00007f1e75647090 R08: 0000000000000000 R09: 0000000000000000
[   76.052545][ T5300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.052556][ T5300] R13: 00007f1e76e36038 R14: 00007f1e76e35fa0 R15: 00007ffd7f1a2268
[   76.052574][ T5300]  </TASK>
[   76.213195][ T5298] tipc: New replicast peer: 255.255.255.255
[   76.238165][ T5298] tipc: Enabled bearer <udp:syz2>, priority 10
[   76.285446][ T3314] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   76.296463][ T3314] CPU: 0 UID: 0 PID: 3314 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.296494][ T3314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   76.296508][ T3314] Call Trace:
[   76.296515][ T3314]  <TASK>
[   76.296522][ T3314]  __dump_stack+0x1d/0x30
[   76.296551][ T3314]  dump_stack_lvl+0xe8/0x140
[   76.296659][ T3314]  dump_stack+0x15/0x1b
[   76.296680][ T3314]  dump_header+0x81/0x220
[   76.296703][ T3314]  oom_kill_process+0x342/0x400
[   76.296741][ T3314]  out_of_memory+0x979/0xb80
[   76.296826][ T3314]  try_charge_memcg+0x610/0xa10
[   76.296859][ T3314]  charge_memcg+0x51/0xc0
[   76.296883][ T3314]  __mem_cgroup_charge+0x28/0xb0
[   76.296986][ T3314]  filemap_add_folio+0x111/0x360
[   76.297093][ T3314]  __filemap_get_folio+0x31e/0x650
[   76.297132][ T3314]  filemap_fault+0x447/0xb60
[   76.297277][ T3314]  __do_fault+0xbc/0x200
[   76.297309][ T3314]  handle_mm_fault+0xf78/0x2be0
[   76.297390][ T3314]  ? vma_start_read+0x141/0x1f0
[   76.297424][ T3314]  do_user_addr_fault+0x630/0x1080
[   76.297484][ T3314]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   76.297519][ T3314]  exc_page_fault+0x62/0xa0
[   76.297585][ T3314]  asm_exc_page_fault+0x26/0x30
[   76.297639][ T3314] RIP: 0033:0x7f04f3b45f34
[   76.297657][ T3314] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 68 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 79 f7 ea 00 48 01 d1
[   76.297679][ T3314] RSP: 002b:00007ffc1a13bcf0 EFLAGS: 00010202
[   76.297698][ T3314] RAX: 0000001b33b24000 RBX: 0000000000000128 RCX: 00000000000128e0
[   76.297772][ T3314] RDX: 0000000004241775 RSI: 00007ffc1a13bd80 RDI: 0000000000000001
[   76.297787][ T3314] RBP: 00007ffc1a13bd2c R08: 000000000fcbedbe R09: 7fffffffffffffff
[   76.297802][ T3314] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[   76.297814][ T3314] R13: 00000000000927c0 R14: 0000000000012768 R15: 00007ffc1a13bd80
[   76.297832][ T3314]  </TASK>
[   76.487115][ T3314] memory: usage 307200kB, limit 307200kB, failcnt 733
[   76.493924][ T3314] memory+swap: usage 307420kB, limit 9007199254740988kB, failcnt 0
[   76.502085][ T3314] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   76.509459][ T3314] Memory cgroup stats for /syz3:
[   76.509711][ T3314] cache 0
[   76.517715][ T3314] rss 0
[   76.520490][ T3314] shmem 0
[   76.523506][ T3314] mapped_file 0
[   76.526985][ T3314] dirty 0
[   76.530019][ T3314] writeback 0
[   76.533318][ T3314] workingset_refault_anon 208
[   76.538065][ T3314] workingset_refault_file 880
[   76.542760][ T3314] swap 225280
[   76.546081][ T3314] swapcached 4096
[   76.549792][ T3314] pgpgin 62197
[   76.553302][ T3314] pgpgout 62196
[   76.553802][ T5312] netlink: 12 bytes leftover after parsing attributes in process `syz.4.675'.
[   76.556774][ T3314] pgfault 83002
[   76.556785][ T3314] pgmajfault 121
[   76.572707][ T3314] inactive_anon 0
[   76.576348][ T3314] active_anon 0
[   76.579864][ T3314] inactive_file 0
[   76.583577][ T3314] active_file 0
[   76.587043][ T3314] unevictable 0
[   76.590538][ T3314] hierarchical_memory_limit 314572800
[   76.595911][ T3314] hierarchical_memsw_limit 9223372036854771712
[   76.602111][ T3314] total_cache 0
[   76.605607][ T3314] total_rss 0
[   76.608937][ T3314] total_shmem 0
[   76.612458][ T3314] total_mapped_file 0
[   76.616447][ T3314] total_dirty 0
[   76.619967][ T3314] total_writeback 0
[   76.623784][ T3314] total_workingset_refault_anon 208
[   76.629132][ T3314] total_workingset_refault_file 880
[   76.634420][ T3314] total_swap 225280
[   76.638283][ T3314] total_swapcached 4096
[   76.642458][ T3314] total_pgpgin 62197
[   76.646427][ T3314] total_pgpgout 62196
[   76.650533][ T3314] total_pgfault 83002
[   76.654531][ T3314] total_pgmajfault 121
[   76.658653][ T3314] total_inactive_anon 0
[   76.662816][ T3314] total_active_anon 0
[   76.666913][ T3314] total_inactive_file 0
[   76.671146][ T3314] total_active_file 0
[   76.675148][ T3314] total_unevictable 0
[   76.679264][ T3314] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.652,pid=5255,uid=0
[   76.693933][ T3314] Memory cgroup out of memory: Killed process 5255 (syz.3.652) total-vm:100368kB, anon-rss:1136kB, file-rss:26584kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000
[   76.963802][ T5325] netlink: 20 bytes leftover after parsing attributes in process `syz.1.679'.
[   76.979704][ T5327] netlink: 16 bytes leftover after parsing attributes in process `syz.0.677'.
[   76.990154][ T5327] 9pnet_virtio: no channels available for device 
[   77.028361][ T5326] netlink: 16 bytes leftover after parsing attributes in process `syz.2.680'.
[   77.141354][ T5330] loop1: detected capacity change from 0 to 128
[   77.287197][ T3421] tipc: Node number set to 2886997007
[   77.326257][ T5325] bio_check_eod: 13246 callbacks suppressed
[   77.326367][ T5325] syz.1.679: attempt to access beyond end of device
[   77.326367][ T5325] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[   77.352619][ T5325] syz.1.679: attempt to access beyond end of device
[   77.352619][ T5325] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[   77.366122][ T5325] syz.1.679: attempt to access beyond end of device
[   77.366122][ T5325] loop1: rw=2049, sector=177, nr_sectors = 24 limit=128
[   77.400195][ T5325] syz.1.679: attempt to access beyond end of device
[   77.400195][ T5325] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[   77.417435][ T5325] syz.1.679: attempt to access beyond end of device
[   77.417435][ T5325] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[   77.431114][ T5325] syz.1.679: attempt to access beyond end of device
[   77.431114][ T5325] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[   77.445576][ T5325] syz.1.679: attempt to access beyond end of device
[   77.445576][ T5325] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[   77.461556][ T5323] syz.1.679: attempt to access beyond end of device
[   77.461556][ T5323] loop1: rw=2049, sector=305, nr_sectors = 80 limit=128
[   77.494145][ T5323] syz.1.679: attempt to access beyond end of device
[   77.494145][ T5323] loop1: rw=2049, sector=393, nr_sectors = 8 limit=128
[   77.509963][ T5325] syz.1.679: attempt to access beyond end of device
[   77.509963][ T5325] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[   77.542023][ T5342] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   77.562129][ T5345] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   77.596032][ T5323] buffer_io_error: 11734 callbacks suppressed
[   77.596053][ T5323] Buffer I/O error on dev loop1, logical block 305, async page read
[   77.601570][ T5347] netlink: 24 bytes leftover after parsing attributes in process `syz.4.688'.
[   77.602515][ T5323] Buffer I/O error on dev loop1, logical block 306, async page read
[   77.667831][ T5323] Buffer I/O error on dev loop1, logical block 307, async page read
[   77.677584][ T5323] Buffer I/O error on dev loop1, logical block 308, async page read
[   77.702871][ T5323] Buffer I/O error on dev loop1, logical block 309, async page read
[   77.717892][ T5323] Buffer I/O error on dev loop1, logical block 310, async page read
[   77.726112][ T5323] Buffer I/O error on dev loop1, logical block 311, async page read
[   77.738526][ T5351] netlink: 24 bytes leftover after parsing attributes in process `syz.3.691'.
[   77.757367][ T5323] Buffer I/O error on dev loop1, logical block 312, async page read
[   77.832655][ T5357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.692'.
[   78.090749][ T5375] netlink: 24 bytes leftover after parsing attributes in process `syz.3.700'.
[   78.147773][ T5379] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   78.221168][ T5385] loop1: detected capacity change from 0 to 1024
[   78.251381][ T5385] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   78.262349][ T5385] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   78.277400][ T5385] JBD2: no valid journal superblock found
[   78.283216][ T5385] EXT4-fs (loop1): Could not load journal inode
[   78.319686][ T5390] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'.
[   78.411007][ T5391] loop1: detected capacity change from 0 to 1024
[   78.426924][ T5391] EXT4-fs: Ignoring removed orlov option
[   78.477483][ T5391] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   78.542256][ T5391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.620912][ T5408] 9p: Unknown access argument : -22
[   78.626974][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.636611][ T5406] loop3: detected capacity change from 0 to 512
[   78.657751][ T5406] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.711: inode has both inline data and extents flags
[   78.672559][ T5406] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.711: couldn't read orphan inode 15 (err -117)
[   78.687778][ T5406] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.715800][ T5406] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.711: bg 0: block 320: padding at end of block bitmap is not set
[   78.779933][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.481390][ T5440] loop2: detected capacity change from 0 to 1024
[   79.504530][ T5440] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   79.515549][ T5440] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   79.537006][ T5440] JBD2: no valid journal superblock found
[   79.542825][ T5440] EXT4-fs (loop2): Could not load journal inode
[   79.630410][ T5443] loop2: detected capacity change from 0 to 1024
[   79.637429][ T5443] EXT4-fs: Ignoring removed orlov option
[   79.652204][ T5443] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   79.728417][ T5443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.751063][   T29] kauditd_printk_skb: 251 callbacks suppressed
[   79.751078][   T29] audit: type=1326 audit(1763498886.416:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.780722][   T29] audit: type=1326 audit(1763498886.416:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.814910][   T29] audit: type=1326 audit(1763498886.476:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.838209][   T29] audit: type=1326 audit(1763498886.476:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.868162][ T5458] loop0: detected capacity change from 0 to 512
[   79.874898][ T5454] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   79.884555][ T5458] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.911631][   T29] audit: type=1326 audit(1763498886.476:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.935590][   T29] audit: type=1326 audit(1763498886.476:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.959043][   T29] audit: type=1326 audit(1763498886.476:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   79.982517][   T29] audit: type=1326 audit(1763498886.476:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   80.006115][   T29] audit: type=1326 audit(1763498886.526:2288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   80.029447][   T29] audit: type=1326 audit(1763498886.526:2289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5441 comm="syz.4.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   80.056973][ T5458] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   80.072920][ T5458] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.084389][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.096358][ T5461] loop3: detected capacity change from 0 to 128
[   80.174073][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   80.254882][ T5480] 9p: Unknown access argument : -22
[   80.294748][ T5484] 9p: Unknown access argument : -22
[   80.381426][ T5490] loop2: detected capacity change from 0 to 1024
[   80.397867][ T5490] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   80.408866][ T5490] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   80.447230][ T5490] JBD2: no valid journal superblock found
[   80.453025][ T5490] EXT4-fs (loop2): Could not load journal inode
[   80.492872][ T5493] loop4: detected capacity change from 0 to 1024
[   80.502136][ T5493] EXT4-fs (loop4): filesystem is read-only
[   80.512543][ T5493] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   80.525034][ T5493] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   80.546736][ T5493] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.742: inode #1: comm syz.4.742: iget: illegal inode #
[   80.584852][ T5494] loop2: detected capacity change from 0 to 1024
[   80.588010][ T5493] EXT4-fs (loop4): no journal found
[   80.591798][ T5494] EXT4-fs: Ignoring removed orlov option
[   80.596506][ T5493] EXT4-fs (loop4): can't get journal size
[   80.628938][ T5494] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   80.638961][ T5493] EXT4-fs (loop4): failed to initialize system zone (-22)
[   80.646128][ T5493] EXT4-fs (loop4): mount failed
[   80.669740][ T5494] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.728941][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.126003][ T5531] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   81.170629][ T5533] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   81.217415][ T5480] __nla_validate_parse: 8 callbacks suppressed
[   81.217429][ T5480] netlink: 12 bytes leftover after parsing attributes in process `syz.0.736'.
[   81.255186][ T5541] 9p: Unknown access argument : -22
[   81.305149][ T5484] netlink: 12 bytes leftover after parsing attributes in process `syz.3.739'.
[   81.509882][ T5561] netlink: 12 bytes leftover after parsing attributes in process `syz.1.770'.
[   81.630594][ T5564] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   81.660989][ T5568] loop4: detected capacity change from 0 to 512
[   81.678051][ T5568] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   81.719039][ T5568] EXT4-fs (loop4): 1 truncate cleaned up
[   81.725021][ T5568] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.751574][ T5570] netlink: 20 bytes leftover after parsing attributes in process `syz.0.774'.
[   81.773539][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.784442][ T5570] loop0: detected capacity change from 0 to 128
[   81.954867][ T5584] netlink: 16 bytes leftover after parsing attributes in process `syz.4.779'.
[   81.981944][ T5570] Buffer I/O error on dev loop0, logical block 305, async page read
[   81.997488][ T5591] loop4: detected capacity change from 0 to 1024
[   82.004480][ T5570] Buffer I/O error on dev loop0, logical block 306, async page read
[   82.031066][ T5591] EXT4-fs: inline encryption not supported
[   82.057595][ T5541] netlink: 12 bytes leftover after parsing attributes in process `syz.2.760'.
[   82.081628][ T5591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.089271][ T5590] loop1: detected capacity change from 0 to 8192
[   82.108978][ T5593] netlink: 20 bytes leftover after parsing attributes in process `syz.3.784'.
[   82.189675][ T5591] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   82.205205][ T5593] loop3: detected capacity change from 0 to 128
[   82.255136][ T5591] EXT4-fs (loop4): Remounting filesystem read-only
[   82.306501][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.338619][ T5570] bio_check_eod: 18954 callbacks suppressed
[   82.338634][ T5570] syz.0.774: attempt to access beyond end of device
[   82.338634][ T5570] loop0: rw=0, sector=305, nr_sectors = 1 limit=128
[   82.358843][ T5600] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   82.378541][ T5592] syz.3.784: attempt to access beyond end of device
[   82.378541][ T5592] loop3: rw=524288, sector=305, nr_sectors = 80 limit=128
[   82.392526][ T5570] syz.0.774: attempt to access beyond end of device
[   82.392526][ T5570] loop0: rw=0, sector=306, nr_sectors = 1 limit=128
[   82.416669][ T5592] syz.3.784: attempt to access beyond end of device
[   82.416669][ T5592] loop3: rw=524288, sector=393, nr_sectors = 8 limit=128
[   82.430476][ T5570] syz.0.774: attempt to access beyond end of device
[   82.430476][ T5570] loop0: rw=0, sector=307, nr_sectors = 1 limit=128
[   82.443998][ T5592] syz.3.784: attempt to access beyond end of device
[   82.443998][ T5592] loop3: rw=524288, sector=409, nr_sectors = 8 limit=128
[   82.457858][ T5570] syz.0.774: attempt to access beyond end of device
[   82.457858][ T5570] loop0: rw=0, sector=308, nr_sectors = 1 limit=128
[   82.471615][ T5592] syz.3.784: attempt to access beyond end of device
[   82.471615][ T5592] loop3: rw=524288, sector=425, nr_sectors = 8 limit=128
[   82.485779][ T5570] syz.0.774: attempt to access beyond end of device
[   82.485779][ T5570] loop0: rw=0, sector=309, nr_sectors = 1 limit=128
[   82.499358][ T5592] syz.3.784: attempt to access beyond end of device
[   82.499358][ T5592] loop3: rw=524288, sector=441, nr_sectors = 8 limit=128
[   82.566999][ T5606] netlink: 24 bytes leftover after parsing attributes in process `syz.4.788'.
[   82.610952][ T5593] buffer_io_error: 19315 callbacks suppressed
[   82.610969][ T5593] Buffer I/O error on dev loop3, logical block 310, async page read
[   82.684145][ T5593] Buffer I/O error on dev loop3, logical block 311, async page read
[   82.693631][ T5593] Buffer I/O error on dev loop3, logical block 312, async page read
[   82.721484][ T5593] Buffer I/O error on dev loop3, logical block 305, async page read
[   82.730175][ T5593] Buffer I/O error on dev loop3, logical block 306, async page read
[   82.738520][ T5593] Buffer I/O error on dev loop3, logical block 307, async page read
[   82.746774][ T5593] Buffer I/O error on dev loop3, logical block 308, async page read
[   82.761457][ T5593] Buffer I/O error on dev loop3, logical block 309, async page read
[   82.769691][ T5593] Buffer I/O error on dev loop3, logical block 310, async page read
[   82.829800][ T5620] netlink: 24 bytes leftover after parsing attributes in process `syz.4.795'.
[   82.906127][ T5593] Buffer I/O error on dev loop3, logical block 311, async page read
[   82.958000][ T5631] netlink: 24 bytes leftover after parsing attributes in process `syz.2.799'.
[   83.028533][ T5637] loop0: detected capacity change from 0 to 128
[   83.236602][ T5659] loop3: detected capacity change from 0 to 1024
[   83.269711][ T5659] EXT4-fs: Ignoring removed mblk_io_submit option
[   83.278237][ T5659] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   83.289234][ T5659] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.812: bad orphan inode 11
[   83.299889][ T5659] ext4_test_bit(bit=10, block=4) = 1
[   83.305206][ T5659] is_bad_inode(inode)=0
[   83.309409][ T5659] NEXT_ORPHAN(inode)=3254779904
[   83.314339][ T5659] max_ino=32
[   83.317581][ T5659] i_nlink=0
[   83.321644][ T5659] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.812: lblock 2 mapped to illegal pblock 2 (length 1)
[   83.335657][ T5659] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.812: lblock 0 mapped to illegal pblock 48 (length 1)
[   83.350029][ T5659] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.812: Failed to acquire dquot type 0
[   83.361825][ T5659] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   83.371927][ T5659] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.812: mark_inode_dirty error
[   83.383310][ T5659] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   83.393992][ T5659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.451054][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.470545][ T3314] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[   83.484116][ T3314] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   83.493965][ T3314] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   83.679417][ T5679] loop3: detected capacity change from 0 to 1024
[   83.705459][ T5679] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   83.716424][ T5679] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   83.738477][ T5679] JBD2: no valid journal superblock found
[   83.744257][ T5679] EXT4-fs (loop3): Could not load journal inode
[   83.834011][ T5683] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   83.879763][ T5684] loop3: detected capacity change from 0 to 1024
[   83.928903][ T5684] EXT4-fs: Ignoring removed orlov option
[   83.976606][ T5684] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   84.003415][ T5684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.061092][ T5702] 9p: Unknown access argument : -22
[   84.113728][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.878699][   T29] kauditd_printk_skb: 292 callbacks suppressed
[   84.878715][   T29] audit: type=1400 audit(1763498891.546:2580): avc:  denied  { bind } for  pid=5737 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.930338][   T29] audit: type=1400 audit(1763498891.586:2581): avc:  denied  { setopt } for  pid=5737 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   84.950878][   T29] audit: type=1400 audit(1763498891.586:2582): avc:  denied  { create } for  pid=5737 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   84.970676][   T29] audit: type=1400 audit(1763498891.586:2583): avc:  denied  { setopt } for  pid=5737 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   84.990395][   T29] audit: type=1400 audit(1763498891.586:2584): avc:  denied  { ioctl } for  pid=5737 comm="syz.0.841" path="socket:[12651]" dev="sockfs" ino=12651 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   85.015280][   T29] audit: type=1400 audit(1763498891.586:2585): avc:  denied  { write } for  pid=5737 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   85.072601][ T5740] loop0: detected capacity change from 0 to 1024
[   85.091924][ T5740] EXT4-fs: inline encryption not supported
[   85.098198][   T29] audit: type=1400 audit(1763498891.756:2586): avc:  denied  { mounton } for  pid=5739 comm="syz.0.842" path="/136/file1" dev="tmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   85.172564][ T5740] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.207058][   T29] audit: type=1400 audit(1763498891.856:2587): avc:  denied  { mount } for  pid=5739 comm="syz.0.842" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   85.307210][   T29] audit: type=1400 audit(1763498891.966:2588): avc:  denied  { add_name } for  pid=5739 comm="syz.0.842" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   85.327905][   T29] audit: type=1400 audit(1763498891.966:2589): avc:  denied  { create } for  pid=5739 comm="syz.0.842" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   85.356934][ T5754] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   85.378349][ T5754] EXT4-fs (loop0): Remounting filesystem read-only
[   85.514024][ T5764] loop2: detected capacity change from 0 to 1024
[   85.557779][ T5764] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   85.568839][ T5764] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   85.636102][ T5764] JBD2: no valid journal superblock found
[   85.642013][ T5764] EXT4-fs (loop2): Could not load journal inode
[   85.715861][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.780336][ T5779] loop2: detected capacity change from 0 to 1024
[   85.787121][ T5779] EXT4-fs: Ignoring removed orlov option
[   85.813437][ T5779] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   85.899455][ T5779] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.069228][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.337619][ T5819] loop2: detected capacity change from 0 to 512
[   86.368927][ T5819] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.873: inode has both inline data and extents flags
[   86.441093][ T5819] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.873: couldn't read orphan inode 15 (err -117)
[   86.454540][ T5819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.478141][ T5819] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.873: bg 0: block 320: padding at end of block bitmap is not set
[   86.562693][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.647133][ T5827] loop2: detected capacity change from 0 to 1024
[   86.694086][ T5827] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   86.705067][ T5827] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   86.748373][ T5827] JBD2: no valid journal superblock found
[   86.754279][ T5827] EXT4-fs (loop2): Could not load journal inode
[   86.768359][ T3315] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   86.779327][ T3315] CPU: 0 UID: 0 PID: 3315 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.779437][ T3315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   86.779453][ T3315] Call Trace:
[   86.779460][ T3315]  <TASK>
[   86.779470][ T3315]  __dump_stack+0x1d/0x30
[   86.779500][ T3315]  dump_stack_lvl+0xe8/0x140
[   86.779527][ T3315]  dump_stack+0x15/0x1b
[   86.779622][ T3315]  dump_header+0x81/0x220
[   86.779647][ T3315]  oom_kill_process+0x342/0x400
[   86.779681][ T3315]  out_of_memory+0x979/0xb80
[   86.779718][ T3315]  try_charge_memcg+0x610/0xa10
[   86.779768][ T3315]  charge_memcg+0x51/0xc0
[   86.779797][ T3315]  __mem_cgroup_charge+0x28/0xb0
[   86.779833][ T3315]  filemap_add_folio+0x111/0x360
[   86.779874][ T3315]  __filemap_get_folio+0x31e/0x650
[   86.779969][ T3315]  filemap_fault+0x447/0xb60
[   86.780047][ T3315]  __do_fault+0xbc/0x200
[   86.780121][ T3315]  handle_mm_fault+0xf78/0x2be0
[   86.780155][ T3315]  ? vma_start_read+0x141/0x1f0
[   86.780200][ T3315]  do_user_addr_fault+0x630/0x1080
[   86.780284][ T3315]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.780317][ T3315]  exc_page_fault+0x62/0xa0
[   86.780370][ T3315]  asm_exc_page_fault+0x26/0x30
[   86.780436][ T3315] RIP: 0033:0x7f6969045f34
[   86.780452][ T3315] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 68 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 79 f7 ea 00 48 01 d1
[   86.780472][ T3315] RSP: 002b:00007fff6b653220 EFLAGS: 00010206
[   86.780492][ T3315] RAX: 0000001b33824000 RBX: 000000000000015d RCX: 0000000000014ff0
[   86.780509][ T3315] RDX: 000000000b37f470 RSI: 00007fff6b6532b0 RDI: 0000000000000001
[   86.780526][ T3315] RBP: 00007fff6b65325c R08: 000000002acba365 R09: 7fffffffffffffff
[   86.780542][ T3315] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[   86.780559][ T3315] R13: 00000000000927c0 R14: 00000000000150a6 R15: 00007fff6b6532b0
[   86.780637][ T3315]  </TASK>
[   86.780647][ T3315] memory: usage 307200kB, limit 307200kB, failcnt 902
[   86.978810][ T3315] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[   86.986713][ T3315] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   86.994227][ T3315] Memory cgroup stats for /syz0:
[   86.994440][ T3315] cache 0
[   87.002367][ T3315] rss 4096
[   87.005408][ T3315] shmem 0
[   87.008441][ T3315] mapped_file 0
[   87.011921][ T3315] dirty 0
[   87.014873][ T3315] writeback 0
[   87.018252][ T3315] workingset_refault_anon 200
[   87.022947][ T3315] workingset_refault_file 1628
[   87.027756][ T3315] swap 217088
[   87.031140][ T3315] swapcached 4096
[   87.034802][ T3315] pgpgin 98925
[   87.038338][ T3315] pgpgout 98923
[   87.041814][ T3315] pgfault 111954
[   87.045406][ T3315] pgmajfault 169
[   87.049006][ T3315] inactive_anon 0
[   87.052660][ T3315] active_anon 4096
[   87.056384][ T3315] inactive_file 0
[   87.060111][ T3315] active_file 4096
[   87.063864][ T3315] unevictable 0
[   87.067441][ T3315] hierarchical_memory_limit 314572800
[   87.072940][ T3315] hierarchical_memsw_limit 9223372036854771712
[   87.079158][ T3315] total_cache 0
[   87.082655][ T3315] total_rss 4096
[   87.086240][ T3315] total_shmem 0
[   87.089805][ T3315] total_mapped_file 0
[   87.093802][ T3315] total_dirty 0
[   87.097393][ T3315] total_writeback 0
[   87.101207][ T3315] total_workingset_refault_anon 200
[   87.104315][ T5832] loop2: detected capacity change from 0 to 1024
[   87.106684][ T3315] total_workingset_refault_file 1628
[   87.118381][ T3315] total_swap 217088
[   87.122198][ T3315] total_swapcached 4096
[   87.126435][ T3315] total_pgpgin 98925
[   87.130396][ T3315] total_pgpgout 98923
[   87.134384][ T3315] total_pgfault 111954
[   87.138524][ T3315] total_pgmajfault 169
[   87.142676][ T3315] total_inactive_anon 0
[   87.146925][ T3315] total_active_anon 4096
[   87.151230][ T3315] total_inactive_file 0
[   87.155413][ T3315] total_active_file 4096
[   87.159785][ T3315] total_unevictable 0
[   87.163852][ T3315] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.860,pid=5784,uid=0
[   87.178470][ T3315] Memory cgroup out of memory: Killed process 5784 (syz.0.860) total-vm:98320kB, anon-rss:1264kB, file-rss:26408kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[   87.184775][ T5832] EXT4-fs: Ignoring removed orlov option
[   87.287298][ T5832] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   87.332030][ T5832] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.377817][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.495156][ T5847] loop2: detected capacity change from 0 to 512
[   87.518059][ T5847] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   87.552563][ T5847] EXT4-fs (loop2): 1 truncate cleaned up
[   87.559159][ T5847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.657622][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.721445][ T5855] loop1: detected capacity change from 0 to 1024
[   87.753761][ T5859] loop3: detected capacity change from 0 to 1024
[   87.777235][ T5855] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   87.788181][ T5855] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   87.792375][ T5865] __nla_validate_parse: 15 callbacks suppressed
[   87.792398][ T5865] netlink: 24 bytes leftover after parsing attributes in process `syz.0.886'.
[   87.800291][ T5855] JBD2: no valid journal superblock found
[   87.806167][ T5863] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   87.813049][ T5855] EXT4-fs (loop1): Could not load journal inode
[   87.862180][ T5859] EXT4-fs: inline encryption not supported
[   87.900173][ T5867] netlink: 20 bytes leftover after parsing attributes in process `syz.2.891'.
[   87.911332][ T5867] loop2: detected capacity change from 0 to 128
[   87.918957][ T5859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.941220][ T5873] loop1: detected capacity change from 0 to 1024
[   87.945418][ T5867] bio_check_eod: 40869 callbacks suppressed
[   87.945438][ T5867] syz.2.891: attempt to access beyond end of device
[   87.945438][ T5867] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[   87.947965][ T5878] xt_hashlimit: max too large, truncated to 1048576
[   87.953564][ T5867] syz.2.891: attempt to access beyond end of device
[   87.953564][ T5867] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[   87.999368][ T5867] syz.2.891: attempt to access beyond end of device
[   87.999368][ T5867] loop2: rw=2049, sector=177, nr_sectors = 24 limit=128
[   88.014357][ T5867] syz.2.891: attempt to access beyond end of device
[   88.014357][ T5867] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[   88.022584][ T5873] EXT4-fs: Ignoring removed orlov option
[   88.034236][ T5859] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   88.063692][ T5867] syz.2.891: attempt to access beyond end of device
[   88.063692][ T5867] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[   88.087841][ T5883] netlink: 12 bytes leftover after parsing attributes in process `syz.0.895'.
[   88.087902][ T5859] EXT4-fs (loop3): Remounting filesystem read-only
[   88.114149][ T5867] syz.2.891: attempt to access beyond end of device
[   88.114149][ T5867] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[   88.116469][ T5873] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   88.138097][ T5867] syz.2.891: attempt to access beyond end of device
[   88.138097][ T5867] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128
[   88.178292][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.182977][ T5881] syz.2.891: attempt to access beyond end of device
[   88.182977][ T5881] loop2: rw=2049, sector=305, nr_sectors = 80 limit=128
[   88.206686][ T5867] syz.2.891: attempt to access beyond end of device
[   88.206686][ T5867] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128
[   88.216250][ T5881] syz.2.891: attempt to access beyond end of device
[   88.216250][ T5881] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128
[   88.236399][ T5873] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.308796][ T2574] buffer_io_error: 36625 callbacks suppressed
[   88.308842][ T2574] Buffer I/O error on dev loop2, logical block 305, lost async page write
[   88.440174][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.478137][ T5908] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   88.642118][ T5929] xt_hashlimit: size too large, truncated to 1048576
[   88.800279][ T5929] loop4: detected capacity change from 0 to 512
[   88.819046][ T5929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.832838][ T5929] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.845590][ T5929] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.860755][ T5929] netlink: 8 bytes leftover after parsing attributes in process `syz.4.913'.
[   88.869667][ T5929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.913'.
[   88.890850][ T5957] xt_hashlimit: size too large, truncated to 1048576
[   88.914055][ T5961] netlink: 72 bytes leftover after parsing attributes in process `+}[@'.
[   88.922623][ T5961] netlink: 72 bytes leftover after parsing attributes in process `+}[@'.
[   89.177243][ T5986] loop4: detected capacity change from 0 to 512
[   89.208050][ T5986] EXT4-fs error (device loop4): __ext4_fill_super:5512: inode #2: comm syz.4.930: inode has both inline data and extents flags
[   89.223433][ T5986] EXT4-fs (loop4): get root inode failed
[   89.229229][ T5986] EXT4-fs (loop4): mount failed
[   89.247936][ T5986] FAULT_INJECTION: forcing a failure.
[   89.247936][ T5986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.261053][ T5986] CPU: 1 UID: 0 PID: 5986 Comm: syz.4.930 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.261122][ T5986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   89.261133][ T5986] Call Trace:
[   89.261139][ T5986]  <TASK>
[   89.261146][ T5986]  __dump_stack+0x1d/0x30
[   89.261166][ T5986]  dump_stack_lvl+0xe8/0x140
[   89.261183][ T5986]  dump_stack+0x15/0x1b
[   89.261198][ T5986]  should_fail_ex+0x265/0x280
[   89.261399][ T5986]  should_fail+0xb/0x20
[   89.261412][ T5986]  should_fail_usercopy+0x1a/0x20
[   89.261504][ T5986]  _copy_from_user+0x1c/0xb0
[   89.261525][ T5986]  ___sys_sendmsg+0xc1/0x1d0
[   89.261555][ T5986]  __x64_sys_sendmsg+0xd4/0x160
[   89.261575][ T5986]  x64_sys_call+0x191e/0x3000
[   89.261656][ T5986]  do_syscall_64+0xd2/0x200
[   89.261674][ T5986]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   89.261698][ T5986]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   89.261726][ T5986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.261744][ T5986] RIP: 0033:0x7f042c15f6c9
[   89.261814][ T5986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.261886][ T5986] RSP: 002b:00007f042abc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.261903][ T5986] RAX: ffffffffffffffda RBX: 00007f042c3b5fa0 RCX: 00007f042c15f6c9
[   89.261917][ T5986] RDX: 0000000004004844 RSI: 0000200000000180 RDI: 0000000000000007
[   89.261931][ T5986] RBP: 00007f042abc7090 R08: 0000000000000000 R09: 0000000000000000
[   89.261946][ T5986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.262026][ T5986] R13: 00007f042c3b6038 R14: 00007f042c3b5fa0 R15: 00007ffeb450a738
[   89.262046][ T5986]  </TASK>
[   89.502385][ T5994] loop3: detected capacity change from 0 to 512
[   89.539720][ T5994] EXT4-fs error (device loop3): __ext4_fill_super:5512: inode #2: comm syz.3.931: inode has both inline data and extents flags
[   89.554554][ T5994] EXT4-fs (loop3): get root inode failed
[   89.560385][ T5994] EXT4-fs (loop3): mount failed
[   89.655078][ T6013] netlink: 24 bytes leftover after parsing attributes in process `syz.0.941'.
[   89.895275][   T29] kauditd_printk_skb: 217 callbacks suppressed
[   89.895293][   T29] audit: type=1400 audit(1763498896.556:2807): avc:  denied  { mount } for  pid=6029 comm="syz.1.947" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   89.953788][   T29] audit: type=1326 audit(1763498896.616:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   89.977602][   T29] audit: type=1326 audit(1763498896.646:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.009402][ T6036] lo: entered promiscuous mode
[   90.014217][ T6036] lo: entered allmulticast mode
[   90.030097][ T6036] tunl0: entered promiscuous mode
[   90.033414][   T29] audit: type=1326 audit(1763498896.666:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.035179][ T6036] tunl0: entered allmulticast mode
[   90.058579][   T29] audit: type=1326 audit(1763498896.666:2811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.087060][   T29] audit: type=1326 audit(1763498896.666:2812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.091193][ T6036] gre0: entered promiscuous mode
[   90.110488][   T29] audit: type=1326 audit(1763498896.666:2813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.115438][ T6036] gre0: entered allmulticast mode
[   90.138735][   T29] audit: type=1326 audit(1763498896.666:2814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.167216][   T29] audit: type=1326 audit(1763498896.666:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6017 comm="syz.4.943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[   90.206843][ T6036] gretap0: entered promiscuous mode
[   90.212148][ T6036] gretap0: entered allmulticast mode
[   90.222537][ T6038] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   90.233239][ T6036] erspan0: entered promiscuous mode
[   90.238903][ T6036] erspan0: entered allmulticast mode
[   90.246638][ T6036] ip_vti0: entered promiscuous mode
[   90.252135][ T6036] ip_vti0: entered allmulticast mode
[   90.259097][ T6036] ip6_vti0: entered promiscuous mode
[   90.264427][ T6036] ip6_vti0: entered allmulticast mode
[   90.278579][ T6036] sit0: entered promiscuous mode
[   90.283623][ T6036] sit0: entered allmulticast mode
[   90.299106][ T6036] ip6tnl0: entered promiscuous mode
[   90.304453][ T6036] ip6tnl0: entered allmulticast mode
[   90.319874][ T6036] ip6gre0: entered promiscuous mode
[   90.325144][ T6036] ip6gre0: entered allmulticast mode
[   90.334532][ T6036] syz_tun: entered promiscuous mode
[   90.339830][ T6036] syz_tun: entered allmulticast mode
[   90.353091][ T6036] ip6gretap0: entered promiscuous mode
[   90.359005][ T6036] ip6gretap0: entered allmulticast mode
[   90.367000][ T6050] netlink: 24 bytes leftover after parsing attributes in process `syz.3.956'.
[   90.372751][ T6036] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.383180][ T6036] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.408923][ T6054] netlink: 24 bytes leftover after parsing attributes in process `syz.4.954'.
[   90.415856][ T6055] random: crng reseeded on system resumption
[   90.421741][   T29] audit: type=1400 audit(1763498897.076:2816): avc:  denied  { write } for  pid=6053 comm="syz.2.958" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   90.440354][ T6055] Restarting kernel threads ...
[   90.455034][ T6055] Done restarting kernel threads.
[   90.465174][ T6036] bridge0: entered promiscuous mode
[   90.470550][ T6036] bridge0: entered allmulticast mode
[   90.481732][ T6036] vcan0: entered promiscuous mode
[   90.486860][ T6036] vcan0: entered allmulticast mode
[   90.493640][ T6036] bond0: entered promiscuous mode
[   90.498797][ T6036] bond_slave_0: entered promiscuous mode
[   90.504630][ T6036] bond_slave_1: entered promiscuous mode
[   90.510421][ T6036] bond0: entered allmulticast mode
[   90.515583][ T6036] bond_slave_0: entered allmulticast mode
[   90.521595][ T6036] bond_slave_1: entered allmulticast mode
[   90.531804][ T6036] team0: entered promiscuous mode
[   90.537046][ T6036] team_slave_0: entered promiscuous mode
[   90.543064][ T6036] team_slave_1: entered promiscuous mode
[   90.548927][ T6036] team0: entered allmulticast mode
[   90.554098][ T6036] team_slave_0: entered allmulticast mode
[   90.554236][ T6061] loop2: detected capacity change from 0 to 512
[   90.559866][ T6036] team_slave_1: entered allmulticast mode
[   90.562317][ T6036] dummy0: entered promiscuous mode
[   90.577220][ T6036] dummy0: entered allmulticast mode
[   90.584770][ T6036] nlmon0: entered promiscuous mode
[   90.590128][ T6036] nlmon0: entered allmulticast mode
[   90.590388][ T6061] vfat: Unknown parameter ''
[   90.597074][ T6036] caif0: entered promiscuous mode
[   90.605149][ T6036] caif0: entered allmulticast mode
[   90.611479][ T6036] batadv0: entered promiscuous mode
[   90.616728][ T6036] batadv0: entered allmulticast mode
[   90.624721][ T6036] vxcan0: entered promiscuous mode
[   90.626442][ T6060] 9p: Unknown access argument : -22
[   90.629905][ T6036] vxcan0: entered allmulticast mode
[   90.631096][ T6036] vxcan1: entered promiscuous mode
[   90.645916][ T6036] vxcan1: entered allmulticast mode
[   90.652625][ T6036] veth0: entered promiscuous mode
[   90.657817][ T6036] veth0: entered allmulticast mode
[   90.664883][ T6036] veth1: entered promiscuous mode
[   90.670116][ T6036] veth1: entered allmulticast mode
[   90.677530][ T6036] wg0: entered promiscuous mode
[   90.682489][ T6036] wg0: entered allmulticast mode
[   90.689129][ T6036] wg1: entered promiscuous mode
[   90.694106][ T6036] wg1: entered allmulticast mode
[   90.701055][ T6036] wg2: entered promiscuous mode
[   90.705972][ T6036] wg2: entered allmulticast mode
[   90.712634][ T6036] veth0_to_bridge: entered promiscuous mode
[   90.718753][ T6036] veth0_to_bridge: entered allmulticast mode
[   90.729151][ T6036] veth1_to_bridge: entered promiscuous mode
[   90.735164][ T6036] veth1_to_bridge: entered allmulticast mode
[   90.744727][ T6036] veth0_to_bond: entered promiscuous mode
[   90.750783][ T6036] veth0_to_bond: entered allmulticast mode
[   90.759105][ T6036] veth1_to_bond: entered promiscuous mode
[   90.764933][ T6036] veth1_to_bond: entered allmulticast mode
[   90.774110][ T6036] veth0_to_team: entered promiscuous mode
[   90.780089][ T6036] veth0_to_team: entered allmulticast mode
[   90.789034][ T6036] veth1_to_team: entered promiscuous mode
[   90.794818][ T6036] veth1_to_team: entered allmulticast mode
[   90.803478][ T6036] veth0_to_batadv: entered promiscuous mode
[   90.809448][ T6036] veth0_to_batadv: entered allmulticast mode
[   90.816669][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.824736][ T6036] batadv_slave_0: entered promiscuous mode
[   90.830849][ T6036] batadv_slave_0: entered allmulticast mode
[   90.838604][ T6036] veth1_to_batadv: entered promiscuous mode
[   90.844896][ T6036] veth1_to_batadv: entered allmulticast mode
[   90.852729][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.860331][ T6036] batadv_slave_1: entered promiscuous mode
[   90.866240][ T6036] batadv_slave_1: entered allmulticast mode
[   90.873973][ T6036] xfrm0: entered promiscuous mode
[   90.879054][ T6036] xfrm0: entered allmulticast mode
[   90.885630][ T6036] veth0_to_hsr: entered promiscuous mode
[   90.891815][ T6036] veth0_to_hsr: entered allmulticast mode
[   90.899478][ T6036] hsr_slave_0: entered allmulticast mode
[   90.906019][ T6036] veth1_to_hsr: entered promiscuous mode
[   90.911925][ T6036] veth1_to_hsr: entered allmulticast mode
[   90.919395][ T6036] hsr_slave_1: entered allmulticast mode
[   90.926173][ T6036] hsr0: entered promiscuous mode
[   90.931293][ T6036] hsr0: entered allmulticast mode
[   90.937967][ T6036] veth1_virt_wifi: entered promiscuous mode
[   90.944021][ T6036] veth1_virt_wifi: entered allmulticast mode
[   90.951992][ T6036] veth0_virt_wifi: entered promiscuous mode
[   90.957962][ T6036] veth0_virt_wifi: entered allmulticast mode
[   90.965143][ T6036] veth1_vlan: entered allmulticast mode
[   90.972448][ T6036] veth0_vlan: entered allmulticast mode
[   90.981591][ T6036] vlan0: entered promiscuous mode
[   90.986800][ T6036] vlan0: entered allmulticast mode
[   90.992263][ T6036] vlan1: entered promiscuous mode
[   90.997384][ T6036] vlan1: entered allmulticast mode
[   91.003183][ T6036] macvlan0: entered promiscuous mode
[   91.008819][ T6036] macvlan0: entered allmulticast mode
[   91.015555][ T6036] macvlan1: entered promiscuous mode
[   91.020915][ T6036] macvlan1: entered allmulticast mode
[   91.027833][ T6036] ipvlan0: entered promiscuous mode
[   91.033066][ T6036] ipvlan0: entered allmulticast mode
[   91.038464][ T6036] ipvlan1: entered promiscuous mode
[   91.043772][ T6036] ipvlan1: entered allmulticast mode
[   91.049724][ T6036] veth1_macvtap: entered allmulticast mode
[   91.056732][ T6036] veth0_macvtap: entered allmulticast mode
[   91.064197][ T6036] macvtap0: entered promiscuous mode
[   91.069613][ T6036] macvtap0: entered allmulticast mode
[   91.076165][ T6036] macsec0: entered promiscuous mode
[   91.081599][ T6036] macsec0: entered allmulticast mode
[   91.088357][ T6036] geneve0: entered promiscuous mode
[   91.093731][ T6036] geneve0: entered allmulticast mode
[   91.100315][ T6036] geneve1: entered promiscuous mode
[   91.105531][ T6036] geneve1: entered allmulticast mode
[   91.113630][ T6036] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   91.121164][ T6036] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   91.129391][ T6036] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[   91.136696][ T6036] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[   91.145450][ T6036] netdevsim netdevsim1 netdevsim2: entered promiscuous mode
[   91.153050][ T6036] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[   91.161342][ T6036] netdevsim netdevsim1 netdevsim3: entered promiscuous mode
[   91.168719][ T6036] netdevsim netdevsim1 netdevsim3: entered allmulticast mode
[   91.176585][ T6036] nicvf0: entered promiscuous mode
[   91.181900][ T6036] nicvf0: entered allmulticast mode
[   91.187325][ T6036] syztnl1: entered promiscuous mode
[   91.192538][ T6036] syztnl1: entered allmulticast mode
[   91.197938][ T6036] vlan2: entered promiscuous mode
[   91.203100][ T6036] vlan2: entered allmulticast mode
[   91.208408][ T6036] syzkaller0: entered promiscuous mode
[   91.214078][ T6036] syzkaller0: entered allmulticast mode
[   91.233862][  T271] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.257003][  T271] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.288756][  T271] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.300810][ T6071] loop1: detected capacity change from 0 to 512
[   91.317678][ T6068] loop3: detected capacity change from 0 to 1024
[   91.327534][ T6073] loop4: detected capacity change from 0 to 1024
[   91.333986][  T271] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   91.341219][ T6068] EXT4-fs: inline encryption not supported
[   91.349057][ T6071] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   91.364193][ T6073] EXT4-fs: inline encryption not supported
[   91.384362][ T6071] EXT4-fs (loop1): 1 truncate cleaned up
[   91.407937][ T6071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.435109][ T6068] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.450776][ T6073] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.510041][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.656785][ T6085] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   91.707730][ T6085] EXT4-fs (loop4): Remounting filesystem read-only
[   91.751424][ T6068] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   91.833594][ T6068] EXT4-fs (loop3): Remounting filesystem read-only
[   91.948178][ T6099] loop1: detected capacity change from 0 to 128
[   91.975645][ T6103] 9p: Unknown access argument : -22
[   92.049121][ T6109] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   92.064507][ T6109] vhci_hcd: invalid port number 96
[   92.069811][ T6109] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[   92.107754][ T6112] loop4: detected capacity change from 0 to 128
[   92.167459][ T6116] loop3: detected capacity change from 0 to 128
[   92.200079][ T6116] SELinux:  policydb version 431990519 does not match my version range 15-35
[   92.204448][ T6099] Buffer I/O error on dev loop1, logical block 305, async page read
[   92.230243][ T6116] SELinux: failed to load policy
[   92.230281][ T6099] Buffer I/O error on dev loop1, logical block 306, async page read
[   92.265343][ T6099] Buffer I/O error on dev loop1, logical block 307, async page read
[   92.273762][ T6099] Buffer I/O error on dev loop1, logical block 308, async page read
[   92.282044][ T6099] Buffer I/O error on dev loop1, logical block 309, async page read
[   92.301152][ T6099] Buffer I/O error on dev loop1, logical block 310, async page read
[   92.321356][ T6099] Buffer I/O error on dev loop1, logical block 311, async page read
[   92.327120][ T6112] Buffer I/O error on dev loop4, logical block 305, async page read
[   92.338267][ T6112] Buffer I/O error on dev loop4, logical block 306, async page read
[   92.732360][ T6130] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   92.891461][ T6132] __nla_validate_parse: 5 callbacks suppressed
[   92.891510][ T6132] netlink: 12 bytes leftover after parsing attributes in process `syz.2.986'.
[   92.914369][ T6134] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   92.972463][ T6112] bio_check_eod: 69503 callbacks suppressed
[   92.972483][ T6112] syz.4.978: attempt to access beyond end of device
[   92.972483][ T6112] loop4: rw=0, sector=311, nr_sectors = 1 limit=128
[   92.994977][ T6112] syz.4.978: attempt to access beyond end of device
[   92.994977][ T6112] loop4: rw=0, sector=312, nr_sectors = 1 limit=128
[   93.008628][ T6103] netlink: 12 bytes leftover after parsing attributes in process `syz.0.976'.
[   93.039577][ T6138] loop2: detected capacity change from 0 to 512
[   93.046783][ T6138] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   93.074770][ T6142] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   93.105125][ T6138] EXT4-fs error (device loop2): xattr_find_entry:337: inode #15: comm syz.2.989: corrupted xattr entries
[   93.139946][ T6138] EXT4-fs (loop2): 1 truncate cleaned up
[   93.186038][ T6149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.993'.
[   93.276887][ T6158] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   93.317746][ T6162] netlink: 'syz.3.999': attribute type 12 has an invalid length.
[   93.329816][ T6162] netlink: 16 bytes leftover after parsing attributes in process `syz.3.999'.
[   93.372273][ T6162] loop3: detected capacity change from 0 to 128
[   93.389738][ T6168] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1000'.
[   93.395463][ T6162] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[   93.408883][ T6162] FAT-fs (loop3): Filesystem has been set read-only
[   93.583838][ T6185] loop0: detected capacity change from 0 to 512
[   93.649665][ T6185] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   93.670891][ T6185] EXT4-fs (loop0): 1 truncate cleaned up
[   93.678616][ T6197] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1008'.
[   93.759769][ T6202] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   94.011360][ T6221] loop2: detected capacity change from 0 to 512
[   94.037280][ T6221] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.055870][ T6223] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1019'.
[   94.079375][ T6223] loop0: detected capacity change from 0 to 128
[   94.088826][ T6221] EXT4-fs (loop2): 1 truncate cleaned up
[   94.123610][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.123610][ T6223] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128
[   94.159879][ T6232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1024'.
[   94.177856][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.177856][ T6223] loop0: rw=2049, sector=161, nr_sectors = 8 limit=128
[   94.219993][ T6235] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1025'.
[   94.257393][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.257393][ T6223] loop0: rw=2049, sector=177, nr_sectors = 24 limit=128
[   94.402859][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.402859][ T6223] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[   94.450092][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.450092][ T6223] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[   94.493453][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.493453][ T6223] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[   94.518476][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.518476][ T6223] loop0: rw=2049, sector=257, nr_sectors = 8 limit=128
[   94.542835][ T6223] syz.0.1019: attempt to access beyond end of device
[   94.542835][ T6223] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128
[   94.724378][ T6257] loop1: detected capacity change from 0 to 1024
[   94.753095][ T6262] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1037'.
[   94.754534][ T6263] loop3: detected capacity change from 0 to 1024
[   94.768795][ T6257] EXT4-fs: inline encryption not supported
[   94.789232][ T6263] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   94.800200][ T6263] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   94.823321][ T6263] JBD2: no valid journal superblock found
[   94.829128][ T6263] EXT4-fs (loop3): Could not load journal inode
[   94.991793][ T6268] loop3: detected capacity change from 0 to 1024
[   95.000246][ T6274] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   95.026714][ T6268] EXT4-fs: Ignoring removed orlov option
[   95.057679][ T6274] EXT4-fs (loop1): Remounting filesystem read-only
[   95.075944][ T6268] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   95.247125][   T29] kauditd_printk_skb: 135 callbacks suppressed
[   95.253407][   T29] audit: type=1326 audit(1763498901.906:2952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.276988][   T29] audit: type=1326 audit(1763498901.906:2953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.393260][   T29] audit: type=1326 audit(1763498901.916:2954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.416960][   T29] audit: type=1326 audit(1763498901.916:2955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.440514][   T29] audit: type=1326 audit(1763498901.936:2956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.463972][   T29] audit: type=1326 audit(1763498901.946:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.487412][   T29] audit: type=1326 audit(1763498901.946:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.511175][   T29] audit: type=1326 audit(1763498901.946:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.534702][   T29] audit: type=1326 audit(1763498901.946:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.559019][   T29] audit: type=1326 audit(1763498901.946:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.0.1043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[   95.733167][ T6300] loop4: detected capacity change from 0 to 128
[   95.890681][ T6300] buffer_io_error: 68167 callbacks suppressed
[   95.890697][ T6300] Buffer I/O error on dev loop4, logical block 305, async page read
[   95.905190][ T6300] Buffer I/O error on dev loop4, logical block 306, async page read
[   95.913839][ T6300] Buffer I/O error on dev loop4, logical block 307, async page read
[   95.921996][ T6300] Buffer I/O error on dev loop4, logical block 308, async page read
[   95.930177][ T6300] Buffer I/O error on dev loop4, logical block 309, async page read
[   95.938365][ T6300] Buffer I/O error on dev loop4, logical block 310, async page read
[   95.946447][ T6300] Buffer I/O error on dev loop4, logical block 311, async page read
[   95.955129][ T6300] Buffer I/O error on dev loop4, logical block 312, async page read
[   95.963272][ T6300] Buffer I/O error on dev loop4, logical block 305, async page read
[   95.971488][ T6300] Buffer I/O error on dev loop4, logical block 306, async page read
[   96.149372][ T6310] loop0: detected capacity change from 0 to 512
[   96.168258][ T6310] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1052: inode has both inline data and extents flags
[   96.193759][ T6310] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1052: couldn't read orphan inode 15 (err -117)
[   96.551928][ T6320] loop2: detected capacity change from 0 to 128
[   96.637721][ T6336] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   96.661312][ T6338] loop4: detected capacity change from 0 to 512
[   96.673239][ T6336] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   96.708611][ T6338] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1065: inode has both inline data and extents flags
[   96.763951][ T6338] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1065: couldn't read orphan inode 15 (err -117)
[   96.795000][ T6348] loop3: detected capacity change from 0 to 1024
[   96.835997][ T6348] EXT4-fs: inline encryption not supported
[   97.150919][ T6357] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   97.187618][ T6357] EXT4-fs (loop3): Remounting filesystem read-only
[   97.583941][ T6377] netlink: 'syz.2.1078': attribute type 1 has an invalid length.
[   97.612658][ T6377] 8021q: adding VLAN 0 to HW filter on device bond1
[   97.655663][ T6377] bond1: (slave batadv1): Opening slave failed
[   97.720585][ T6383] loop2: detected capacity change from 0 to 512
[   97.770352][ T6386] loop0: detected capacity change from 0 to 512
[   97.796804][ T6383] EXT4-fs (loop2): too many log groups per flexible block group
[   97.811787][ T6386] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1083: inode has both inline data and extents flags
[   97.828873][ T6383] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   97.835714][ T6383] EXT4-fs (loop2): mount failed
[   97.858875][ T6386] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1083: couldn't read orphan inode 15 (err -117)
[   97.961096][ T6386] __nla_validate_parse: 12 callbacks suppressed
[   97.961112][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1083'.
[   97.983011][ T6401] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1088'.
[   98.053425][ T6409] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1092'.
[   98.070186][ T6412] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1093'.
[   98.082402][ T6409] loop4: detected capacity change from 0 to 128
[   98.113983][ T6409] bio_check_eod: 88265 callbacks suppressed
[   98.114001][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.114001][ T6409] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[   98.152023][ T6415] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1095'.
[   98.210737][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.210737][ T6409] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[   98.271330][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.271330][ T6409] loop4: rw=2049, sector=177, nr_sectors = 24 limit=128
[   98.307049][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.307049][ T6409] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[   98.332252][ T6429] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1100'.
[   98.344295][ T6431] syz.4.1092: attempt to access beyond end of device
[   98.344295][ T6431] loop4: rw=2049, sector=305, nr_sectors = 80 limit=128
[   98.359776][ T6430] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1101'.
[   98.366310][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.366310][ T6409] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[   98.386659][ T6431] syz.4.1092: attempt to access beyond end of device
[   98.386659][ T6431] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[   98.412773][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.412773][ T6409] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[   98.452802][ T6431] syz.4.1092: attempt to access beyond end of device
[   98.452802][ T6431] loop4: rw=2049, sector=409, nr_sectors = 8 limit=128
[   98.481852][ T6409] syz.4.1092: attempt to access beyond end of device
[   98.481852][ T6409] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[   98.510247][ T6441] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1105'.
[   98.602632][ T6445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1108'.
[   98.669245][ T6453] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1112'.
[   98.791472][ T6467] loop0: detected capacity change from 0 to 128
[   98.858403][ T6470] loop2: detected capacity change from 0 to 1024
[   98.892963][ T6470] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   98.903895][ T6470] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   98.939438][ T6470] JBD2: no valid journal superblock found
[   98.945298][ T6470] EXT4-fs (loop2): Could not load journal inode
[   99.030962][ T6485] loop2: detected capacity change from 0 to 1024
[   99.047791][ T6485] EXT4-fs: Ignoring removed orlov option
[   99.057603][ T6485] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   99.069428][ T6490] loop4: detected capacity change from 0 to 128
[   99.137331][ T6491] netdevsim netdevsim1: Direct firmware load for $ failed with error -2
[   99.147811][ T6485] EXT4-fs mount: 20 callbacks suppressed
[   99.147827][ T6485] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.179496][ T6491] netlink: 'syz.1.1127': attribute type 10 has an invalid length.
[   99.197357][ T6491] geneve1: left promiscuous mode
[   99.203058][ T6491] geneve1: left allmulticast mode
[   99.236780][ T6491] geneve1: entered promiscuous mode
[   99.243656][ T6491] geneve1: entered allmulticast mode
[   99.377006][ T6491] team0: Port device geneve1 added
[   99.397711][  T271] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.409461][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.419056][  T271] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.430297][  T271] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.481607][  T271] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.586441][ T6505] FAULT_INJECTION: forcing a failure.
[   99.586441][ T6505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.599633][ T6505] CPU: 0 UID: 0 PID: 6505 Comm: syz.2.1132 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.599688][ T6505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   99.599700][ T6505] Call Trace:
[   99.599706][ T6505]  <TASK>
[   99.599713][ T6505]  __dump_stack+0x1d/0x30
[   99.599771][ T6505]  dump_stack_lvl+0xe8/0x140
[   99.599797][ T6505]  dump_stack+0x15/0x1b
[   99.599819][ T6505]  should_fail_ex+0x265/0x280
[   99.599863][ T6505]  should_fail+0xb/0x20
[   99.599890][ T6505]  should_fail_usercopy+0x1a/0x20
[   99.599915][ T6505]  _copy_from_user+0x1c/0xb0
[   99.599939][ T6505]  sock_do_ioctl+0xe6/0x220
[   99.600025][ T6505]  sock_ioctl+0x41b/0x610
[   99.600049][ T6505]  ? __pfx_sock_ioctl+0x10/0x10
[   99.600077][ T6505]  __se_sys_ioctl+0xce/0x140
[   99.600102][ T6505]  __x64_sys_ioctl+0x43/0x50
[   99.600138][ T6505]  x64_sys_call+0x1816/0x3000
[   99.600158][ T6505]  do_syscall_64+0xd2/0x200
[   99.600253][ T6505]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   99.600282][ T6505]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   99.600342][ T6505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.600431][ T6505] RIP: 0033:0x7f03e56ef6c9
[   99.600445][ T6505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.600462][ T6505] RSP: 002b:00007f03e4157038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.600481][ T6505] RAX: ffffffffffffffda RBX: 00007f03e5945fa0 RCX: 00007f03e56ef6c9
[   99.600493][ T6505] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000005
[   99.600574][ T6505] RBP: 00007f03e4157090 R08: 0000000000000000 R09: 0000000000000000
[   99.600598][ T6505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.600613][ T6505] R13: 00007f03e5946038 R14: 00007f03e5945fa0 R15: 00007fffb82cca58
[   99.600637][ T6505]  </TASK>
[   99.816292][ T6507] syzkaller0: port 1(batadv1) entered blocking state
[   99.823122][ T6507] syzkaller0: port 1(batadv1) entered disabled state
[   99.836922][ T6507] batadv1: entered allmulticast mode
[   99.843072][ T6507] batadv1: entered promiscuous mode
[   99.883480][ T6510] SELinux:  Context system_u:object_r:sulogin_exec_t:s0 is not valid (left unmapped).
[   99.979410][ T6522] loop2: detected capacity change from 0 to 128
[  100.330477][  T271] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  100.339849][  T271] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  100.633725][ T6536] loop2: detected capacity change from 0 to 512
[  100.686589][ T6536] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  100.720359][   T29] kauditd_printk_skb: 501 callbacks suppressed
[  100.720378][   T29] audit: type=1326 audit(1763498907.386:3463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6525 comm="syz.4.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[  100.757516][   T29] audit: type=1326 audit(1763498907.386:3464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6525 comm="syz.4.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[  100.762248][ T6536] EXT4-fs (loop2): 1 truncate cleaned up
[  100.877765][ T6536] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.924172][ T6543] loop1: detected capacity change from 0 to 128
[  100.971350][   T29] audit: type=1326 audit(1763498907.636:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6525 comm="syz.4.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[  101.057922][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.077725][ T6543] buffer_io_error: 113319 callbacks suppressed
[  101.077742][ T6543] Buffer I/O error on dev loop1, logical block 305, async page read
[  101.092103][ T6543] Buffer I/O error on dev loop1, logical block 306, async page read
[  101.101970][ T6543] Buffer I/O error on dev loop1, logical block 307, async page read
[  101.119304][ T6543] Buffer I/O error on dev loop1, logical block 308, async page read
[  101.122684][   T29] audit: type=1326 audit(1763498907.776:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6525 comm="syz.4.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[  101.134141][ T6543] Buffer I/O error on dev loop1, logical block 309, async page read
[  101.150839][   T29] audit: type=1326 audit(1763498907.776:3467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6525 comm="syz.4.1141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f042c15f6c9 code=0x7ffc0000
[  101.183851][ T6543] Buffer I/O error on dev loop1, logical block 310, async page read
[  101.237451][ T6543] Buffer I/O error on dev loop1, logical block 311, async page read
[  101.277674][ T6543] Buffer I/O error on dev loop1, logical block 312, async page read
[  101.288911][   T29] audit: type=1326 audit(1763498907.886:3468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e56ef6c9 code=0x7ffc0000
[  101.308595][ T6543] Buffer I/O error on dev loop1, logical block 305, async page read
[  101.312445][   T29] audit: type=1326 audit(1763498907.886:3469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03e56ef6c9 code=0x7ffc0000
[  101.343855][   T29] audit: type=1326 audit(1763498907.886:3470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e56ef6c9 code=0x7ffc0000
[  101.357637][ T6543] Buffer I/O error on dev loop1, logical block 306, async page read
[  101.367532][   T29] audit: type=1326 audit(1763498907.886:3471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03e56ef6c9 code=0x7ffc0000
[  101.398898][   T29] audit: type=1326 audit(1763498907.886:3472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6549 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e56ef6c9 code=0x7ffc0000
[  101.698263][ T6560] netlink: 'syz.0.1153': attribute type 12 has an invalid length.
[  101.799876][ T6571] loop1: detected capacity change from 0 to 512
[  101.822344][ T6571] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  101.852767][ T6571] EXT4-fs (loop1): 1 truncate cleaned up
[  101.867552][ T6571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.966045][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.019915][ T6580] batadv_slave_1: entered promiscuous mode
[  102.085114][ T6579] batadv_slave_1: left promiscuous mode
[  102.252054][ T6603] loop2: detected capacity change from 0 to 128
[  102.261322][ T6602] loop0: detected capacity change from 0 to 512
[  102.272361][ T6596] loop1: detected capacity change from 0 to 128
[  102.307255][ T6602] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  102.347759][ T6602] EXT4-fs (loop0): 1 truncate cleaned up
[  102.353847][ T6602] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.402682][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.604519][ T6616] loop2: detected capacity change from 0 to 128
[  102.812940][ T6630] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  102.877696][ T6633] loop3: detected capacity change from 0 to 512
[  102.905594][ T6635] batadv_slave_1: entered promiscuous mode
[  102.920218][ T6633] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.951837][ T6634] batadv_slave_1: left promiscuous mode
[  102.967424][ T6638] __nla_validate_parse: 15 callbacks suppressed
[  102.967446][ T6638] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1186'.
[  103.003451][ T6633] EXT4-fs (loop3): 1 truncate cleaned up
[  103.028846][ T6638] loop0: detected capacity change from 0 to 128
[  103.035548][ T6633] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.124632][ T6652] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1189'.
[  103.140604][ T6654] loop1: detected capacity change from 0 to 1024
[  103.160647][  T271] bio_check_eod: 82668 callbacks suppressed
[  103.160718][  T271] kworker/u8:5: attempt to access beyond end of device
[  103.160718][  T271] loop0: rw=1, sector=305, nr_sectors = 1 limit=128
[  103.181766][ T6654] EXT4-fs: inline encryption not supported
[  103.198657][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.262891][ T6659] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1192'.
[  103.267371][ T6654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.333382][ T6662] loop4: detected capacity change from 0 to 1024
[  103.338524][ T6663] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1191'.
[  103.349455][ T6662] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  103.360395][ T6662] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  103.367726][ T6666] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  103.407421][ T6662] JBD2: no valid journal superblock found
[  103.413201][ T6662] EXT4-fs (loop4): Could not load journal inode
[  103.427501][ T6666] EXT4-fs (loop1): Remounting filesystem read-only
[  103.499963][ T6673] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  103.514442][ T6674] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1196'.
[  103.534130][ T6675] loop4: detected capacity change from 0 to 1024
[  103.541315][ T6675] EXT4-fs: Ignoring removed orlov option
[  103.553923][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.647260][ T6675] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  103.662314][ T6684] loop3: detected capacity change from 0 to 512
[  103.677365][ T6686] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1202'.
[  103.698204][ T6684] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  103.725876][ T6675] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.741957][ T6686] loop0: detected capacity change from 0 to 128
[  103.783342][ T6686] syz.0.1202: attempt to access beyond end of device
[  103.783342][ T6686] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128
[  103.818254][ T2574] Bluetooth: hci0: Frame reassembly failed (-84)
[  103.821274][ T6700] loop1: detected capacity change from 0 to 1024
[  103.832448][ T6684] EXT4-fs (loop3): 1 truncate cleaned up
[  103.847189][ T6700] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  103.858184][ T6700] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  103.868671][ T6686] syz.0.1202: attempt to access beyond end of device
[  103.868671][ T6686] loop0: rw=2049, sector=161, nr_sectors = 8 limit=128
[  103.891278][ T6684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.924285][ T6700] JBD2: no valid journal superblock found
[  103.930081][ T6700] EXT4-fs (loop1): Could not load journal inode
[  103.985273][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.996665][ T6686] syz.0.1202: attempt to access beyond end of device
[  103.996665][ T6686] loop0: rw=2049, sector=177, nr_sectors = 24 limit=128
[  104.047840][ T6686] syz.0.1202: attempt to access beyond end of device
[  104.047840][ T6686] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[  104.064805][ T6704] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1205'.
[  104.084751][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.117258][ T6686] syz.0.1202: attempt to access beyond end of device
[  104.117258][ T6686] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[  104.152773][ T6710] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1208'.
[  104.163767][ T6710] loop4: detected capacity change from 0 to 128
[  104.182137][ T6705] loop1: detected capacity change from 0 to 1024
[  104.183647][ T6710] syz.4.1208: attempt to access beyond end of device
[  104.183647][ T6710] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  104.209727][ T6710] syz.4.1208: attempt to access beyond end of device
[  104.209727][ T6710] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  104.227303][ T6710] syz.4.1208: attempt to access beyond end of device
[  104.227303][ T6710] loop4: rw=2049, sector=177, nr_sectors = 24 limit=128
[  104.227356][ T6686] syz.0.1202: attempt to access beyond end of device
[  104.227356][ T6686] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[  104.255152][ T6705] EXT4-fs: Ignoring removed orlov option
[  104.306953][ T6715] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1209'.
[  104.324625][ T6717] loop3: detected capacity change from 0 to 512
[  104.379197][ T6705] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  104.407323][ T6717] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  104.469048][ T6705] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.507355][ T6717] EXT4-fs (loop3): 1 truncate cleaned up
[  104.527679][ T6717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.691113][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.732124][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.777867][ T6725] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  104.801241][ T6727] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1211'.
[  105.169543][ T6743] loop4: detected capacity change from 0 to 128
[  105.837266][ T6698] Bluetooth: hci0: command 0x1003 tx timeout
[  105.845274][ T3538] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  106.043559][ T6762] loop4: detected capacity change from 0 to 512
[  106.071018][ T6762] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  106.101813][ T6762] EXT4-fs (loop4): 1 truncate cleaned up
[  106.111524][ T6762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.181984][ T6769] loop1: detected capacity change from 0 to 512
[  106.213147][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.243021][ T6769] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1230: inode has both inline data and extents flags
[  106.257665][ T6769] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1230: couldn't read orphan inode 15 (err -117)
[  106.291965][ T6769] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.374406][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  106.374425][   T29] audit: type=1326 audit(1763498913.036:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.442578][   T29] audit: type=1326 audit(1763498913.036:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.466153][   T29] audit: type=1326 audit(1763498913.036:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.489866][   T29] audit: type=1326 audit(1763498913.036:3603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.513319][   T29] audit: type=1326 audit(1763498913.036:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.518369][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.536898][   T29] audit: type=1326 audit(1763498913.036:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.569277][   T29] audit: type=1326 audit(1763498913.076:3606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.592774][   T29] audit: type=1326 audit(1763498913.076:3607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.616289][   T29] audit: type=1326 audit(1763498913.076:3608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.639845][   T29] audit: type=1326 audit(1763498913.076:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.0.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f696916f6c9 code=0x7ffc0000
[  106.676242][ T6786] batadv_slave_1: entered promiscuous mode
[  106.758044][ T6791] loop1: detected capacity change from 0 to 128
[  106.758554][ T6793] loop2: detected capacity change from 0 to 136
[  106.783495][ T6783] netlink: 'syz.4.1235': attribute type 12 has an invalid length.
[  106.796152][ T6783] loop4: detected capacity change from 0 to 128
[  106.822987][ T6783] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  106.833292][ T6783] FAT-fs (loop4): Filesystem has been set read-only
[  106.899960][ T6791] buffer_io_error: 88346 callbacks suppressed
[  106.899977][ T6791] Buffer I/O error on dev loop1, logical block 305, async page read
[  106.905184][ T6799] netlink: 'syz.4.1242': attribute type 1 has an invalid length.
[  106.938094][ T6799] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.946913][ T6791] Buffer I/O error on dev loop1, logical block 306, async page read
[  106.955234][ T6791] Buffer I/O error on dev loop1, logical block 307, async page read
[  106.963423][ T6791] Buffer I/O error on dev loop1, logical block 308, async page read
[  106.971588][ T6791] Buffer I/O error on dev loop1, logical block 309, async page read
[  106.979790][ T6791] Buffer I/O error on dev loop1, logical block 310, async page read
[  106.988021][ T6791] Buffer I/O error on dev loop1, logical block 311, async page read
[  106.996162][ T6791] Buffer I/O error on dev loop1, logical block 312, async page read
[  107.004395][ T6791] Buffer I/O error on dev loop1, logical block 305, async page read
[  107.012522][ T6791] Buffer I/O error on dev loop1, logical block 306, async page read
[  107.036952][ T6799] bond1: (slave batadv1): Opening slave failed
[  107.187031][ T6810] loop4: detected capacity change from 0 to 512
[  107.238329][ T6814] 9pnet_fd: Insufficient options for proto=fd
[  107.337677][ T6810] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1247: inode has both inline data and extents flags
[  107.372672][ T6819] netdevsim netdevsim2: Direct firmware load for $ failed with error -2
[  107.382053][ T6810] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1247: couldn't read orphan inode 15 (err -117)
[  107.427709][ T6810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.431375][ T6819] netlink: 'syz.2.1251': attribute type 10 has an invalid length.
[  107.494211][ T6821] loop0: detected capacity change from 0 to 1024
[  107.515691][ T6821] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.526681][ T6821] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.536595][ T6819] team0: Port device geneve1 added
[  107.556785][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.566738][ T6784] batadv_slave_1: left promiscuous mode
[  107.573408][ T6821] JBD2: no valid journal superblock found
[  107.579263][ T6821] EXT4-fs (loop0): Could not load journal inode
[  107.672156][ T6830] loop4: detected capacity change from 0 to 1024
[  107.695148][ T6830] EXT4-fs: inline encryption not supported
[  107.727300][ T6835] loop0: detected capacity change from 0 to 1024
[  107.751349][ T6835] EXT4-fs: Ignoring removed orlov option
[  107.759155][ T6835] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  107.804708][ T6845] 9p: Unknown access argument : -22
[  107.813016][ T6830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.841659][ T6835] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.858621][ T6851] veth0_macvtap: entered allmulticast mode
[  108.075852][ T6864] batadv_slave_1: entered promiscuous mode
[  108.090488][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.102737][ T6862] __nla_validate_parse: 11 callbacks suppressed
[  108.102754][ T6862] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1266'.
[  108.174707][ T6862] loop1: detected capacity change from 0 to 128
[  108.193425][ T6867] pimreg: entered allmulticast mode
[  108.212544][ T6862] bio_check_eod: 80991 callbacks suppressed
[  108.212560][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.212560][ T6862] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[  108.230084][ T6867] pimreg: left allmulticast mode
[  108.242128][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.242128][ T6862] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[  108.258742][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.286205][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.286205][ T6862] loop1: rw=2049, sector=177, nr_sectors = 24 limit=128
[  108.300703][ T6871] capability: warning: `syz.0.1268' uses deprecated v2 capabilities in a way that may be insecure
[  108.335771][ T6872] loop4: detected capacity change from 0 to 1024
[  108.346446][ T6874] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1270'.
[  108.352015][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.352015][ T6862] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  108.397487][ T6869] syz.1.1266: attempt to access beyond end of device
[  108.397487][ T6869] loop1: rw=2049, sector=305, nr_sectors = 80 limit=128
[  108.416659][ T6872] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  108.421260][ T6869] syz.1.1266: attempt to access beyond end of device
[  108.421260][ T6869] loop1: rw=2049, sector=393, nr_sectors = 8 limit=128
[  108.427679][ T6872] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  108.451047][ T6872] JBD2: no valid journal superblock found
[  108.456848][ T6872] EXT4-fs (loop4): Could not load journal inode
[  108.482192][ T6869] syz.1.1266: attempt to access beyond end of device
[  108.482192][ T6869] loop1: rw=2049, sector=409, nr_sectors = 8 limit=128
[  108.496648][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.496648][ T6862] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  108.537237][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.537237][ T6862] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  108.554526][ T6862] syz.1.1266: attempt to access beyond end of device
[  108.554526][ T6862] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  108.647859][ T6879] loop4: detected capacity change from 0 to 1024
[  108.717686][ T6879] EXT4-fs: Ignoring removed orlov option
[  108.738179][ T6879] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  108.787271][ T6879] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.813290][ T6888] loop1: detected capacity change from 0 to 2048
[  108.851501][ T6888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.908092][ T6863] batadv_slave_1: left promiscuous mode
[  108.934412][ T6888] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  108.970081][ T6888] bond1: entered promiscuous mode
[  108.975188][ T6888] bond1: entered allmulticast mode
[  108.991669][ T6888] 8021q: adding VLAN 0 to HW filter on device bond1
[  108.997549][ T6845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1259'.
[  109.019868][ T6888] bond1 (unregistering): Released all slaves
[  109.097901][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.139174][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.212584][ T6906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1278'.
[  109.225011][ T6902] loop2: detected capacity change from 0 to 1024
[  109.280841][ T6902] EXT4-fs: inline encryption not supported
[  109.331025][ T6902] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.351510][ T6914] netlink: 'syz.0.1281': attribute type 1 has an invalid length.
[  109.395804][ T6914] 8021q: adding VLAN 0 to HW filter on device bond1
[  109.430631][ T6916] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1283'.
[  109.449805][ T6919] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1282'.
[  109.473296][ T6921] bond1: (slave batadv1): Opening slave failed
[  109.528723][ T6916] loop4: detected capacity change from 0 to 128
[  109.806231][ T6925] netlink: 'syz.0.1285': attribute type 10 has an invalid length.
[  109.814177][ T6925] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1285'.
[  109.877895][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.883900][ T6925] team0: Port device geneve1 added
[  109.903269][ T6930] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1287'.
[  110.011040][ T6936] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1291'.
[  110.039150][ T6937] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1288'.
[  110.070219][ T6937] loop2: detected capacity change from 0 to 128
[  110.096282][ T6947] loop3: detected capacity change from 0 to 512
[  110.097342][ T6945] loop1: detected capacity change from 0 to 512
[  110.140768][ T6948] netlink: 'syz.0.1296': attribute type 1 has an invalid length.
[  110.144547][ T6947] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1294: inode has both inline data and extents flags
[  110.169458][ T6945] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.182906][ T6947] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1294: couldn't read orphan inode 15 (err -117)
[  110.185829][ T6948] 8021q: adding VLAN 0 to HW filter on device bond2
[  110.205140][ T6947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.229997][ T6945] EXT4-fs (loop1): 1 truncate cleaned up
[  110.236649][ T6945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.293276][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.310120][ T6959] loop0: detected capacity change from 0 to 1024
[  110.317329][ T6959] EXT4-fs: inline encryption not supported
[  110.341889][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.354406][ T6959] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.355090][ T6962] 9p: Unknown access argument : -22
[  110.381144][ T6958] loop4: detected capacity change from 0 to 164
[  110.408278][ T6968] netlink: 'syz.3.1301': attribute type 12 has an invalid length.
[  110.418211][ T6968] loop3: detected capacity change from 0 to 128
[  110.429194][ T6958] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.440163][ T6958] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.441865][ T6968] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  110.458570][ T6968] FAT-fs (loop3): Filesystem has been set read-only
[  110.465785][ T6958] Symlink component flag not implemented
[  110.471723][ T6958] Symlink component flag not implemented
[  110.479424][ T6958] Symlink component flag not implemented (7)
[  110.485439][ T6958] Symlink component flag not implemented (116)
[  110.658739][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.764805][ T6991] netlink: 'syz.2.1310': attribute type 1 has an invalid length.
[  110.787024][ T6991] 8021q: adding VLAN 0 to HW filter on device bond2
[  110.877583][ T7002] loop2: detected capacity change from 0 to 128
[  110.889229][ T7007] netlink: 'syz.0.1314': attribute type 12 has an invalid length.
[  110.937034][ T7007] loop0: detected capacity change from 0 to 128
[  111.020511][ T7007] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  111.022625][ T7020] loop3: detected capacity change from 0 to 1024
[  111.030736][ T7007] FAT-fs (loop0): Filesystem has been set read-only
[  111.095612][ T7020] EXT4-fs: inline encryption not supported
[  111.161901][ T7020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.263834][ T7034] netlink: 'syz.0.1323': attribute type 1 has an invalid length.
[  111.327509][ T7034] 8021q: adding VLAN 0 to HW filter on device bond3
[  111.430791][ T7039] bond3: (slave batadv1): Opening slave failed
[  111.496073][   T29] kauditd_printk_skb: 339 callbacks suppressed
[  111.496127][   T29] audit: type=1400 audit(1763498918.156:3949): avc:  denied  { create } for  pid=7041 comm="syz.4.1325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  111.636706][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.655783][   T29] audit: type=1400 audit(1763498918.316:3950): avc:  denied  { append } for  pid=7045 comm="syz.1.1327" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  111.679082][   T29] audit: type=1400 audit(1763498918.316:3951): avc:  denied  { open } for  pid=7045 comm="syz.1.1327" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  111.761056][   T29] audit: type=1326 audit(1763498918.406:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  111.784574][   T29] audit: type=1326 audit(1763498918.406:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  111.808145][   T29] audit: type=1326 audit(1763498918.406:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  111.831655][   T29] audit: type=1326 audit(1763498918.406:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  111.855184][   T29] audit: type=1326 audit(1763498918.406:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  111.878774][   T29] audit: type=1326 audit(1763498918.406:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  111.902360][   T29] audit: type=1326 audit(1763498918.406:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7052 comm="syz.1.1331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e76bdf6c9 code=0x7ffc0000
[  112.009386][ T7074] 9p: Unknown access argument : -22
[  112.041237][ T7077] batadv_slave_1: entered promiscuous mode
[  112.861673][ T7076] batadv_slave_1: left promiscuous mode
[  112.899883][ T7125] loop4: detected capacity change from 0 to 1024
[  112.937671][ T7128] loop1: detected capacity change from 0 to 128
[  113.017218][ T7125] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  113.070608][ T7134] netlink: 'syz.0.1366': attribute type 12 has an invalid length.
[  113.078935][ T7125] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  113.081404][ T7134] loop0: detected capacity change from 0 to 128
[  113.100855][   T12] buffer_io_error: 68327 callbacks suppressed
[  113.100874][   T12] Buffer I/O error on dev loop1, logical block 305, lost async page write
[  113.135913][ T7125] EXT4-fs (loop4): failed to initialize system zone (-117)
[  113.147574][ T7134] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  113.157761][ T7134] FAT-fs (loop0): Filesystem has been set read-only
[  113.167378][ T7125] EXT4-fs (loop4): mount failed
[  113.229356][ T7125] loop4: detected capacity change from 0 to 512
[  113.282346][ T7143] loop2: detected capacity change from 0 to 512
[  113.293144][ T7125] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.328336][ T7143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.343987][ T7143] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.359345][ T7125] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.430876][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.449557][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.538646][ T7163] 9p: Unknown access argument : -22
[  113.556521][ T7161] __nla_validate_parse: 21 callbacks suppressed
[  113.556537][ T7161] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1374'.
[  113.587996][ T7161] loop4: detected capacity change from 0 to 128
[  113.602036][ T7161] bio_check_eod: 48834 callbacks suppressed
[  113.602062][ T7161] syz.4.1374: attempt to access beyond end of device
[  113.602062][ T7161] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  113.622015][ T7161] syz.4.1374: attempt to access beyond end of device
[  113.622015][ T7161] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  113.636398][ T7161] syz.4.1374: attempt to access beyond end of device
[  113.636398][ T7161] loop4: rw=2049, sector=177, nr_sectors = 24 limit=128
[  113.691041][ T7161] syz.4.1374: attempt to access beyond end of device
[  113.691041][ T7161] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[  113.728929][ T7170] syz.4.1374: attempt to access beyond end of device
[  113.728929][ T7170] loop4: rw=2049, sector=305, nr_sectors = 80 limit=128
[  113.729790][ T7161] syz.4.1374: attempt to access beyond end of device
[  113.729790][ T7161] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[  113.784069][ T7170] syz.4.1374: attempt to access beyond end of device
[  113.784069][ T7170] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[  113.807094][ T7161] syz.4.1374: attempt to access beyond end of device
[  113.807094][ T7161] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[  113.817289][ T7170] syz.4.1374: attempt to access beyond end of device
[  113.817289][ T7170] loop4: rw=2049, sector=409, nr_sectors = 8 limit=128
[  113.834806][ T7170] syz.4.1374: attempt to access beyond end of device
[  113.834806][ T7170] loop4: rw=2049, sector=425, nr_sectors = 8 limit=128
[  113.961978][ T3444] Buffer I/O error on dev loop4, logical block 305, lost async page write
[  114.039585][ T7176] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1378'.
[  114.061855][ T7178] loop3: detected capacity change from 0 to 1024
[  114.081831][ T7178] EXT4-fs: inline encryption not supported
[  114.129063][ T7178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.247510][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.275832][ T7186] netlink: 'syz.4.1383': attribute type 12 has an invalid length.
[  114.292339][ T7186] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1383'.
[  114.305930][ T7186] loop4: detected capacity change from 0 to 128
[  114.315441][ T7186] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  114.325775][ T7186] FAT-fs (loop4): Filesystem has been set read-only
[  114.355613][ T7190] loop3: detected capacity change from 0 to 512
[  114.377533][ T7163] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1376'.
[  114.382505][ T7190] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  114.410971][ T7190] EXT4-fs (loop3): 1 truncate cleaned up
[  114.467717][ T7190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.560183][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.619908][ T7199] loop4: detected capacity change from 0 to 512
[  114.631553][ T7199] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  114.659915][ T7203] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1388'.
[  114.680146][ T7203] loop2: detected capacity change from 0 to 128
[  114.698210][ T7199] EXT4-fs (loop4): 1 truncate cleaned up
[  114.704336][ T7199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.792840][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.907485][ T7203] Buffer I/O error on dev loop2, logical block 305, async page read
[  114.926215][ T7203] Buffer I/O error on dev loop2, logical block 306, async page read
[  114.960765][ T7203] Buffer I/O error on dev loop2, logical block 307, async page read
[  114.977254][ T7203] Buffer I/O error on dev loop2, logical block 308, async page read
[  114.985427][ T7203] Buffer I/O error on dev loop2, logical block 309, async page read
[  115.007319][ T7203] Buffer I/O error on dev loop2, logical block 310, async page read
[  115.025506][ T7203] Buffer I/O error on dev loop2, logical block 311, async page read
[  115.043493][ T7203] Buffer I/O error on dev loop2, logical block 312, async page read
[  115.086622][ T7218] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1393'.
[  115.203280][ T7220] loop1: detected capacity change from 0 to 1024
[  115.220363][ T7220] EXT4-fs: inline encryption not supported
[  115.256843][ T7220] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.304992][ T7222] netlink: 'syz.0.1395': attribute type 10 has an invalid length.
[  115.314128][ T7222] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1395'.
[  115.361903][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.422678][ T7231] loop1: detected capacity change from 0 to 512
[  115.437175][ T7231] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  115.458337][ T7231] EXT4-fs (loop1): 1 truncate cleaned up
[  115.472174][ T7231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.518265][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.553858][ T7239] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1399'.
[  115.564459][ T7237] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1400'.
[  115.645286][ T7249] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1405'.
[  115.715842][ T7251] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  115.809721][ T7260] loop0: detected capacity change from 0 to 128
[  115.930113][ T7269] loop4: detected capacity change from 0 to 1024
[  115.987433][ T7269] EXT4-fs: inline encryption not supported
[  116.051635][ T7269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.220588][ T7264] ==================================================================
[  116.228713][ T7264] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  116.236535][ T7264] 
[  116.238858][ T7264] write to 0xffffea00055f3998 of 8 bytes by task 7191 on cpu 1:
[  116.246491][ T7264]  __filemap_remove_folio+0x1a5/0x2a0
[  116.251894][ T7264]  filemap_remove_folio+0x6d/0x1d0
[  116.257011][ T7264]  truncate_inode_folio+0x42/0x50
[  116.262036][ T7264]  shmem_undo_range+0x244/0xa80
[  116.266920][ T7264]  shmem_evict_inode+0x134/0x520
[  116.271888][ T7264]  evict+0x2e3/0x550
[  116.275791][ T7264]  iput+0x4ed/0x650
[  116.279621][ T7264]  dentry_unlink_inode+0x24f/0x260
[  116.284819][ T7264]  __dentry_kill+0x18d/0x4b0
[  116.289423][ T7264]  dput+0x5e/0xd0
[  116.293065][ T7264]  __fput+0x444/0x650
[  116.297049][ T7264]  ____fput+0x1c/0x30
[  116.301048][ T7264]  task_work_run+0x131/0x1a0
[  116.305645][ T7264]  do_exit+0x483/0x15c0
[  116.309818][ T7264]  do_group_exit+0xff/0x140
[  116.314319][ T7264]  get_signal+0xe58/0xf70
[  116.318662][ T7264]  arch_do_signal_or_restart+0x96/0x440
[  116.324206][ T7264]  irqentry_exit_to_user_mode+0x5b/0xa0
[  116.329763][ T7264]  irqentry_exit+0x12/0x50
[  116.334191][ T7264]  asm_exc_page_fault+0x26/0x30
[  116.339041][ T7264] 
[  116.341359][ T7264] read to 0xffffea00055f3998 of 8 bytes by task 7264 on cpu 0:
[  116.348896][ T7264]  folio_mapping+0xa1/0xe0
[  116.353320][ T7264]  evict_folios+0xe05/0x3590
[  116.357914][ T7264]  try_to_shrink_lruvec+0x5b5/0x950
[  116.363126][ T7264]  shrink_lruvec+0x22e/0x1b50
[  116.367810][ T7264]  shrink_node+0x686/0x2120
[  116.372327][ T7264]  do_try_to_free_pages+0x3f6/0xcd0
[  116.377527][ T7264]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  116.383514][ T7264]  try_charge_memcg+0x383/0xa10
[  116.388367][ T7264]  obj_cgroup_charge_pages+0xa6/0x150
[  116.393753][ T7264]  __memcg_kmem_charge_page+0x9f/0x170
[  116.399212][ T7264]  __alloc_frozen_pages_noprof+0x188/0x360
[  116.405033][ T7264]  alloc_pages_mpol+0xb3/0x260
[  116.409831][ T7264]  alloc_pages_noprof+0x90/0x130
[  116.414765][ T7264]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  116.420594][ T7264]  __kvmalloc_node_noprof+0x483/0x670
[  116.425974][ T7264]  ip_set_alloc+0x24/0x30
[  116.430313][ T7264]  hash_netiface_create+0x282/0x740
[  116.435572][ T7264]  ip_set_create+0x3cc/0x970
[  116.440174][ T7264]  nfnetlink_rcv_msg+0x4c6/0x590
[  116.445119][ T7264]  netlink_rcv_skb+0x123/0x220
[  116.449894][ T7264]  nfnetlink_rcv+0x167/0x16c0
[  116.454580][ T7264]  netlink_unicast+0x5c0/0x690
[  116.459346][ T7264]  netlink_sendmsg+0x58b/0x6b0
[  116.464102][ T7264]  __sock_sendmsg+0x145/0x180
[  116.468779][ T7264]  ____sys_sendmsg+0x31e/0x4e0
[  116.473539][ T7264]  ___sys_sendmsg+0x17b/0x1d0
[  116.478228][ T7264]  __x64_sys_sendmsg+0xd4/0x160
[  116.483089][ T7264]  x64_sys_call+0x191e/0x3000
[  116.487776][ T7264]  do_syscall_64+0xd2/0x200
[  116.492283][ T7264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.498193][ T7264] 
[  116.500519][ T7264] value changed: 0xffff88811d618d90 -> 0x0000000000000000
[  116.507616][ T7264] 
[  116.509932][ T7264] Reported by Kernel Concurrency Sanitizer on:
[  116.516085][ T7264] CPU: 0 UID: 0 PID: 7264 Comm: syz.1.1412 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  116.525839][ T7264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  116.535933][ T7264] ==================================================================
[  116.657668][   T29] kauditd_printk_skb: 209 callbacks suppressed
[  116.657682][   T29] audit: type=1326 audit(1763498923.326:4168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7257 comm="syz.2.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e56ef6c9 code=0x7ffc0000
[  116.708500][ T6698] Bluetooth: hci0: command 0x1003 tx timeout
[  116.714623][ T3538] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  116.847185][ T3328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.