last executing test programs:

5.03991247s ago: executing program 2 (id=428):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_group_source_req(r1, 0x0, 0x2c, &(0x7f00000007c0)={0x4, {{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x4e21, @local}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@nouid32}]}, 0xc1, 0x7e9, &(0x7f00000017c0)="$eJzs3c1rHG8dAPDvbF42SauJIGh7CggaKN2YGlsFDxEPIlgo6Nk2bLahZpMt2U1pQqDpQfAiqHgQ9NKzL/UgePXlqv+EeJAW0TRYT7oys7t53d0kbXa3/fXzgck8M/PMPPPN88yzz+4MuwF8sKbTP7mIKxHxwyRisrk+iYiRLDUcsdDI93p3u5hOSdTr3/pnkuX57aWDYyXN+aXmwqcj4o/fi7iWO17qeHNeLq03U7O11Yez1c2t6w9WF5dLy6W1m3Pz8zduffHWzZN7val//2Xr8ssfff1zv14Yjk89/8GfkliIy81te7vbxbc8/AnTMd38n4yk/8IjvnbRhQ1YMugT4I2kl+ZQ4yqPKzEZQ1mqg7e9AAGAd8KTiKgDAB+Y5LTX/yFDBAD4aGl9DrC3u11sTYP9RKK//vHViBhrxN+6v9nYMty8ZzeW3Qed2EuO3BlJImLqAsqfjoif/+47v0yn6NF9SIB2dp425nu7+WP9f5L2f6OnHyHfccvnu+1Wb+w3fWy1/g/65/fp+OdLJ8d/V/cf6BnL/h4b/4zl21y7b+L06z/3osOuZ+ibTpeO/75y6Nm2g/Hf/kNrU0PNpY9lY76R5P6Dcint2z4eETMxkk+X57Ks7Z+Cmnn131edyj88/vvXj7/7i7T8dH6QI/diOB/1xnN5/8vG60uLtcWLiD2L/2nE1eF28Sf749/kSP0v7Ed6p+NRj1bNN778/Z91ypnGn8bbmk7G31v1ZxGfbVv/B3WZdH0+cTZrDrOtRtHGb/7204lO5R/Ufz6bp+W33gv0Q1r/E93jn0pT1c2tlcVyubRePX8Zf342+YdO2w63//bxZ+3/iLT9jybfztKtlvZ4sVZbn4sYTb55cv2Ng31by638afwzn2l//bdv/42+IH1PeG9/qbvhl6O/ah6qbfyZnU7x91Ya/9K56r9Lot7c59im569XhjqVf7b6n89SM801Z+n/TjnTt2jNAAAAAAAAAAAAAAAAAAAAAAAAAHB+uYi4HEmusJ/O5QqFxm94fzImcuVKtXbtfmVjbSmy38qeipFc66suJw99H+pc8/vwW8s3ji1/ISI+ERE/yY9ny4Vipbw06OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOnS0d//f5LOCoXGtr/nB312AEDPjA36BACAvvP6DwAfnvO9/o/37DwAgP459/v/etKbEwEA+ubMr//3enseAED/uP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAj925fTud6v/Z3S6my0uPNjdWKo+uL5WqK4XVjWKhWFl/WFiuVJbLpUKxstrxQDuNWblSeTgfaxuPZ2ulam22url1d7WysVa7+2B1cbl0tzTSt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oyqm1sri+VyaV2iS2K8NN45TxIRAz/D0xJpXV/kAYff0ZB3/jqSteuumWPqvWn8o13yJBdZ1vjxNYd7ifFBdE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA74X/BwAA///YTBJy")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES32=r5, @ANYRESDEC=0x0, @ANYRES8, @ANYRESDEC=r2], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r8, 0x0, 0x6}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r11 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r11, 0x2284, &(0x7f0000000080))

4.478201085s ago: executing program 2 (id=436):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x2c, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x0, @remote, 0x7}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000080)=0x10)
ioctl$sock_ifreq(r2, 0x8922, &(0x7f0000000800)={'wg0\x00', @ifru_flags=0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_setup(0x7f, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)
r6 = getpid()
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x51, 0x1, 0x0, 0x0, 0x0, 0x7, 0x98142, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x4190, 0xaea}, 0x4105, 0x1, 0x6, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40000000000a9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x3ff, &(0x7f0000000500))
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_misc(r8, &(0x7f0000000240), 0xfffffecc) (fail_nth: 3)
ioctl$FIONREAD(r8, 0x541b, &(0x7f0000000000))
sched_setscheduler(r6, 0x3, &(0x7f00000000c0)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x10000, &(0x7f0000000740)={[{@session={'session', 0x3d, 0x34}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@map_off}, {@nojoliet}, {@mode={'mode', 0x3d, 0x4}}, {@map_acorn}]}, 0x5, 0x55a, &(0x7f00000001c0)="$eJzs3V9v094ZwPHH/fOjy1g1bRNCVYFD2aQidcFJaFDExeQ5J+kBx45sB7VXqKIpqkhhAiaNXo0btknbC9jVxO1exF7C3gnaS9hPtpOS/klSSpNU8P1EcE7sY5/nJK4fOYltAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYrlV2y5Y4hm/takGc6th0Bgyv7e+u0eKIf2KWMk/WViQ69mk67/6PPta8t+KLGfPlmUhKRbk4KfXfv7wl3MzveWHBDQRb94dvNjudNqvpx3IWM0OnFPXvokC03DqWpkoUJVy2b63UYtUzXg62opi3VBuqJ04CNWqe1cVKpWS0vmtoOXXq46nexMf/LZo22X1KN/UThgF/r1H+cjdMJ5n/HraJpmdtHmQbIiPTaxi7TSU2t3rtEujwk8aFYa2sERkr9MuKjU7dJMq2sVioVAsFsrrlfUHtj3XP2E+mWAfIycWmf5Gi+m64D04cH4z3fwvnhjxpSWbok59uFKVUAJpDJjf1cv/v7mnh/bbn/97Wf7659lLkub/m9mzm4Py/4BYJvd4I+/kQF7ItnSkI215PfWIJvuoixZfjEQSiJGGOOkU1Z2ipCJlKYstT2VDahKJkpoY8URLJFsSSSw63aJcCUWLI7EEEoqSVXHlrigpSEUqUhIlWvKyJYG0xJe6VMVJ17Ire+nrXhoS42GjwlkaFYc0Gpr/18n/36HfXZUvfUMvficOnNP/e/l/sPnJRQMAAAAAAMbBSj99t9LD/BtprWY8bU87LAAAAAAAcIHSb/6XkyL9mv+GWBz/AwAAAADwrbHSc+wsEcnJray2K3tiSVv4EAAAAAAAgG9E+v3/zaTIJbVbYh1eCYXjfwAAAAAAvhF/HXmN/ah5xfrP//4VhvPW++bmr619J2nn7M9my80eX2NcW7IWuytJi/Jc95mrl63u1S8PL4L5qVvsjorDuoAA5O9yO2tzeycrd3pzsl5yNePpvBt4DwviOIszsd6M//hy708iSe9/8xuLluzuddr5Z686O2ks75O1vN/vXkDxxHUUh8TyNr3eQnrOxakjnk9PxOj2m8v6tfvHP5MtPvMFfX6QlazNSi4rc0fHv1AzP3TXctrou1EUvnLkH+RO1ubO6p2sOBGFp4v5Qe9BN4piFsU/F5MozvVanCGK0qgoSr3XYv5z918SBQBMy+6ILGTJibx7jr3cZLL7B1nN2qwupTvWuaVT9uj2qD26/ZXZ7d/zx29+dEoUhSSKpN9/HMuqH5MFPg7sN/KKlvVnkdm3+3/oTdt+3n7eflkslsr2fdteL8p8OoxuQe4BAJxi9D12Rraw7o84qv7F4U8K8vJMXklHdmQtPdsg/cXBqWvN9f0MYW3EUWuu7w4vayOO6nJ9N3o5e9vSBN4JAAAmZ2VEHj5L/l8bcdx9NJcfuUPwD8ePjvtzOQAAGA8dfrJy8V+sMDTNp4VKpeDEG1qFgftYhaZa18r4sQ7dDceva9UMgzhwAy+pPDFVHamo1WwGYaxqQaiaQWQ20zu/q+6t3yPdcPzYuFHT006klRv4sePGqmoiVzVbv/dMtKFDVQuuSNTUrqkZ14lN4KsoaIWuzisVad3X0FS1H5uaSaq+aoam4YRb6kngtRpaVXXkhqYZB2EaTa8v49eCsJGuNj/tFxsAgEvizbuDF9udTvv1GCvTHiMAADiKLA0AAAAAAAAAAAAAAAAAAAAAwOU3xtP+rPGfWXjWyn+vZqO9LPGMt2L/5HsZ6VkrP7scYZyrcqX7lzqgjTWu3qe5VwIwCT8GAAD//1LIRy8=")
openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x187)

3.343802024s ago: executing program 2 (id=450):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700010000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = inotify_init1(0x0)
ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f0000000280)=""/230)
inotify_add_watch(r5, &(0x7f0000000400)='.\x00', 0xa4000021)
read(r5, 0x0, 0x20)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x48, 0x140d, 0x200, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x5}, 0x24000000)
close(r5)
open(0x0, 0x40, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x20000023896)
ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})
bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
quotactl_fd$Q_SYNC(0xffffffffffffffff, 0xffffffff80000102, 0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r0, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000040)={[{0x2b, 'cpu'}]}, 0x5)

2.425844174s ago: executing program 2 (id=460):
unshare(0x62040200)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], 0x0}, 0x94)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, <r1=>0x0}, &(0x7f00000014c0)=0xc)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000801, r1, &(0x7f0000001500)={0xfffffffffffffe00, 0x24f, 0x9, 0x9, 0x0, 0xfffffffffffffffb, 0x1, 0x2, 0x6})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000002200f9ff00000000000000000000ed0000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x108)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xdebd1000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000440)={{}, {0x1, 0x6}, [], {}, [{0x8, 0x1}], {0x10, 0x3}, {0x20, 0x7}}, 0x2c, 0x1)
ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, &(0x7f0000001600))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x29)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
r7 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsmount(r7, 0x0, 0x0)

1.737872094s ago: executing program 4 (id=471):
ioctl$EXT4_IOC_SETFSUUID(0xffffffffffffffff, 0x4008662c, &(0x7f0000000600)={0x0, 0x0, "1cdab5116b3d63dfbdf24ccadafab4fc"})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0}, 0x38)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00')
writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)='2', 0x1}], 0x1)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x8804, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000480)={<r2=>0x0, <r3=>0x0})
recvmmsg(r1, &(0x7f0000000340)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000680)=""/89, 0x59}, {&(0x7f0000000fc0)=""/4089, 0xff9}, {&(0x7f0000000540)=""/91, 0x5b}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000400)=""/88, 0x58}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000ec0)=""/200, 0xc8}}], 0x1, 0x0, &(0x7f0000003700)={r2, r3+10000000})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {}, {@usrquota}, {@data_err_ignore}, {@init_itable}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x559, &(0x7f0000000940)="$eJzs3d9rW1UcAPDvTdv91nYwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0XUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbtdnSmc8Hbjkn996c+82939NzcxISwMAaz/4UIl6OiG+SiNGISPJ1w5GvHF/bbvXBtZlsSaJe//SvpLFdVm8+V3O/g3nlpYj47auIE4WN7VaXV+ZL5XK6mNcnaguXJ6rLKycvLpTm0rn00tT09Om3p6fee/ednsX6xrl/vv/kzoenvz62+t0v9w7fSuJMHMrXtcaxA9dbK+Mxnr8mI3HmsQ0ne9DYbpL0+wDYlqE8z0ci6wNGYyjPeuD/78uIqAMDKpH/MKCa44DmvX2P7oOfG/c/WLsB2hj/8Np7I7GvcW90YDV55M4ou98d60H7WRu//nn7VrZE796HANjS9RsRcWp4eGP/l+T93/ad6mKbx9vQ/8Gzcycb/7zZbvxTWB//RJvxz8E2ubsdW+d/4V4PmukoG/+933b8uz5pNTaU115ojPlGkgsXy2nWt70YEcdjZG9W32w+5/Tq3Xqnda3jv2zJ2m+OBfPjuDe899F9Zku10k5ibnX/RsQrbce/yfr5T9qc/+z1ONdlG0fT2691Wrd1/E9X/aeI19ue/4czWsnm85MTjethonlVbPT3zaO/d2q/3/Fn5//A5vGPJa3ztdUnb+PHff+mndY9En90f/3vST5rlPfkj10t1WqLkxF7ko83Pj71cN9mvbl9Fv/xY5v3f63Xf/NQ9kfE513Gf/PIz692FX+fzv/sE53/Jy/c/eiLHzq1313/91ajdDx/pJv+r9sD3MlrBwAAAAAAALtNISIORVIorpcLhWJx7fMdR+JAoVyp1k5cqCxdmo3Gd2XHYqTQnOkebfk8xGT+edhmfeqx+nREHI6Ib4f2N+rFmUp5tt/BAwAAAAAAAAAAAAAAAAAAwC5xsMP3/zN/DPX76ICnzk9+w+DaMv978UtPwK7k/z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT586ezZb66oNrM1l99sry0nzlysnZtDpfXFiaKc5UFi8X5yqVuXJanKksbPV85Url8uRULF2dqKXV2kR1eeX8QmXpUu38xYXSXHo+HXkmUQEAAAAAAAAAAAAAAAAAAMDzpbq8Ml8ql9NFBYVtFYZ3x2EotCuMxrZ373fPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/RcAAP//DhQ21A==")
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @multicast1}, {0x0, 0x17c1, 0x8}}}}}, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x20}, 0x23}, 0x1c)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x345)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xc, 0xb}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000050000006500000002"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001fc0)={0x1a, 0x15, &(0x7f0000002080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRESHEX=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000)

1.644022558s ago: executing program 2 (id=473):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000400a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
flistxattr(0xffffffffffffffff, &(0x7f0000000640)=""/157, 0x9d)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)

1.615885889s ago: executing program 4 (id=474):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x5, 0x7fffffff}]})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={0x0, 0x5}, 0x8)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/rt_cache\x00')
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000040)="4e680dad52390fcf7117b5af5b568a87b412eff6ef804bc215441c2ee439a0077547d89d52bc54058ea008587c54a58302a9f4be1a35e1a06afaad3d55d1f94fdac1bdac4ae1d5cd", 0x48, r1}, 0x68)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r3}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r4, 0x0, 0x81}, 0x8c)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38400000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x4000804)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x0, 0xa00)
recvmmsg(r6, &(0x7f0000000800)=[{{&(0x7f0000000280)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000780), 0x0, &(0x7f00000007c0)=""/3, 0x3}, 0x8}], 0x1, 0x2, 0x0)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r7, &(0x7f0000000200)={0xe0000002})
poll(&(0x7f00000000c0)=[{r10, 0x1009}], 0x1, 0x8000007)
socket$nl_route(0x10, 0x3, 0x0)

1.515152074s ago: executing program 3 (id=476):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
ftruncate(r0, 0xa75)
ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r1, &(0x7f0000000100)="15", 0x1, 0x1, &(0x7f0000000140)={0xa, 0x4e23, 0x7ff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
sendmsg$inet6(r1, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r1, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0x0, 0x4}, &(0x7f0000000080)=0x9c)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000000014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a0000000500040001000000c1590c9fe92c70409533a7acaf3d7072b144c5f5c963697b3ff9bea20eba159d251d57a146ac718289d253f3be698fed96dc6035adef29a07823dc76dea18307c0b1366c07f0145dcd4b556e3129ca"], 0x4c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010027bd7000fbd3df2502000000050004000100000005000400010000001400020076657468315f746f5f7465616d0000000900030073797a32000000000900010073797a"], 0x68}, 0x1, 0x0, 0x0, 0x4000145}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000ac0)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd30, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee11, 0x0, 0x0, 0x3], [0x0, 0x8, 0x3]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x4c845}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)=@getchain={0x54, 0x66, 0x8, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x3, 0x6}, {0x2, 0xb}, {0xc, 0xd}}, [{0x8, 0xb, 0xb}, {0x8, 0xb, 0x75}, {0x8, 0xb, 0xf31}, {0x8, 0xb, 0x8000}, {0x8, 0xb, 0x896}, {0x8, 0xb, 0xca}]}, 0x54}, 0x1, 0x0, 0x0, 0x24054}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@noblock_validity}, {}, {@sysvgroups}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nolazytime}, {@quota}, {@nomblk_io_submit}], [{@subj_role={'subj_role', 0x3d, '^#{]#@&&'}}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
close_range(r2, 0xffffffffffffffff, 0x0)

829.005134ms ago: executing program 1 (id=487):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x1c, r1, 0x607, 0x1, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0xd}]}, 0x1c}}, 0x24044004)

751.880967ms ago: executing program 1 (id=488):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x22000402, &(0x7f00000006c0)={[{@dioread_lock}, {@noblock_validity}, {@nodioread_nolock}, {@discard}, {@nouser_xattr}, {@auto_da_alloc_val, 0x2e}, {@mb_optimize_scan}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x85, 0x4f5, &(0x7f0000001040)="$eJzs3M1v2+QfAPCv0zbtXtvtN/1gL7DAQFQM2rUbsAMHQCDtAkKCwziWrkyDbkNbkdg0sYLQOCL+goE4ISFx4sIJJA7ABRBXOIMmTaiXFQ4oyImdJm3aJm3XsubzkZw8j/3Yj7+2n8T2EyeAjlVKX5KI7RHxa0T0V7ONBUrVt9mZK+N/zVwZT6JcfunPpFLu1syV8bxoPt+2LDNYiCi8n8T+JvVevHT5jbHJyYkLWX546uybwxcvXX70zNmx0xOnJ86NHj9+7OjIE4+PPtZSHFeXmZ7GdWvfO+cP7D3xykfPj5fj1e8/T9d3eza9Po6qgZbqXUopSlHOzI0tVl4fXPXS/1t21KWT7g1cEdrSFRHp7uqptP/+6Iq5ndcfz71Xy3y7QSsI3Dbpd9OuBWO7svdC7fsL2IwSbRw6VP6Nn17/5sN6nn9stJtPp68Tlfhns+HHF6rbppBeyw5Ur9i75s1XzN7/32SZfWn56gzl/mXq3x4RJ6f/vp4O0fQ+xBKSlksCANR8nZ7/PNLs/K/QcG6zM+tDGYiIwxGxOyL+FxF7olArc1dE3N1m/aV5+YXnPz9vaXORbUnP/57M+rbyoToljyup5XZU4u9JXjszOXEk2yaD0dOb5keWqOObZ3/5cLFppbrzv3RI68/PBbP1uNHd1zjPqbGpsVWE3ODmuxH7upvFn9R6AtItsDci9q1g+ek2O/PwZwfS9M5tC6cvH/8ikqzjYpXKn0Q8VN3/0zEv/rqq0poW658c7ovJiSPD+VGx0A8/XXuxPt9Tl26Iv6+1mPpWGmwT6f7fOu/4ry4/iz9vBvP6a6fbqOPabx8sek3TEH9XXJ+dSeJkw8ILN7p7I2LL3GZLj/9i8nIlnV+HvT02NXVhJKKYjWgYPzq3tDyfl0/jHzzUvP3vjvjn42y+/RGRHsT3RMS9EXEwW/f7IuL+iDi0RPzfPfPA60tvoRUc/2skjf9U08+/2vE/kNT317ef+P3TiK8Wq7+lz7/eY5XUYDamlc+/VldwNdsOAAAA7hSFSh90UhjK03U3p/bE1sLk+YtTh0vx1rlT1b7qgegp5He6+uvuh45k94bz/GiaLs7lj0bErsovjbZU8kPj5yd3bGTgQOVZnbz992bjhoaq73/M/9ELsPm01Y9W/6OzL75c+5UB1pXnNaFzaf/QubR/6FzaP3SuZu3/asTsBqwKsM5a+/4ve9wcNqF2z/9dL8DmoT1D59L+oSMtfCQ+/7uVFTzpX5fYfWJVsy9IFNdoOXmi3L/GC6wmptufq+s2rEaaiLo/7Vi8cBIRK6siCkuXKcaly323Ia5mifyhlZbnKixb5qnlNkvPav4To5I4mCV6I6LVua62sE/X7vhJJW77AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd7R/AwAA//8F5d/c")
r4 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x4, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000640)=[{0x0}], 0x178)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x10a900, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2})
ioctl$TUNSETPERSIST(r5, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c00000000000000000000000000000002000005050005000a00000e"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x2000c800)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={r3, @in={{0x2, 0x2, @empty}}, 0x0, 0x0, 0x5dc, 0x0, 0x32, 0x3}, 0x9c)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={r3, 0xb}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff"], 0x48)
epoll_pwait(0xffffffffffffffff, 0xffffffffffffffff, 0x40, 0x8000005, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000140)={[{@stripe={'stripe', 0x3d, 0x5}}, {@init_itable}, {@discard}, {@acl}, {@grpjquota}, {@bsdgroups}, {@discard}, {@quota}]}, 0x5, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
r7 = open$dir(&(0x7f0000000600)='.\x00', 0x20000, 0x50)
getsockopt$bt_hci(r6, 0x0, 0x2, &(0x7f00000002c0)=""/247, &(0x7f0000000400)=0xf7)
quotactl_fd$Q_QUOTAON(r7, 0xffffffff80000200, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000580), 0x121081, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffbf8}, 0x94)
getsockopt$inet6_tcp_int(r6, 0x6, 0x9, &(0x7f0000000080), &(0x7f0000000280)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getcwd(&(0x7f0000000140)=""/237, 0xfffffee1)

749.583907ms ago: executing program 2 (id=489):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x9]}, 0x8)
close(r1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x42718, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000001c0)="441e38001149aa3d88cc0a387ecffcfcbaf2670fcadaae0d850b264604d5e60af0ed418694f81b67a2f9408d3b24151cd5c9ac81d527c93979cd358da3b3eb2c6a", 0x41}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r2 = msgget$private(0x0, 0x144)
msgctl$IPC_SET(r2, 0x1, &(0x7f00000001c0)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x1ff, 0x11, 0x0, 0x0, 0xffffffffffff75ba, 0xfffffffffffffff9, 0x8abd, 0x5})
msgrcv(r2, 0x0, 0x0, 0x3, 0x0)
setuid(0xee01)
msgctl$IPC_STAT(r2, 0x2, 0x0)
fcntl$setstatus(r1, 0x4, 0x2c00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r3, 0x0, 0x7fff}, 0x18)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x8000003d)
fcntl$notify(r4, 0x402, 0xc0000030)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x21)
close(r6)

692.151619ms ago: executing program 0 (id=490):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x70}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x80, 0x0, 0x1, 0x5, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x6c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0xffffffc3, 0x1, @dev={0xac, 0x14, 0x14, 0x27}}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0x24, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x100e}]}, 0x80}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x80c40a, &(0x7f0000000180)={[{@noblock_validity}, {@dioread_lock}, {@init_itable_val={'init_itable', 0x3d, 0xb8f}}, {@nodiscard}, {@inlinecrypt}, {@usrjquota, 0x2e}, {@sb={'sb', 0x3d, 0x7}}, {@nodiscard}, {@jqfmt_vfsv0}, {@noload}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@noload}], [], 0x2c}, 0x81, 0x463, &(0x7f0000000480)="$eJzs3EtvG0UcAPD/bpK+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRqiIBoXJE/QTAEYlPwAkuCDiBuMIdIVWoF1oOaNHaa9c4dmrHTp3Gv5+02ZndtWf+3h17dsZOAH1rNP+TROyKiN8iYjgiBuoPGC2vbly/PHPz+uWZJLLszb+S/GHx9/XLM5VDk2K9s8iMpRHpJ0kcaFDuwsVLZ6fn5mYvFPmJxXPvTSxcvPTcmXPTp2dPz56fOnbs6JHJF1+Yer4rce7O67r/w/mD+46/ffX1mRNX3/nx67y+u4r9tXGUjXRc5miMVl+Tek92/Owby+5i3SxeNqa8rQ9GxFCp/Q/HQClXNhyvfdzTygHrKsuybOuKrdUewHIGbGJJ9LoGQG9UPujz+9/Kcge7Hz137eXyDVAe941iKe8ZjLQ4Zqjm/rbbRiPixPI/n+dLNByHAADorm/z/s+zjfp/aTxQc9w9xdzQSETcGxF7IuK+iNgbEfdHlI59MCIearP80br8yv7PL9vXFFiL8v7fS8Xc1v/7f5XeX4wMFLndpfiHklNn5mYPF6/JWAxtzfOTq5Tx3au/ftZsX23/L1/y8it9waIefw7WDdCdnF6c7iTmWtc+Ko0BLq2MP6nOBCQRsS8i9q/h+bdFxJmnvzrYbP/t41/F4BoqVCf7MuKp8vlfjrr4K5LV5ycntsXc7OGJylWx0k8/X3mjWfkdxd8F+fnf0fD6r8Y/ktTO1y60X8aV3z9tek+z1ut/S/JWKb2l2PbB9OLihcmILcnyyu1Ttx5byVeOz+MfO9Qg/ptZ/h737xfF4w5ERH4RPxwRj0TEo0XdH4uIxyPiUIPYsqXy+odXnnh37fGvrzz+k22d//YTA2e//6ZZ+a2d/6Ol1FixpZX3v1Yr2MlrBwAAAHeLtPQd+CQdr6bTdHy8/B3+vbEjnZtfWHzm1Pz750+Wvys/EkNpZaRruGY8dLIYG67kp+ryR0rjxlmWZdtL+fGZ+bn1mlMHWrOzSfvP/THQ69oB666teTS/8IJNpQvz6MBdSvuH/qX9Q//S/qF/NWr/SxE3elAV4A67zef/rf8SAGw6+v/Qv7R/6F/aP/SlTn7Xv1piz/H1eubNlhjYGNVoOxHphqhGS4mh4mqvbkk3SMVKia0R0erBS3GnKtbjNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu+S8AAP//28vuNQ==")
chdir(&(0x7f0000000140)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x10)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40305829, &(0x7f0000000e00)={0x17c04, r3, 0x299f25fd, 0x2004000003, 0x400000006, 0xff})
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@nojournal_checksum}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x39, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x36, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=")
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0)

652.510111ms ago: executing program 4 (id=491):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r2}, 0x18)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r4, 0x1276, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x1, 0x0, &(0x7f0000000000))
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x2000000, 0x0, 0xa25bb844b084a7a1}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_UNIMAPCLR(r6, 0x4b68, 0x0)

615.990403ms ago: executing program 0 (id=492):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)=@ipv4_newaddr={0x50, 0x14, 0x200, 0x70bd25, 0x25dfdbfc, {0x2, 0x80, 0x8d, 0xfd}, [@IFA_LOCAL={0x8, 0x2, @private=0xa010100}, @IFA_ADDRESS={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x44}}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7b}, @IFA_FLAGS={0x8, 0x8, 0x204}, @IFA_BROADCAST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x442}, @IFA_FLAGS={0x8, 0x8, 0x400}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x448c0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$setlease(r1, 0x400, 0x2)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x20000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2, {0x8}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

614.827383ms ago: executing program 0 (id=493):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10, 0x1000}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}}}]}, 0x48}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x9658, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd9b, 0x3}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x8f17, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a40)={0x20, r2, 0xc4fc9e906872338b, 0x70bd2e, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0x4, 0x37}}}}}, 0x20}}, 0x40000)

605.173183ms ago: executing program 1 (id=494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0100000008000000010000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x70, 0x70, 0x6, [@struct={0x4, 0x7, 0x0, 0x4, 0x1, 0x8, [{0xf, 0x4, 0x6}, {0xb, 0x1, 0xd}, {0xc, 0x0, 0xc1}, {0x3, 0x3, 0x9}, {0xd, 0x5, 0x1}, {0x3, 0x1, 0x4}, {0xd, 0x1, 0x8}]}, @var={0x1, 0x0, 0x0, 0xe, 0x5}]}, {0x0, [0x2e, 0x5f, 0x30, 0x30]}}, &(0x7f0000000640)=""/4096, 0x8e, 0x1000, 0x0, 0x5}, 0x28)

539.883546ms ago: executing program 1 (id=495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_group_source_req(r1, 0x0, 0x2c, &(0x7f00000007c0)={0x4, {{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x4e21, @local}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@nouid32}]}, 0xc1, 0x7e9, &(0x7f00000017c0)="$eJzs3c1rHG8dAPDvbF42SauJIGh7CggaKN2YGlsFDxEPIlgo6Nk2bLahZpMt2U1pQqDpQfAiqHgQ9NKzL/UgePXlqv+EeJAW0TRYT7oys7t53d0kbXa3/fXzgck8M/PMPPPN88yzz+4MuwF8sKbTP7mIKxHxwyRisrk+iYiRLDUcsdDI93p3u5hOSdTr3/pnkuX57aWDYyXN+aXmwqcj4o/fi7iWO17qeHNeLq03U7O11Yez1c2t6w9WF5dLy6W1m3Pz8zduffHWzZN7val//2Xr8ssfff1zv14Yjk89/8GfkliIy81te7vbxbc8/AnTMd38n4yk/8IjvnbRhQ1YMugT4I2kl+ZQ4yqPKzEZQ1mqg7e9AAGAd8KTiKgDAB+Y5LTX/yFDBAD4aGl9DrC3u11sTYP9RKK//vHViBhrxN+6v9nYMty8ZzeW3Qed2EuO3BlJImLqAsqfjoif/+47v0yn6NF9SIB2dp425nu7+WP9f5L2f6OnHyHfccvnu+1Wb+w3fWy1/g/65/fp+OdLJ8d/V/cf6BnL/h4b/4zl21y7b+L06z/3osOuZ+ibTpeO/75y6Nm2g/Hf/kNrU0PNpY9lY76R5P6Dcint2z4eETMxkk+X57Ks7Z+Cmnn131edyj88/vvXj7/7i7T8dH6QI/diOB/1xnN5/8vG60uLtcWLiD2L/2nE1eF28Sf749/kSP0v7Ed6p+NRj1bNN778/Z91ypnGn8bbmk7G31v1ZxGfbVv/B3WZdH0+cTZrDrOtRtHGb/7204lO5R/Ufz6bp+W33gv0Q1r/E93jn0pT1c2tlcVyubRePX8Zf342+YdO2w63//bxZ+3/iLT9jybfztKtlvZ4sVZbn4sYTb55cv2Ng31by638afwzn2l//bdv/42+IH1PeG9/qbvhl6O/ah6qbfyZnU7x91Ya/9K56r9Lot7c59im569XhjqVf7b6n89SM801Z+n/TjnTt2jNAAAAAAAAAAAAAAAAAAAAAAAAAHB+uYi4HEmusJ/O5QqFxm94fzImcuVKtXbtfmVjbSmy38qeipFc66suJw99H+pc8/vwW8s3ji1/ISI+ERE/yY9ny4Vipbw06OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOnS0d//f5LOCoXGtr/nB312AEDPjA36BACAvvP6DwAfnvO9/o/37DwAgP459/v/etKbEwEA+ubMr//3enseAED/uP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAj925fTud6v/Z3S6my0uPNjdWKo+uL5WqK4XVjWKhWFl/WFiuVJbLpUKxstrxQDuNWblSeTgfaxuPZ2ulam22url1d7WysVa7+2B1cbl0tzTSt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oyqm1sri+VyaV2iS2K8NN45TxIRAz/D0xJpXV/kAYff0ZB3/jqSteuumWPqvWn8o13yJBdZ1vjxNYd7ifFBdE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA74X/BwAA///YTBJy")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES32=r5, @ANYRESDEC=0x0, @ANYRES8, @ANYRESDEC=r2], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r8, 0x0, 0x6}, 0x18)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r11 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r11, 0x2284, &(0x7f0000000080))

539.220726ms ago: executing program 0 (id=496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xc, 0xb}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff85000000040000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000)

527.608437ms ago: executing program 0 (id=497):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)

485.893869ms ago: executing program 4 (id=498):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)

436.173181ms ago: executing program 0 (id=499):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000400a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
flistxattr(r0, &(0x7f0000000640)=""/157, 0x9d)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)

419.903362ms ago: executing program 4 (id=500):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4008, &(0x7f0000000480)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}, {@abort}, {@noload}, {@noblock_validity}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@orlov}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x490, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvbH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKoUaWhMhRKsHPBoS78b/wnjSi1EvmnjVuyEhhguolzGzM0OXZbfd0qXbsp9PMt33ZqY77ztv3uybeTsbQNcayv4kEdsj4o+IGMizt68wlL/cvH5p4p/rlyaSSNO3/06q6924fmmiXLX8v215Jk2L/KYG2738XsT4zMzU+SI/Mn/2w5G5CxdfnD47fnrq9NS5sePHjxze139s7Ghb4sziurHnk9m9u0+8e+XNiZNX3v85qUQed9TF0S5D+d5t6Jl2b6zDdtSkk97aJft/XUw3OhLopJ6IyKqrr9r+B6InttxaNhCvf97RwgH3VJqm6RJn5YUUuI8l0ekSAJ1RftBn17/ltEZdj3Xh2iv5BVAW981iypf0RiVP7O+ru77d3sbtD0XEyYV/v86mWOl9iP42FgQA6BrfZ/2fFxr1/yrxSJ6o9jIeKMZQBiPiwYjYGREPRcSuiHg4orruoxHx2Aq3Xz9Ccmf/p3L1roNrQdb/e7kY27q9/1cpVxnsKXI7qvH3JaemZ6YOFfvkYPRtOjWdTI0usY0fXvv9y2bLavt/2ZRtv+wLFuW42lt3g25yfH58NTHXuvZZxJ7eRvEnUQ7jJBGxOyL23OU2pp/rbbps+fiX0PxtW5Z+E/FsXv8LURd/KWk6Pjn60rGxoyObY2bq0Eh5VNzpl98uv1Ukt9QvW1X8bZDV/9aGx/+t+AeTzRFzFy6eqY7Xzq3o7bOmE5f//KLpNU0Rf9a8Wjn+T+wojv/+5J3qjPIS6OPx+eqppD95o37+/PmxxXcr89XX0Tz+gwcat/+dsbgnHo+IvRGxLyKeyC4Ki7I/GRFPRcSBJXbCT68+/cEy8Teo/7UZK83in1yu/qO2/lee6Dnz43fLx785IprV/5Fq6mAxp5XzX6sFXM2+AwAAgI0i/w58Uhm+la5Uhofz7/Dviq2Vmdm5+edPzX50bjIf9x6Mvkp5p2ug5n7oaHFvuMyP1eUPF/eNv+rZUs0PT8zOTHY6eOhy25q0/8xfPZ0uHXDPtTSO1vxZNmADa8M4OrBBaf/QnRLtH7raYvtv56NtwEbQ6PP/06ZrD397TwsDrCn9f+heLbT/hfylea8A2Jh8/kP30v6hKzV9Nr6yqkf+1zzxX/F7huulPJ1KpMnqfquh9URU1knI93uit+Ufs1hBIh3I2382Z1PDdTp9ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiP/wMAAP//KeDh8Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x420, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x4}}}]}, 0x78}}, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000080)=0x6a, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0x6}, {0x8, 0x2, [@TCA_BASIC_EMATCHES={0x4}]}}]}, 0x38}}, 0x48014)

406.984182ms ago: executing program 3 (id=501):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1d, 0x2, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000c40)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x4000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id\xf7\xff\xffe{')
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r3 = syz_io_uring_setup(0x64d, &(0x7f0000000100)={0x0, 0x11f8, 0x8, 0x2, 0x801e7}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r3})
io_uring_enter(r3, 0x749d, 0x4, 0x0, 0x0, 0x0)

256.072589ms ago: executing program 3 (id=502):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
unshare(0x20000400)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000380)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x8, 0x2c, 0x0, @remote, @local, {[], {{0x2b00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

171.485502ms ago: executing program 3 (id=503):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb0100180000000000000038000000380000000c000000000000000000000202000000000000000400000d"], 0x0, 0x5c, 0x0, 0x1}, 0x28)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)

170.964713ms ago: executing program 3 (id=504):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)=@ipv4_newaddr={0x50, 0x14, 0x200, 0x70bd25, 0x25dfdbfc, {0x2, 0x80, 0x8d, 0xfd}, [@IFA_LOCAL={0x8, 0x2, @private=0xa010100}, @IFA_ADDRESS={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x44}}, @IFA_RT_PRIORITY={0x8, 0x9, 0x7b}, @IFA_FLAGS={0x8, 0x8, 0x204}, @IFA_BROADCAST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x442}, @IFA_FLAGS={0x8, 0x8, 0x400}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x448c0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$setlease(r1, 0x400, 0x2)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x20000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2, {0x8}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

131.352534ms ago: executing program 1 (id=505):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x448, 0x0, 0x2b8, 0xb0000010, 0x0, 0x5c8f0200, 0x378, 0x3a8, 0x3a8, 0x378, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x280, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x10000000, 0x3}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x2, 0x1}, {0xffffffffffffffff, 0x1, 0x2}, {0x1, 0x2, 0x2}, 0x4f6, 0x5}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4a8)
setreuid(0x0, 0xee01)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_FW_DOWNLOAD(r3, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="192c2fbd7000fcdbdf2515000000080014006e666310080001006e9d"], 0x24}, 0x1, 0x0, 0x0, 0x8800}, 0x840)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x89, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xd6)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r6}, 0x18)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRES8=r1, @ANYBLOB="3e0f3e67470473d139de40a3ebe740329d8131ae207ea02f46188554"], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000100), &(0x7f0000000200)=0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r9 = dup2(r5, r5)
openat$cgroup_ro(r9, &(0x7f0000000340)='cpuacct.usage_all\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0x1218088, &(0x7f00000005c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d14fb20e5127150de"], 0xa, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZHOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZndk1uyayWXH382n24Xl+33meJxmySZEnH74823+Qx6OnX/wSWZZEbxzjOExiFL1ofBUnjL8JAOD/7LAo4vdiYZ1cEhHZ5pYFAGzQav//+23zp0tZFgCwQffffe/tnd3du+9kkcW92dcHk/KTffl3Mb7zKD6OaTyM12IYRxHV+4T6g3/ZvlcUxbyfl0ZxazY/mJTJ2QfP6uvv/BZR5bdjGKPjWPVuo8q/tXt3u4rng05+Xq7j+Xr+cZm/E8N48Th8In9nkc+7+Zik8eornfXfjmH8/FF8EtN4UC2izX+5nedvFt/+8fn75fLKfDI/mAyqulaxdZnPCwAAAAAAAAAAAAAAAAAAAAAAV9vtvDl8J78Zt2ZlV33+ztZRWtfUJaM2VY4vWknT1TkfqDQv4vvOkYJ5URe25/v046V+92BBAAAAAAAAAAAAAAAAAAAAuL6efPrZ/t50+vDxhTSa0wD6EfHn/Yh/e51xp+dmnF88qOfcm057dfNEzbO02xNbTU0Sce4yyk1c0MPyT43nTq+5afzwY7nBdS6YdXpeX77BG5vfV3N37e8ly+caRNOT1TfJd2lEW5PGinOlZw0Vsc7tly4dGq699/SFqjE/s6Y5B+Os67zx62K87klO7yKtHtWls9+oG534qXtjpec9skX8768VSXVax2BDr0QAAAAAAAAAAAAAAAAAAED77d8lg0/PjfYKXwUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ipof/9/jca8Dq9QnMbjJ//xFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgG/goAAP///CFRHg==")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00')

90.783586ms ago: executing program 3 (id=506):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x9}, 'port1\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810da, 0x8})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x20000, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0xa1, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x4, 0x0, 0x25dfdbfc, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'caif0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c044}, 0x34000884)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x18, 0x7ffc1fff}]})
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r7, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000001c0)={0x800000, 0x0, 0xfdfffffd, 0x5, 0x3ffd, 0x7})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000300)={0x800080, 0x7ff, 0x2, 0xfff, 0xfd, 0x4})

83.285046ms ago: executing program 4 (id=507):
mlockall(0x2)
r0 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
shmctl$SHM_LOCK(r0, 0xb)
r1 = shmat(r0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000001980)={'syztnl2\x00', 0x0, 0x4, 0x8, 0x7, 0x2, 0x28, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x10, 0x80, 0x3ff, 0x7}})
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x48010}, 0x0)
openat2(0xffffffffffffffff, &(0x7f0000001a00)='./file0\x00', &(0x7f0000001a40)={0x0, 0x9a, 0x4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=ANY=[], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r3}, 0x10)
pause()
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000840)={[{@grpjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=")
r4 = syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd733, 0x80, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000001a80)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x4, &(0x7f0000000180)={0x0, &(0x7f00000001c0)})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r7, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r8, 0x0, 0x10007ffffffff}, 0x18)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
io_uring_enter(r4, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)
pause()
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x0, 0xee00, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0xb, 0x6f76, 0x7, 0x0, 0x1, 0x8, 0x7f, 0x3})
listxattr(&(0x7f0000000200)='./file1\x00', 0x0, 0x0)
shmctl$SHM_UNLOCK(r0, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 1 (id=508):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0x2c600, 0x0, 0xbe, 0x0, &(0x7f00000007c0))
ftruncate(0xffffffffffffffff, 0xc17a)
chdir(&(0x7f0000000140)='./bus\x00')
symlink(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
r3 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8, 0xa0}, &(0x7f0000010080), &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4), 0xc)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
sendmmsg$inet(r2, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="6938d1", 0x3}], 0x1, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @multicast1}}}], 0x20}}], 0x1, 0x4000000)

kernel console output (not intermixed with test programs):

)
[   31.513610][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.522259][ T3499] EXT4-fs: inline encryption not supported
[   31.534544][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.543393][ T3499] EXT4-fs: journaled quota format not specified
[   31.560452][ T2561] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.577907][ T2561] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.612780][ T2561] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.643705][ T2561] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.660360][ T2561] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.678935][ T2561] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.716195][ T2561] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.733530][ T2561] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.741948][ T3516] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3516 comm=syz.3.9
[   31.754403][ T3516] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3516 comm=syz.3.9
[   31.938466][ T3519] loop1: detected capacity change from 0 to 512
[   31.945426][ T3519] =======================================================
[   31.945426][ T3519] WARNING: The mand mount option has been deprecated and
[   31.945426][ T3519]          and is ignored by this kernel. Remove the mand
[   31.945426][ T3519]          option from the mount to silence this warning.
[   31.945426][ T3519] =======================================================
[   32.017371][ T3520] netlink: 300 bytes leftover after parsing attributes in process `syz.4.5'.
[   32.111954][ T3519] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.128129][ T3519] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   32.232140][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.410577][ T3533] loop0: detected capacity change from 0 to 512
[   32.417383][ T3533] EXT4-fs: Ignoring removed orlov option
[   32.453636][ T3533] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.13: corrupted in-inode xattr: bad e_name length
[   32.562876][ T3533] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.13: couldn't read orphan inode 15 (err -117)
[   32.638619][ T3529] loop2: detected capacity change from 0 to 512
[   32.665212][ T3533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.678621][ T3545] capability: warning: `syz.4.16' uses 32-bit capabilities (legacy support in use)
[   32.702511][ T3529] EXT4-fs error (device loop2): ext4_init_orphan_info:583: comm syz.2.11: inode #0: comm syz.2.11: iget: illegal inode #
[   32.731625][ T3529] EXT4-fs (loop2): get orphan inode failed
[   32.737588][ T3529] EXT4-fs (loop2): mount failed
[   32.746902][ T3533] EXT4-fs (loop0): shut down requested (1)
[   32.761738][ T3548] loop4: detected capacity change from 0 to 128
[   32.778712][ T3548] FAT-fs (loop4): Directory bread(block 162) failed
[   32.785323][ T3548] FAT-fs (loop4): Directory bread(block 163) failed
[   32.793340][ T3533] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   32.815186][ T3548] FAT-fs (loop4): Directory bread(block 164) failed
[   32.825285][ T3548] FAT-fs (loop4): Directory bread(block 165) failed
[   32.836367][ T3548] FAT-fs (loop4): Directory bread(block 166) failed
[   32.843121][ T3548] FAT-fs (loop4): Directory bread(block 167) failed
[   32.850162][ T3548] FAT-fs (loop4): Directory bread(block 168) failed
[   32.856865][ T3548] FAT-fs (loop4): Directory bread(block 169) failed
[   32.874293][ T3548] FAT-fs (loop4): Directory bread(block 162) failed
[   32.894655][ T3528] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   32.902480][ T3528] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   32.912424][ T3548] FAT-fs (loop4): Directory bread(block 163) failed
[   32.925826][ T3548] syz.4.18: attempt to access beyond end of device
[   32.925826][ T3548] loop4: rw=3, sector=226, nr_sectors = 6 limit=128
[   32.939388][ T3528] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[   32.947519][ T3548] syz.4.18: attempt to access beyond end of device
[   32.947519][ T3548] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128
[   32.961446][ T3528] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   32.971728][ T3556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.023216][ T3533] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.051001][ T3558] fido_id[3558]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   33.098264][ T3533] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.131942][ T3562] loop3: detected capacity change from 0 to 512
[   33.134950][ T3533] netlink: 'syz.0.13': attribute type 21 has an invalid length.
[   33.145959][ T3533] netlink: 128 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.162529][ T3562] EXT4-fs: Ignoring removed i_version option
[   33.168568][ T3562] EXT4-fs: Ignoring removed bh option
[   33.173316][ T3533] netlink: 'syz.0.13': attribute type 4 has an invalid length.
[   33.227839][ T3562] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.279143][ T3562] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   33.315162][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.342371][ T3568] xt_hashlimit: max too large, truncated to 1048576
[   33.408280][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.474978][ T3526] syz.2.11 (3526) used greatest stack depth: 7480 bytes left
[   33.478958][ T3579] netlink: 260 bytes leftover after parsing attributes in process `syz.0.24'.
[   33.538076][ T3580] loop1: detected capacity change from 0 to 512
[   33.547614][ T3584] netlink: 'syz.3.28': attribute type 21 has an invalid length.
[   33.555356][ T3584] netlink: 128 bytes leftover after parsing attributes in process `syz.3.28'.
[   33.585317][ T3580] EXT4-fs error (device loop1): ext4_init_orphan_info:583: comm syz.1.25: inode #0: comm syz.1.25: iget: illegal inode #
[   33.603138][ T3584] netlink: 'syz.3.28': attribute type 4 has an invalid length.
[   33.609788][ T3580] EXT4-fs (loop1): get orphan inode failed
[   33.610834][ T3584] netlink: 'syz.3.28': attribute type 5 has an invalid length.
[   33.616640][ T3580] EXT4-fs (loop1): mount failed
[   33.624063][ T3584] netlink: 3 bytes leftover after parsing attributes in process `syz.3.28'.
[   33.674369][ T3593] loop2: detected capacity change from 0 to 128
[   33.723104][ T3595] loop4: detected capacity change from 0 to 2048
[   33.747343][ T3593] syz.2.30: attempt to access beyond end of device
[   33.747343][ T3593] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[   33.772039][ T3595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.806811][ T3321] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   33.821830][ T3321] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   33.835089][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.867892][ T3601] 9pnet_fd: Insufficient options for proto=fd
[   33.886778][ T3601] loop4: detected capacity change from 0 to 512
[   33.905090][    C0] hrtimer: interrupt took 29136 ns
[   33.919712][ T3601] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.932410][ T3601] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   33.986631][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.988824][ T3604] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   34.009285][ T3604] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   34.030431][ T3604] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   34.045998][ T3604] EXT4-fs (loop2): 1 truncate cleaned up
[   34.060617][ T3609] EXT4-fs: Ignoring removed orlov option
[   34.067477][ T3604] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.102012][ T3609] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.35: corrupted in-inode xattr: bad e_name length
[   34.129493][ T3609] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.35: couldn't read orphan inode 15 (err -117)
[   34.142193][ T3609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.156008][ T3609] EXT4-fs (loop4): shut down requested (1)
[   34.162325][ T3609] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   34.172830][ T3528] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[   34.180616][ T3528] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[   34.223959][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.239992][ T3613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.35'.
[   34.252616][ T3528] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[   34.261284][ T3613] netlink: 12 bytes leftover after parsing attributes in process `syz.4.35'.
[   34.288260][ T3528] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   34.372060][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.395471][ T3624] --map-set only usable from mangle table
[   34.442383][ T3627] netlink: 'syz.2.41': attribute type 4 has an invalid length.
[   34.723354][ T3644] bridge0: port 3(batadv1) entered blocking state
[   34.729949][ T3644] bridge0: port 3(batadv1) entered disabled state
[   34.757760][ T3644] batadv1: entered allmulticast mode
[   34.768418][ T3644] batadv1: entered promiscuous mode
[   34.809552][ T3646] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.931963][ T3319] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   34.953533][ T3658] EXT4-fs: Ignoring removed orlov option
[   34.978624][ T3319] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   34.978639][ T3658] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.52: corrupted in-inode xattr: bad e_name length
[   35.008669][ T3658] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.52: couldn't read orphan inode 15 (err -117)
[   35.021113][ T3658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.036528][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.038923][ T3658] EXT4-fs (loop2): shut down requested (1)
[   35.053665][ T3658] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   35.069652][   T10] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[   35.077364][   T10] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[   35.085339][   T10] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x3
[   35.086113][ T3664] syz.1.54: attempt to access beyond end of device
[   35.086113][ T3664] loop1: rw=2049, sector=953, nr_sectors = 88 limit=128
[   35.097936][   T10] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   35.155975][ T3663] syz.0.55: attempt to access beyond end of device
[   35.155975][ T3663] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[   35.180688][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.208505][ T3670] EXT4-fs (loop3): too many log groups per flexible block group
[   35.224482][ T3668] fido_id[3668]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   35.237112][ T1685] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   35.247177][ T1685] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   35.258310][ T3670] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   35.265138][ T3670] EXT4-fs (loop3): mount failed
[   35.344385][ T3677] FAT-fs (loop1): Directory bread(block 162) failed
[   35.372545][ T3677] FAT-fs (loop1): Directory bread(block 163) failed
[   35.387867][ T3677] FAT-fs (loop1): Directory bread(block 164) failed
[   35.414574][ T3677] FAT-fs (loop1): Directory bread(block 165) failed
[   35.428683][ T3677] FAT-fs (loop1): Directory bread(block 166) failed
[   35.445516][ T3677] FAT-fs (loop1): Directory bread(block 167) failed
[   35.452187][ T3677] FAT-fs (loop1): Directory bread(block 168) failed
[   35.467701][ T3677] FAT-fs (loop1): Directory bread(block 169) failed
[   35.476448][ T3677] FAT-fs (loop1): Directory bread(block 162) failed
[   35.487722][ T3677] FAT-fs (loop1): Directory bread(block 163) failed
[   35.500005][ T3677] syz.1.58: attempt to access beyond end of device
[   35.500005][ T3677] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[   35.624064][ T3677] syz.1.58: attempt to access beyond end of device
[   35.624064][ T3677] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[   35.641193][ T3698] netlink: 'syz.0.64': attribute type 4 has an invalid length.
[   35.921730][ T3718] Zero length message leads to an empty skb
[   35.968698][ T3713] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.995753][   T29] kauditd_printk_skb: 193 callbacks suppressed
[   35.995812][   T29] audit: type=1400 audit(1764947428.662:293): avc:  denied  { read } for  pid=3723 comm="syz.1.75" name="vsock" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   36.040021][ T3725] EXT4-fs: inline encryption not supported
[   36.046913][   T29] audit: type=1400 audit(1764947428.712:294): avc:  denied  { create } for  pid=3712 comm="syz.3.71" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[   36.047079][ T3713] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   36.107798][ T3725] EXT4-fs: Ignoring removed nobh option
[   36.113361][ T3725] EXT4-fs: Ignoring removed bh option
[   36.162568][ T3725] EXT4-fs: Mount option(s) incompatible with ext2
[   36.169103][   T29] audit: type=1400 audit(1764947428.832:295): avc:  denied  { write } for  pid=3723 comm="syz.1.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   36.179153][ T3724] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   36.226271][ T3724] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   36.242234][ T3724] EXT4-fs (loop1): 1 truncate cleaned up
[   36.248313][ T3724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.261791][   T29] audit: type=1400 audit(1764947428.892:296): avc:  denied  { setopt } for  pid=3719 comm="syz.0.74" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   36.283961][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.292126][   T29] audit: type=1400 audit(1764947428.952:297): avc:  denied  { ioctl } for  pid=3723 comm="syz.1.75" path="/dev/vsock" dev="devtmpfs" ino=257 ioctlcmd=0x7b9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   36.391809][   T29] audit: type=1326 audit(1764947429.061:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3732 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83c303f749 code=0x7ffc0000
[   36.420422][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.453515][   T29] audit: type=1326 audit(1764947429.061:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3732 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83c303f749 code=0x7ffc0000
[   36.476717][   T29] audit: type=1326 audit(1764947429.061:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3732 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83c303f749 code=0x7ffc0000
[   36.500066][   T29] audit: type=1326 audit(1764947429.061:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3732 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83c303f749 code=0x7ffc0000
[   36.523282][   T29] audit: type=1326 audit(1764947429.061:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3732 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83c303f749 code=0x7ffc0000
[   36.525333][ T3731] set_capacity_and_notify: 14 callbacks suppressed
[   36.525363][ T3731] loop3: detected capacity change from 0 to 512
[   36.588231][ T3731] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   36.607883][ T3731] EXT4-fs (loop3): 1 truncate cleaned up
[   36.609873][ T3731] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.657404][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.686195][ T3752] loop0: detected capacity change from 0 to 512
[   36.707898][ T3752] EXT4-fs: Ignoring removed bh option
[   36.762652][ T3754] loop2: detected capacity change from 0 to 1024
[   36.770901][ T3752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.838939][ T3754] EXT4-fs: Ignoring removed oldalloc option
[   36.844937][ T3754] EXT4-fs: Ignoring removed bh option
[   36.854224][ T3752] ext4 filesystem being mounted at /15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   36.949068][ T3774] loop4: detected capacity change from 0 to 128
[   37.076364][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.086304][ T3754] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.212128][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.223546][ T3796] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   37.252318][ T3798] netlink: 'syz.2.97': attribute type 4 has an invalid length.
[   37.290913][ T3800] __nla_validate_parse: 9 callbacks suppressed
[   37.290926][ T3800] netlink: 4 bytes leftover after parsing attributes in process `syz.2.98'.
[   37.319081][ T3800] netlink: 12 bytes leftover after parsing attributes in process `syz.2.98'.
[   37.334373][ T3800] netlink: 12 bytes leftover after parsing attributes in process `syz.2.98'.
[   37.462183][ T3807] bridge0: port 3(batadv1) entered blocking state
[   37.468638][ T3807] bridge0: port 3(batadv1) entered disabled state
[   37.475424][ T3807] batadv1: entered allmulticast mode
[   37.481740][ T3807] batadv1: entered promiscuous mode
[   37.524905][ T3811] loop2: detected capacity change from 0 to 128
[   37.561096][ T3813] loop0: detected capacity change from 0 to 2048
[   37.579323][ T3815] loop2: detected capacity change from 0 to 512
[   37.600035][ T3815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.612688][ T3815] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.613461][ T3813] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.653280][ T3813] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   37.671046][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.733084][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.824694][ T3827] loop3: detected capacity change from 0 to 2048
[   37.836190][ T3830] loop0: detected capacity change from 0 to 512
[   37.842842][ T3830] EXT4-fs: Ignoring removed orlov option
[   37.900737][ T3827] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.921438][ T3834] netlink: 12 bytes leftover after parsing attributes in process `syz.2.111'.
[   37.931036][ T3830] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.110: corrupted in-inode xattr: bad e_name length
[   37.961896][ T3827] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   37.977035][ T3830] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.110: couldn't read orphan inode 15 (err -117)
[   37.989475][ T3830] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.003385][ T3830] EXT4-fs (loop0): shut down requested (1)
[   38.003553][ T2361] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   38.018429][ T2361] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   38.028932][ T3830] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   38.045026][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.048852][ T1038] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4
[   38.061839][ T1038] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2
[   38.070531][ T3843] bridge0: port 4(batadv2) entered blocking state
[   38.070622][ T1038] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x3
[   38.077045][ T3843] bridge0: port 4(batadv2) entered disabled state
[   38.085564][ T3843] batadv2: entered allmulticast mode
[   38.100484][ T1038] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   38.111685][ T3830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.110'.
[   38.122161][ T3843] batadv2: entered promiscuous mode
[   38.128901][ T3830] netlink: 12 bytes leftover after parsing attributes in process `syz.0.110'.
[   38.164451][ T3830] netlink: 12 bytes leftover after parsing attributes in process `syz.0.110'.
[   38.181968][ T3848] fido_id[3848]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   38.200747][ T3850] loop1: detected capacity change from 0 to 2048
[   38.232700][ T3850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.257135][ T3861] --map-set only usable from mangle table
[   38.264996][ T3850] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   38.290518][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.326895][ T3847] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   38.343838][ T3847] EXT4-fs (loop3): 1 truncate cleaned up
[   38.363923][ T3847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.406542][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.438861][ T3867] netlink: 4 bytes leftover after parsing attributes in process `syz.2.124'.
[   38.456512][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.494061][ T3867] netlink: 12 bytes leftover after parsing attributes in process `syz.2.124'.
[   38.555787][ T3873] EXT4-fs error (device loop0): ext4_init_orphan_info:583: comm syz.0.122: inode #0: comm syz.0.122: iget: illegal inode #
[   38.584278][ T3867] netlink: 12 bytes leftover after parsing attributes in process `syz.2.124'.
[   38.612910][ T1685] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[   38.622156][ T1685] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[   38.667410][ T3873] EXT4-fs (loop0): get orphan inode failed
[   38.715371][ T3873] EXT4-fs (loop0): mount failed
[   38.802505][ T3885] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   38.830034][ T3871] FAULT_INJECTION: forcing a failure.
[   38.830034][ T3871] name failslab, interval 1, probability 0, space 0, times 0
[   38.842685][ T3871] CPU: 1 UID: 0 PID: 3871 Comm: syz.3.125 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.842708][ T3871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   38.842723][ T3871] Call Trace:
[   38.842733][ T3871]  <TASK>
[   38.842740][ T3871]  __dump_stack+0x1d/0x30
[   38.842760][ T3871]  dump_stack_lvl+0xe8/0x140
[   38.842778][ T3871]  dump_stack+0x15/0x1b
[   38.842793][ T3871]  should_fail_ex+0x265/0x280
[   38.842820][ T3871]  should_failslab+0x8c/0xb0
[   38.842835][ T3871]  kmem_cache_alloc_noprof+0x50/0x4a0
[   38.842866][ T3871]  ? mas_alloc_nodes+0x1a2/0x210
[   38.842891][ T3871]  mas_alloc_nodes+0x1a2/0x210
[   38.842911][ T3871]  mas_preallocate+0x2ca/0x510
[   38.842934][ T3871]  __split_vma+0x240/0x650
[   38.842961][ T3871]  vma_modify+0x3f2/0xc80
[   38.842988][ T3871]  vma_modify_policy+0x101/0x130
[   38.843021][ T3871]  mbind_range+0x1b8/0x440
[   38.843046][ T3871]  ? mas_find+0x5d5/0x700
[   38.843071][ T3871]  __se_sys_mbind+0x648/0xac0
[   38.843102][ T3871]  __x64_sys_mbind+0x78/0x90
[   38.843121][ T3871]  x64_sys_call+0x2a2b/0x3000
[   38.843140][ T3871]  do_syscall_64+0xd8/0x2a0
[   38.843161][ T3871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.843179][ T3871] RIP: 0033:0x7f21a708f749
[   38.843195][ T3871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.843208][ T3871] RSP: 002b:00007f21a5af7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   38.843228][ T3871] RAX: ffffffffffffffda RBX: 00007f21a72e5fa0 RCX: 00007f21a708f749
[   38.843241][ T3871] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000200000001000
[   38.843254][ T3871] RBP: 00007f21a5af7090 R08: 0000000000000000 R09: 0000000000000002
[   38.843266][ T3871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.843279][ T3871] R13: 00007f21a72e6038 R14: 00007f21a72e5fa0 R15: 00007fff727352f8
[   38.843295][ T3871]  </TASK>
[   39.241350][ T3893] --map-set only usable from mangle table
[   39.487781][ T3864] syz.0.122 (3864) used greatest stack depth: 6008 bytes left
[   39.540008][ T3900] netlink: 'syz.1.131': attribute type 4 has an invalid length.
[   39.583564][ T3899] bridge0: port 3(batadv1) entered blocking state
[   39.590036][ T3899] bridge0: port 3(batadv1) entered disabled state
[   39.596719][ T3899] batadv1: entered allmulticast mode
[   39.602614][ T3899] batadv1: entered promiscuous mode
[   39.753810][ T3907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.785272][ T3904] EXT4-fs: inline encryption not supported
[   39.794757][ T3904] EXT4-fs: journaled quota format not specified
[   39.893848][ T3319] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   39.909378][ T3319] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   39.921447][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.020894][ T3924] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.041041][ T3927] smc: net device bond0 applied user defined pnetid SYZ0
[   40.050322][ T3927] smc: net device bond0 erased user defined pnetid SYZ0
[   40.106431][ T3321] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   40.108285][ T3932] EXT4-fs: inline encryption not supported
[   40.121231][ T1652] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   40.136237][ T1652] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   40.148903][ T3321] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   40.161495][ T3932] EXT4-fs: journaled quota format not specified
[   40.171004][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.292830][ T3940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.292947][ T3940] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.325213][ T3940] SELinux:  Context system_u:object_r:udev_var_run_t:s0 is not valid (left unmapped).
[   40.348186][ T3940] bond1 (unregistering): Released all slaves
[   40.414711][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.455998][ T3938] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   40.463826][ T3938] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   40.631045][ T3969] EXT4-fs: inline encryption not supported
[   40.648595][ T3969] EXT4-fs: journaled quota format not specified
[   40.660918][ T3975] EXT4-fs: Ignoring removed nobh option
[   40.666644][ T3975] EXT4-fs: inline encryption not supported
[   40.693160][ T3975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.705875][ T3975] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.819722][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.862561][ T3985] 9pnet_fd: Insufficient options for proto=fd
[   40.902344][ T3985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.916138][ T3985] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.947127][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.986118][ T3993] cgroup: Name too long
[   41.074381][ T3991] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.161: bg 0: block 248: padding at end of block bitmap is not set
[   41.091767][ T3991] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.161: Failed to acquire dquot type 1
[   41.110393][ T3991] EXT4-fs (loop2): 1 truncate cleaned up
[   41.116928][ T3991] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.131278][ T3991] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.149476][ T3991] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.161: Failed to acquire dquot type 1
[   41.228395][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.250044][ T4016] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=42 sclass=netlink_audit_socket pid=4016 comm=syz.0.169
[   41.322161][   T29] kauditd_printk_skb: 570 callbacks suppressed
[   41.322175][   T29] audit: type=1400 audit(1764947433.673:869): avc:  denied  { accept } for  pid=4017 comm="syz.2.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   41.441556][ T4026] FAULT_INJECTION: forcing a failure.
[   41.441556][ T4026] name failslab, interval 1, probability 0, space 0, times 0
[   41.454288][ T4026] CPU: 0 UID: 0 PID: 4026 Comm: syz.0.173 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.454365][ T4026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   41.454448][ T4026] Call Trace:
[   41.454454][ T4026]  <TASK>
[   41.454462][ T4026]  __dump_stack+0x1d/0x30
[   41.454484][ T4026]  dump_stack_lvl+0xe8/0x140
[   41.454502][ T4026]  dump_stack+0x15/0x1b
[   41.454535][ T4026]  should_fail_ex+0x265/0x280
[   41.454568][ T4026]  ? h4_open+0x33/0xb0
[   41.454597][ T4026]  should_failslab+0x8c/0xb0
[   41.454616][ T4026]  __kmalloc_cache_noprof+0x4c/0x4c0
[   41.454657][ T4026]  h4_open+0x33/0xb0
[   41.454688][ T4026]  hci_uart_tty_ioctl+0x4c6/0x5c0
[   41.454713][ T4026]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[   41.454751][ T4026]  tty_ioctl+0x83f/0xb80
[   41.454776][ T4026]  ? __pfx_tty_ioctl+0x10/0x10
[   41.454799][ T4026]  __se_sys_ioctl+0xce/0x140
[   41.454870][ T4026]  __x64_sys_ioctl+0x43/0x50
[   41.454897][ T4026]  x64_sys_call+0x14b0/0x3000
[   41.454921][ T4026]  do_syscall_64+0xd8/0x2a0
[   41.454949][ T4026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.454968][ T4026] RIP: 0033:0x7fc41aa5f749
[   41.454981][ T4026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.454999][ T4026] RSP: 002b:00007fc4194bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   41.455030][ T4026] RAX: ffffffffffffffda RBX: 00007fc41acb5fa0 RCX: 00007fc41aa5f749
[   41.455043][ T4026] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000006
[   41.455056][ T4026] RBP: 00007fc4194bf090 R08: 0000000000000000 R09: 0000000000000000
[   41.455067][ T4026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.455078][ T4026] R13: 00007fc41acb6038 R14: 00007fc41acb5fa0 R15: 00007ffc55659868
[   41.455095][ T4026]  </TASK>
[   41.666362][   T29] audit: type=1326 audit(1764947433.991:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   41.691742][ T4028] FAULT_INJECTION: forcing a failure.
[   41.691742][ T4028] name failslab, interval 1, probability 0, space 0, times 0
[   41.697187][   T29] audit: type=1326 audit(1764947433.991:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   41.704394][ T4028] CPU: 0 UID: 0 PID: 4028 Comm: syz.2.174 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.704420][ T4028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   41.704433][ T4028] Call Trace:
[   41.704439][ T4028]  <TASK>
[   41.704447][ T4028]  __dump_stack+0x1d/0x30
[   41.704471][ T4028]  dump_stack_lvl+0xe8/0x140
[   41.704562][ T4028]  dump_stack+0x15/0x1b
[   41.704583][ T4028]  should_fail_ex+0x265/0x280
[   41.704621][ T4028]  should_failslab+0x8c/0xb0
[   41.704720][ T4028]  kmem_cache_alloc_noprof+0x50/0x4a0
[   41.704782][ T4028]  ? prepare_creds+0x39/0x550
[   41.704803][ T4028]  prepare_creds+0x39/0x550
[   41.704851][ T4028]  lookup_user_key+0x1fa/0xd10
[   41.704883][ T4028]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[   41.704918][ T4028]  __se_sys_add_key+0x268/0x350
[   41.705058][ T4028]  ? __secure_computing+0x82/0x150
[   41.705154][ T4028]  __x64_sys_add_key+0x67/0x80
[   41.705199][ T4028]  x64_sys_call+0x2ea3/0x3000
[   41.705289][ T4028]  do_syscall_64+0xd8/0x2a0
[   41.705315][ T4028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.705401][ T4028] RIP: 0033:0x7f7beee1f749
[   41.705417][ T4028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.705433][ T4028] RSP: 002b:00007f7bed887038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   41.705452][ T4028] RAX: ffffffffffffffda RBX: 00007f7bef075fa0 RCX: 00007f7beee1f749
[   41.705465][ T4028] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000200000000000
[   41.705478][ T4028] RBP: 00007f7bed887090 R08: fffffffffffffffe R09: 0000000000000000
[   41.705553][ T4028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.705565][ T4028] R13: 00007f7bef076038 R14: 00007f7bef075fa0 R15: 00007ffd6a6dbba8
[   41.705582][ T4028]  </TASK>
[   41.747876][ T4032] 9pnet_fd: Insufficient options for proto=fd
[   41.750574][   T29] audit: type=1326 audit(1764947433.991:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   41.804037][ T4035] netlink: 'syz.2.177': attribute type 4 has an invalid length.
[   41.805985][   T29] audit: type=1326 audit(1764947433.991:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   41.841754][ T4032] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.855232][   T29] audit: type=1326 audit(1764947433.991:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   41.864379][ T4032] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.871501][   T29] audit: type=1326 audit(1764947433.991:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   42.035727][   T29] audit: type=1326 audit(1764947433.991:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   42.058914][   T29] audit: type=1326 audit(1764947434.019:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   42.082248][   T29] audit: type=1326 audit(1764947434.019:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7beee1df90 code=0x7ffc0000
[   42.108412][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.172762][ T4045] xt_CT: You must specify a L4 protocol and not use inversions on it
[   42.182754][ T4052] --map-set only usable from mangle table
[   42.195418][ T4050] set_capacity_and_notify: 14 callbacks suppressed
[   42.195431][ T4050] loop0: detected capacity change from 0 to 512
[   42.209254][ T4050] EXT4-fs: Ignoring removed i_version option
[   42.231891][ T4050] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.266789][ T4050] ext4 filesystem being mounted at /33/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.309763][ T3886] IPVS: starting estimator thread 0...
[   42.347558][ T4068] loop1: detected capacity change from 0 to 128
[   42.354227][ T4069] 9pnet_fd: Insufficient options for proto=fd
[   42.380091][ T4071] smc: net device bond0 applied user defined pnetid SYZ0
[   42.396812][ T4069] loop3: detected capacity change from 0 to 512
[   42.407639][ T4065] IPVS: using max 2448 ests per chain, 122400 per kthread
[   42.436719][ T4071] smc: net device bond0 erased user defined pnetid SYZ0
[   42.452334][ T4069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.469384][ T4069] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.491483][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.502674][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.560711][ T4082] loop1: detected capacity change from 0 to 128
[   42.569882][ T4076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   42.583882][ T4076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   42.613044][ T4085] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4085 comm=syz.4.194
[   42.633653][ T4076] bond0 (unregistering): Released all slaves
[   42.648495][ T4085] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4085 comm=syz.4.194
[   42.665151][ T4085] bridge0: port 3(batadv1) entered blocking state
[   42.671585][ T4085] bridge0: port 3(batadv1) entered disabled state
[   42.678675][ T4085] batadv1: entered allmulticast mode
[   42.686909][ T4085] batadv1: entered promiscuous mode
[   42.873604][ T4106] loop3: detected capacity change from 0 to 512
[   42.883137][ T4106] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   42.893297][ T4106] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (41047!=33349)
[   42.903296][ T4106] EXT4-fs (loop3): group descriptors corrupted!
[   42.950418][ T4108] syzkaller1: entered promiscuous mode
[   42.956052][ T4108] syzkaller1: entered allmulticast mode
[   42.966655][ T4108] FAULT_INJECTION: forcing a failure.
[   42.966655][ T4108] name failslab, interval 1, probability 0, space 0, times 0
[   42.979301][ T4108] CPU: 1 UID: 0 PID: 4108 Comm: syz.4.202 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.979324][ T4108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   42.979337][ T4108] Call Trace:
[   42.979344][ T4108]  <TASK>
[   42.979352][ T4108]  __dump_stack+0x1d/0x30
[   42.979375][ T4108]  dump_stack_lvl+0xe8/0x140
[   42.979400][ T4108]  dump_stack+0x15/0x1b
[   42.979427][ T4108]  should_fail_ex+0x265/0x280
[   42.979461][ T4108]  should_failslab+0x8c/0xb0
[   42.979482][ T4108]  kmem_cache_alloc_node_noprof+0x57/0x4c0
[   42.979505][ T4108]  ? __alloc_skb+0x324/0x4d0
[   42.979584][ T4108]  __alloc_skb+0x324/0x4d0
[   42.979615][ T4108]  ? __alloc_skb+0x24d/0x4d0
[   42.979647][ T4108]  alloc_skb_with_frags+0x7d/0x470
[   42.979673][ T4108]  ? should_fail_ex+0xdb/0x280
[   42.979707][ T4108]  sock_alloc_send_pskb+0x430/0x4e0
[   42.979736][ T4108]  tun_get_user+0x9b4/0x2670
[   42.979808][ T4108]  ? ref_tracker_alloc+0x1f2/0x2f0
[   42.979944][ T4108]  ? selinux_file_permission+0x1e2/0x320
[   42.979999][ T4108]  tun_chr_write_iter+0x15e/0x210
[   42.980024][ T4108]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   42.980048][ T4108]  vfs_write+0x52a/0x960
[   42.980116][ T4108]  ksys_write+0xda/0x1a0
[   42.980147][ T4108]  __x64_sys_write+0x40/0x50
[   42.980250][ T4108]  x64_sys_call+0x2847/0x3000
[   42.980274][ T4108]  do_syscall_64+0xd8/0x2a0
[   42.980303][ T4108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.980326][ T4108] RIP: 0033:0x7f83c303f749
[   42.980403][ T4108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.980421][ T4108] RSP: 002b:00007f83c1aa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   42.980438][ T4108] RAX: ffffffffffffffda RBX: 00007f83c3295fa0 RCX: 00007f83c303f749
[   42.980451][ T4108] RDX: 0000000000000f77 RSI: 0000200000001680 RDI: 0000000000000003
[   42.980464][ T4108] RBP: 00007f83c1aa7090 R08: 0000000000000000 R09: 0000000000000000
[   42.980477][ T4108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.980526][ T4108] R13: 00007f83c3296038 R14: 00007f83c3295fa0 R15: 00007fff57a2f3b8
[   42.980546][ T4108]  </TASK>
[   43.198561][  T813] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   43.207878][  T813] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   43.311814][ T4111] netlink: 'syz.4.203': attribute type 3 has an invalid length.
[   43.462851][ T4121] syzkaller1: entered promiscuous mode
[   43.468525][ T4121] syzkaller1: entered allmulticast mode
[   43.517846][ T4129] --map-set only usable from mangle table
[   43.539557][ T4131] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   43.546782][ T4131] IPv6: NLM_F_CREATE should be set when creating new route
[   43.553988][ T4131] IPv6: NLM_F_CREATE should be set when creating new route
[   43.563001][  T813] Bluetooth: hci1: Frame reassembly failed (-84)
[   43.563868][ T4131] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   43.591944][ T4138] loop0: detected capacity change from 0 to 512
[   43.609585][ T4138] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.622390][ T4138] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.667943][ T4147] FAULT_INJECTION: forcing a failure.
[   43.667943][ T4147] name failslab, interval 1, probability 0, space 0, times 0
[   43.680587][ T4147] CPU: 0 UID: 0 PID: 4147 Comm: syz.1.216 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.680645][ T4147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   43.680652][ T4147] Call Trace:
[   43.680656][ T4147]  <TASK>
[   43.680661][ T4147]  __dump_stack+0x1d/0x30
[   43.680675][ T4147]  dump_stack_lvl+0xe8/0x140
[   43.680688][ T4147]  dump_stack+0x15/0x1b
[   43.680698][ T4147]  should_fail_ex+0x265/0x280
[   43.680848][ T4147]  should_failslab+0x8c/0xb0
[   43.680858][ T4147]  __kmalloc_noprof+0xa5/0x590
[   43.680870][ T4147]  ? security_msg_msg_alloc+0x45/0x100
[   43.680885][ T4147]  ? should_fail_ex+0xdb/0x280
[   43.680981][ T4147]  security_msg_msg_alloc+0x45/0x100
[   43.680996][ T4147]  load_msg+0x226/0x2f0
[   43.681085][ T4147]  do_mq_timedsend+0x23e/0x6b0
[   43.681103][ T4147]  __x64_sys_mq_timedsend+0xd1/0x160
[   43.681128][ T4147]  x64_sys_call+0x22db/0x3000
[   43.681141][ T4147]  do_syscall_64+0xd8/0x2a0
[   43.681158][ T4147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.681211][ T4147] RIP: 0033:0x7f3deb34f749
[   43.681220][ T4147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.681268][ T4147] RSP: 002b:00007f3de9daf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2
[   43.681279][ T4147] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34f749
[   43.681286][ T4147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   43.681293][ T4147] RBP: 00007f3de9daf090 R08: 0000000000000000 R09: 0000000000000000
[   43.681300][ T4147] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[   43.681307][ T4147] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   43.681317][ T4147]  </TASK>
[   43.705504][ T4152] 9pnet_fd: Insufficient options for proto=fd
[   43.814323][ T4155] loop1: detected capacity change from 0 to 512
[   43.879523][ T4138] bond0 (unregistering): Released all slaves
[   43.897887][ T4155] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.913770][ T4160] netlink: 'syz.4.219': attribute type 4 has an invalid length.
[   43.914221][ T4155] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.949068][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.968844][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.017897][ T4164] loop1: detected capacity change from 0 to 512
[   44.024715][ T4164] EXT4-fs: inline encryption not supported
[   44.030943][ T4164] EXT4-fs: journaled quota format not specified
[   44.105999][ T4162] siw: device registration error -23
[   44.118926][ T3551] Bluetooth: hci0: command 0x1003 tx timeout
[   44.124959][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   44.162069][ T4178] 9pnet_fd: Insufficient options for proto=fd
[   44.207347][ T4178] loop2: detected capacity change from 0 to 512
[   44.216269][ T4182] --map-set only usable from mangle table
[   44.286298][ T4178] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.313282][ T4188] loop4: detected capacity change from 0 to 1024
[   44.342917][ T4178] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.354897][ T4188] EXT4-fs: Ignoring removed oldalloc option
[   44.360852][ T4188] EXT4-fs: Ignoring removed bh option
[   44.388102][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.406157][ T4192] __nla_validate_parse: 2 callbacks suppressed
[   44.406170][ T4192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.227'.
[   44.422400][ T4192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.227'.
[   44.443607][ T4188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.557018][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.594228][ T4205] netlink: 'syz.4.231': attribute type 4 has an invalid length.
[   44.961111][ T4225] smc: net device bond0 applied user defined pnetid SYZ0
[   44.981725][ T4225] smc: net device bond0 erased user defined pnetid SYZ0
[   44.989513][ T4226] EXT4-fs: Ignoring removed oldalloc option
[   44.995492][ T4226] EXT4-fs: Ignoring removed bh option
[   45.062742][ T4226] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.248526][ T4237] netlink: 'syz.1.244': attribute type 4 has an invalid length.
[   45.405647][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.650891][ T4257] EXT4-fs: inline encryption not supported
[   45.668106][ T4257] EXT4-fs: journaled quota format not specified
[   45.745367][ T4040] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   45.751793][ T4133] FAULT_INJECTION: forcing a failure.
[   45.751793][ T4133] name failslab, interval 1, probability 0, space 0, times 0
[   45.764490][ T4133] CPU: 1 UID: 0 PID: 4133 Comm: syz.3.214 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.764561][ T4133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.764630][ T4133] Call Trace:
[   45.764637][ T4133]  <TASK>
[   45.764643][ T4133]  __dump_stack+0x1d/0x30
[   45.764669][ T4133]  dump_stack_lvl+0xe8/0x140
[   45.764746][ T4133]  dump_stack+0x15/0x1b
[   45.764764][ T4133]  should_fail_ex+0x265/0x280
[   45.764798][ T4133]  ? kobject_uevent_env+0x1c0/0x570
[   45.764883][ T4133]  should_failslab+0x8c/0xb0
[   45.764904][ T4133]  __kmalloc_cache_noprof+0x4c/0x4c0
[   45.764926][ T4133]  ? _raw_spin_lock_irq+0x53/0xa0
[   45.764956][ T4133]  kobject_uevent_env+0x1c0/0x570
[   45.765043][ T4133]  kobject_uevent+0x1d/0x30
[   45.765069][ T4133]  device_del+0x710/0x790
[   45.765161][ T4133]  rfkill_unregister+0x80/0x170
[   45.765189][ T4133]  hci_unregister_dev+0x26c/0x2b0
[   45.765312][ T4133]  hci_uart_tty_close+0x115/0x170
[   45.765340][ T4133]  ? __pfx_hci_uart_tty_close+0x10/0x10
[   45.765369][ T4133]  tty_ldisc_kill+0x8d/0x140
[   45.765470][ T4133]  tty_ldisc_hangup+0x2fa/0x370
[   45.765505][ T4133]  __tty_hangup+0x3c2/0x540
[   45.765530][ T4133]  tty_ioctl+0x601/0xb80
[   45.765554][ T4133]  ? __pfx_tty_ioctl+0x10/0x10
[   45.765574][ T4133]  __se_sys_ioctl+0xce/0x140
[   45.765607][ T4133]  __x64_sys_ioctl+0x43/0x50
[   45.765671][ T4133]  x64_sys_call+0x14b0/0x3000
[   45.765747][ T4133]  do_syscall_64+0xd8/0x2a0
[   45.765774][ T4133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.765800][ T4133] RIP: 0033:0x7f21a708f749
[   45.765816][ T4133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.765835][ T4133] RSP: 002b:00007f21a5af7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   45.765855][ T4133] RAX: ffffffffffffffda RBX: 00007f21a72e5fa0 RCX: 00007f21a708f749
[   45.765869][ T4133] RDX: 0000000000100000 RSI: 0000000000005437 RDI: 0000000000000003
[   45.765881][ T4133] RBP: 00007f21a5af7090 R08: 0000000000000000 R09: 0000000000000000
[   45.765892][ T4133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.765936][ T4133] R13: 00007f21a72e6038 R14: 00007f21a72e5fa0 R15: 00007fff727352f8
[   45.765954][ T4133]  </TASK>
[   46.296011][ T4273] EXT4-fs: Ignoring removed oldalloc option
[   46.302057][ T4273] EXT4-fs: Ignoring removed bh option
[   46.414010][ T4273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.452372][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.572684][ T4277] siw: device registration error -23
[   46.662033][ T4307] --map-set only usable from mangle table
[   46.697443][   T29] kauditd_printk_skb: 688 callbacks suppressed
[   46.697457][   T29] audit: type=1400 audit(1764947438.696:1567): avc:  denied  { write } for  pid=4296 comm="syz.2.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   46.737520][ T4308] netlink: 260 bytes leftover after parsing attributes in process `syz.2.266'.
[   46.792582][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[   46.794974][ T4318] EXT4-fs: inline encryption not supported
[   46.811746][   T29] audit: type=1400 audit(1764947438.743:1568): avc:  denied  { nlmsg_write } for  pid=4296 comm="syz.2.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   46.832315][   T29] audit: type=1400 audit(1764947438.752:1569): avc:  denied  { setopt } for  pid=4296 comm="syz.2.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   46.851752][   T29] audit: type=1400 audit(1764947438.762:1570): avc:  denied  { write } for  pid=4296 comm="syz.2.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   46.855752][ T4318] EXT4-fs: journaled quota format not specified
[   46.946762][   T29] audit: type=1400 audit(1764947438.874:1571): avc:  denied  { read } for  pid=4296 comm="syz.2.266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   46.966096][   T29] audit: type=1326 audit(1764947438.874:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4322 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41aa5f749 code=0x7ffc0000
[   46.989400][   T29] audit: type=1326 audit(1764947438.874:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4322 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41aa5f749 code=0x7ffc0000
[   47.012676][   T29] audit: type=1326 audit(1764947438.874:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4322 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41aa5f749 code=0x7ffc0000
[   47.036843][ T4329] netlink: 52 bytes leftover after parsing attributes in process `syz.0.280'.
[   47.039815][ T4329] netlink: 4 bytes leftover after parsing attributes in process `syz.0.280'.
[   47.046348][   T29] audit: type=1326 audit(1764947438.874:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4322 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41aa5f749 code=0x7ffc0000
[   47.078043][   T29] audit: type=1326 audit(1764947438.874:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4322 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41aa5f749 code=0x7ffc0000
[   47.117403][ T4329] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.127388][ T4327] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.279: Failed to acquire dquot type 0
[   47.145086][ T4329] bridge_slave_0 (unregistering): left allmulticast mode
[   47.152166][ T4329] bridge_slave_0 (unregistering): left promiscuous mode
[   47.159202][ T4329] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.167418][ T4327] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 13: block 160:freeing already freed block (bit 10); block bitmap corrupt.
[   47.182697][ T4327] EXT4-fs (loop1): 1 truncate cleaned up
[   47.189969][ T4327] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.207122][ T4333] ------------[ cut here ]------------
[   47.212620][ T4333] EA inode 11 i_nlink=2
[   47.212637][ T4333] WARNING: fs/ext4/xattr.c:1058 at 0x0, CPU#0: syz.2.281/4333
[   47.224393][ T4333] Modules linked in:
[   47.225804][ T4327] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.279: Failed to acquire dquot type 0
[   47.228404][ T4333] CPU: 0 UID: 0 PID: 4333 Comm: syz.2.281 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.228431][ T4333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.228442][ T4333] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320
[   47.265864][ T4333] Code: 41 f4 9c ff 4c 8d 2d 4a ec 20 05 49 8d 7e 40 e8 d1 78 b8 ff 49 8b 6e 40 4c 89 e7 e8 e5 73 b8 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 6c 8e b9 03 66 66 66 2e 0f 1f 84
[   47.285495][ T4333] RSP: 0018:ffffc90000e1b5a0 EFLAGS: 00010246
[   47.291568][ T4333] RAX: ffff888129983c10 RBX: ffff888108f617b0 RCX: ffffffff81bb102b
[   47.299552][ T4333] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86dbfc60
[   47.307539][ T4333] RBP: 000000000000000b R08: 0001888108f61763 R09: 0000000000000000
[   47.315524][ T4333] R10: ffffc90000e1b4d0 R11: 0001c90000e1b4d0 R12: ffff888108f61760
[   47.323486][ T4333] R13: ffffffff86dbfc60 R14: ffff888108f61718 R15: 0000000000000001
[   47.331508][ T4333] FS:  00007f7bed8876c0(0000) GS:ffff8882aedd1000(0000) knlGS:0000000000000000
[   47.340528][ T4333] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.347168][ T4333] CR2: 00007fec0b6f4000 CR3: 000000011ad44000 CR4: 00000000003506f0
[   47.355247][ T4333] Call Trace:
[   47.358537][ T4333]  <TASK>
[   47.361506][ T4333]  ext4_xattr_set_entry+0x77f/0x1020
[   47.366827][ T4333]  ext4_xattr_ibody_set+0x184/0x3c0
[   47.372085][ T4333]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[   47.377940][ T4333]  __ext4_expand_extra_isize+0x246/0x280
[   47.383572][ T4333]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   47.389107][ T4333]  ext4_evict_inode+0x7c4/0xd40
[   47.393988][ T4333]  ? __pfx_ext4_evict_inode+0x10/0x10
[   47.399376][ T4333]  evict+0x2af/0x510
[   47.403270][ T4333]  ? __dquot_initialize+0x146/0x7c0
[   47.408489][ T4333]  iput+0x4bd/0x650
[   47.412306][ T4333]  ext4_process_orphan+0x1a9/0x1c0
[   47.417416][ T4333]  ext4_orphan_cleanup+0x6a8/0xa00
[   47.422571][ T4333]  ext4_fill_super+0x3411/0x37a0
[   47.427626][ T4333]  ? set_blocksize+0x1a8/0x310
[   47.432492][ T4333]  ? sb_set_blocksize+0xfc/0x170
[   47.437434][ T4333]  ? setup_bdev_super+0x30e/0x370
[   47.442526][ T4333]  ? __pfx_ext4_fill_super+0x10/0x10
[   47.447820][ T4333]  get_tree_bdev_flags+0x291/0x300
[   47.452982][ T4333]  ? __pfx_ext4_fill_super+0x10/0x10
[   47.458278][ T4333]  get_tree_bdev+0x1f/0x30
[   47.462678][ T4333]  ext4_get_tree+0x1c/0x30
[   47.467109][ T4333]  vfs_get_tree+0x57/0x1d0
[   47.471536][ T4333]  do_new_mount+0x24d/0x6a0
[   47.476154][ T4333]  path_mount+0x4ab/0xb80
[   47.480484][ T4333]  ? user_path_at+0xbf/0x130
[   47.485082][ T4333]  __se_sys_mount+0x28c/0x2e0
[   47.489842][ T4333]  __x64_sys_mount+0x67/0x80
[   47.494441][ T4333]  x64_sys_call+0x2cca/0x3000
[   47.499126][ T4333]  do_syscall_64+0xd8/0x2a0
[   47.503635][ T4333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.509720][ T4333] RIP: 0033:0x7f7beee20eea
[   47.514150][ T4333] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.533827][ T4333] RSP: 002b:00007f7bed886e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   47.542281][ T4333] RAX: ffffffffffffffda RBX: 00007f7bed886ef0 RCX: 00007f7beee20eea
[   47.550323][ T4333] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f7bed886eb0
[   47.558285][ T4333] RBP: 0000200000000180 R08: 00007f7bed886ef0 R09: 0000000000800700
[   47.566259][ T4333] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   47.574293][ T4333] R13: 00007f7bed886eb0 R14: 000000000000046f R15: 000000000000002c
[   47.582273][ T4333]  </TASK>
[   47.585380][ T4333] ---[ end trace 0000000000000000 ]---
[   47.591212][ T4333] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #18: comm syz.2.281: iget: bad extra_isize 90 (inode size 256)
[   47.609108][ T4333] EXT4-fs (loop2): Remounting filesystem read-only
[   47.615759][ T4333] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -30)
[   47.624963][ T4333] EXT4-fs (loop2): 1 orphan inode deleted
[   47.631154][ T4333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.648486][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.684628][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.696078][ T4337] FAULT_INJECTION: forcing a failure.
[   47.696078][ T4337] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   47.709180][ T4337] CPU: 1 UID: 0 PID: 4337 Comm: syz.1.282 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   47.709207][ T4337] Tainted: [W]=WARN
[   47.709216][ T4337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.709226][ T4337] Call Trace:
[   47.709231][ T4337]  <TASK>
[   47.709237][ T4337]  __dump_stack+0x1d/0x30
[   47.709313][ T4337]  dump_stack_lvl+0xe8/0x140
[   47.709333][ T4337]  dump_stack+0x15/0x1b
[   47.709353][ T4337]  should_fail_ex+0x265/0x280
[   47.709399][ T4337]  should_fail+0xb/0x20
[   47.709493][ T4337]  should_fail_usercopy+0x1a/0x20
[   47.709514][ T4337]  _copy_to_user+0x20/0xa0
[   47.709537][ T4337]  simple_read_from_buffer+0xb5/0x130
[   47.709624][ T4337]  proc_fail_nth_read+0x10e/0x150
[   47.709646][ T4337]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   47.709665][ T4337]  vfs_read+0x1a8/0x770
[   47.709689][ T4337]  ? __cond_resched+0x4e/0x90
[   47.709744][ T4337]  ? mutex_lock+0x58/0x90
[   47.709761][ T4337]  ksys_read+0xda/0x1a0
[   47.709790][ T4337]  __x64_sys_read+0x40/0x50
[   47.709814][ T4337]  x64_sys_call+0x2889/0x3000
[   47.709891][ T4337]  do_syscall_64+0xd8/0x2a0
[   47.709977][ T4337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.709995][ T4337] RIP: 0033:0x7f3deb34e15c
[   47.710008][ T4337] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   47.710028][ T4337] RSP: 002b:00007f3de9daf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   47.710044][ T4337] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34e15c
[   47.710055][ T4337] RDX: 000000000000000f RSI: 00007f3de9daf0a0 RDI: 0000000000000005
[   47.710070][ T4337] RBP: 00007f3de9daf090 R08: 0000000000000000 R09: 0000000000000000
[   47.710081][ T4337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.710091][ T4337] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   47.710106][ T4337]  </TASK>
[   47.944967][ T4345] --map-set only usable from mangle table
[   48.103285][ T4367] netlink: 260 bytes leftover after parsing attributes in process `syz.0.291'.
[   48.173314][ T4371] set_capacity_and_notify: 11 callbacks suppressed
[   48.173359][ T4371] loop1: detected capacity change from 0 to 512
[   48.186512][ T4371] EXT4-fs: inline encryption not supported
[   48.209175][ T4371] EXT4-fs: journaled quota format not specified
[   48.278841][ T4377] netlink: 260 bytes leftover after parsing attributes in process `syz.2.298'.
[   48.373773][ T4383] 9pnet_fd: Insufficient options for proto=fd
[   48.392805][ T4383] loop3: detected capacity change from 0 to 512
[   48.423059][ T4383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.443590][ T4383] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.476131][ T4387] smc: net device bond0 applied user defined pnetid SYZ0
[   48.484577][ T4387] smc: net device bond0 erased user defined pnetid SYZ0
[   48.503350][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.565452][ T4395] loop3: detected capacity change from 0 to 512
[   48.576415][ T4395] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.306: iget: bad extra_isize 90 (inode size 256)
[   48.589823][ T4395] EXT4-fs (loop3): Remounting filesystem read-only
[   48.596408][ T4395] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30)
[   48.605523][ T4395] EXT4-fs (loop3): 1 orphan inode deleted
[   48.611605][ T4395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.627536][ T4393] loop0: detected capacity change from 0 to 1024
[   48.639507][ T4393] EXT4-fs: Ignoring removed oldalloc option
[   48.645489][ T4393] EXT4-fs: Ignoring removed nomblk_io_submit option
[   48.655555][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.671162][ T4393] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.703062][ T3331] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.723134][ T4403] smc: net device bond0 applied user defined pnetid SYZ0
[   48.733782][ T4403] smc: net device bond0 erased user defined pnetid SYZ0
[   48.799504][ T4411] smc: net device bond0 applied user defined pnetid SYZ0
[   48.807144][ T4411] smc: net device bond0 erased user defined pnetid SYZ0
[   48.867469][ T4419] smc: net device bond0 applied user defined pnetid SYZ0
[   48.963385][ T4434] loop0: detected capacity change from 0 to 512
[   48.983224][ T4434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.996243][ T4040] Bluetooth: hci0: command 0x1003 tx timeout
[   48.996895][ T4434] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.002328][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   49.055233][ T4442] netlink: 12 bytes leftover after parsing attributes in process `syz.4.322'.
[   49.085740][ T4434] bond0 (unregistering): Released all slaves
[   49.137710][ T4442] loop4: detected capacity change from 0 to 512
[   49.153701][ T4453] loop1: detected capacity change from 0 to 512
[   49.165055][ T4453] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #18: comm syz.1.327: iget: bad extra_isize 90 (inode size 256)
[   49.176859][ T4442] EXT4-fs: Ignoring removed oldalloc option
[   49.186117][ T4453] EXT4-fs (loop1): Remounting filesystem read-only
[   49.192660][ T4453] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -30)
[   49.201862][ T4453] EXT4-fs (loop1): 1 orphan inode deleted
[   49.410392][ T4476] loop1: detected capacity change from 0 to 1024
[   49.422385][ T4475] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4475 comm=syz.0.334
[   49.438638][ T4476] EXT4-fs: Ignoring removed oldalloc option
[   49.444676][ T4476] EXT4-fs: Ignoring removed bh option
[   49.459455][ T4475] bridge0: port 1(batadv1) entered blocking state
[   49.461047][ T4461] loop3: detected capacity change from 0 to 1024
[   49.465948][ T4475] bridge0: port 1(batadv1) entered disabled state
[   49.481422][ T4475] batadv1: entered allmulticast mode
[   49.487509][ T4475] batadv1: entered promiscuous mode
[   49.555220][ T4487] --map-set only usable from mangle table
[   49.556986][ T4461] EXT4-fs: Ignoring removed oldalloc option
[   49.566091][ T4489] loop2: detected capacity change from 0 to 512
[   49.566886][ T4461] EXT4-fs: Ignoring removed bh option
[   49.592575][ T4489] EXT4-fs: inline encryption not supported
[   49.618014][ T4489] EXT4-fs: journaled quota format not specified
[   49.651904][ T4493] 9pnet_fd: Insufficient options for proto=fd
[   49.716413][ T4498] EXT4-fs: Ignoring removed orlov option
[   49.746457][ T4493] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.759826][ T4498] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.339: corrupted in-inode xattr: bad e_name length
[   49.811214][ T4498] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.339: couldn't read orphan inode 15 (err -117)
[   49.903425][ T4498] EXT4-fs (loop0): shut down requested (1)
[   49.993923][ T4505] netlink: 12 bytes leftover after parsing attributes in process `syz.0.339'.
[   50.008363][ T1652] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   50.017596][ T1652] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   50.026818][ T4498] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   50.119584][ T4511] EXT4-fs: Ignoring removed orlov option
[   50.142887][ T4504] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   50.160397][ T4511] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.342: corrupted in-inode xattr: bad e_name length
[   50.178129][ T4514] EXT4-fs: Ignoring removed orlov option
[   50.193374][ T4509] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.206698][ T4504] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1208 with error 28
[   50.211246][ T4509] EXT4-fs (loop3): 1 truncate cleaned up
[   50.219164][ T4504] EXT4-fs (loop4): This should not happen!! Data will be lost
[   50.219164][ T4504] 
[   50.219181][ T4504] EXT4-fs (loop4): Total free blocks count 0
[   50.219195][ T4504] EXT4-fs (loop4): Free/Dirty block details
[   50.219208][ T4504] EXT4-fs (loop4): free_blocks=2415919104
[   50.219222][ T4504] EXT4-fs (loop4): dirty_blocks=1216
[   50.225838][ T4511] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.342: couldn't read orphan inode 15 (err -117)
[   50.234502][ T4504] EXT4-fs (loop4): Block reservation details
[   50.265166][ T4511] EXT4-fs (loop0): shut down requested (1)
[   50.269129][ T4504] EXT4-fs (loop4): i_reserved_data_blocks=76
[   50.286579][ T4514] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #15: comm syz.1.343: corrupted in-inode xattr: bad e_name length
[   50.300507][ T4511] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   50.305103][ T4514] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.343: couldn't read orphan inode 15 (err -117)
[   50.315785][ T4512] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #12: comm syz.4.340: corrupted in-inode xattr: e_value size too large
[   50.330560][ T4139] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4
[   50.341905][ T4139] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2
[   50.360968][ T4139] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x3
[   50.368635][ T4514] EXT4-fs (loop1): shut down requested (1)
[   50.375306][ T4514] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   50.384974][ T4139] hid-generic 0000:3000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   50.386745][ T4514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.343'.
[   50.406430][ T4511] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[   50.434423][ T4514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.343'.
[   50.444933][ T4504] sd 0:0:1:0: device reset
[   50.447567][ T4519] fido_id[4519]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   50.463628][ T4511] netlink: 12 bytes leftover after parsing attributes in process `syz.0.342'.
[   50.492713][ T2361] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[   50.504920][ T2361] EXT4-fs (loop4): This should not happen!! Data will be lost
[   50.504920][ T2361] 
[   50.579873][ T4532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.348'.
[   50.593362][ T4531] netlink: 'syz.2.349': attribute type 4 has an invalid length.
[   50.721961][ T4542] EXT4-fs: Ignoring removed oldalloc option
[   50.727948][ T4542] EXT4-fs: Ignoring removed bh option
[   50.777118][ T4547] bridge0: port 4(batadv2) entered blocking state
[   50.783610][ T4547] bridge0: port 4(batadv2) entered disabled state
[   50.804698][ T4548] 9pnet_fd: Insufficient options for proto=fd
[   50.819938][ T4547] batadv2: entered allmulticast mode
[   50.835180][ T4547] batadv2: entered promiscuous mode
[   50.861120][ T4548] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.933018][ T4544] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   50.996861][ T4561] FAULT_INJECTION: forcing a failure.
[   50.996861][ T4561] name failslab, interval 1, probability 0, space 0, times 0
[   51.009502][ T4561] CPU: 0 UID: 0 PID: 4561 Comm: syz.4.361 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   51.009567][ T4561] Tainted: [W]=WARN
[   51.009575][ T4561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   51.009588][ T4561] Call Trace:
[   51.009594][ T4561]  <TASK>
[   51.009600][ T4561]  __dump_stack+0x1d/0x30
[   51.009620][ T4561]  dump_stack_lvl+0xe8/0x140
[   51.009639][ T4561]  dump_stack+0x15/0x1b
[   51.009731][ T4561]  should_fail_ex+0x265/0x280
[   51.009761][ T4561]  should_failslab+0x8c/0xb0
[   51.009813][ T4561]  __kmalloc_noprof+0xa5/0x590
[   51.009834][ T4561]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   51.009867][ T4561]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   51.010000][ T4561]  genl_family_rcv_msg_doit+0x48/0x1b0
[   51.010026][ T4561]  ? selinux_capable+0x31/0x40
[   51.010053][ T4561]  ? security_capable+0x83/0x90
[   51.010145][ T4561]  ? ns_capable+0x7d/0xb0
[   51.010212][ T4561]  genl_rcv_msg+0x422/0x460
[   51.010243][ T4561]  ? __pfx_ovs_flow_cmd_set+0x10/0x10
[   51.010335][ T4561]  netlink_rcv_skb+0x123/0x220
[   51.010354][ T4561]  ? __pfx_genl_rcv_msg+0x10/0x10
[   51.010383][ T4561]  genl_rcv+0x28/0x40
[   51.010410][ T4561]  netlink_unicast+0x5c0/0x690
[   51.010475][ T4561]  netlink_sendmsg+0x58b/0x6b0
[   51.010497][ T4561]  ? __pfx_netlink_sendmsg+0x10/0x10
[   51.010519][ T4561]  __sock_sendmsg+0x145/0x180
[   51.010555][ T4561]  ____sys_sendmsg+0x31e/0x4a0
[   51.010576][ T4561]  ___sys_sendmsg+0x17b/0x1d0
[   51.010740][ T4561]  __x64_sys_sendmsg+0xd4/0x160
[   51.010762][ T4561]  x64_sys_call+0x17ba/0x3000
[   51.010830][ T4561]  do_syscall_64+0xd8/0x2a0
[   51.010853][ T4561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.010872][ T4561] RIP: 0033:0x7f83c303f749
[   51.010885][ T4561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.010899][ T4561] RSP: 002b:00007f83c1aa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   51.010984][ T4561] RAX: ffffffffffffffda RBX: 00007f83c3295fa0 RCX: 00007f83c303f749
[   51.010995][ T4561] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   51.011008][ T4561] RBP: 00007f83c1aa7090 R08: 0000000000000000 R09: 0000000000000000
[   51.011021][ T4561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.011042][ T4561] R13: 00007f83c3296038 R14: 00007f83c3295fa0 R15: 00007fff57a2f3b8
[   51.011058][ T4561]  </TASK>
[   51.263519][ T4544] EXT4-fs (loop0): 1 truncate cleaned up
[   51.285342][ T4563] EXT4-fs: Ignoring removed orlov option
[   51.316828][  T946] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[   51.326050][  T946] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[   51.336740][ T4568] netlink: 'syz.3.363': attribute type 4 has an invalid length.
[   51.345409][ T4563] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.359: corrupted in-inode xattr: bad e_name length
[   51.367830][ T4563] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.359: couldn't read orphan inode 15 (err -117)
[   51.386741][ T4570] FAULT_INJECTION: forcing a failure.
[   51.386741][ T4570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.399800][ T4570] CPU: 1 UID: 0 PID: 4570 Comm: syz.4.366 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   51.399826][ T4570] Tainted: [W]=WARN
[   51.399833][ T4570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   51.399846][ T4570] Call Trace:
[   51.399853][ T4570]  <TASK>
[   51.399915][ T4570]  __dump_stack+0x1d/0x30
[   51.399940][ T4570]  dump_stack_lvl+0xe8/0x140
[   51.399959][ T4570]  dump_stack+0x15/0x1b
[   51.399975][ T4570]  should_fail_ex+0x265/0x280
[   51.400034][ T4570]  should_fail+0xb/0x20
[   51.400057][ T4570]  should_fail_usercopy+0x1a/0x20
[   51.400094][ T4570]  _copy_to_user+0x20/0xa0
[   51.400155][ T4570]  simple_read_from_buffer+0xb5/0x130
[   51.400182][ T4570]  proc_fail_nth_read+0x10e/0x150
[   51.400203][ T4570]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   51.400303][ T4570]  vfs_read+0x1a8/0x770
[   51.400362][ T4570]  ? __rcu_read_unlock+0x4f/0x70
[   51.400384][ T4570]  ? __fget_files+0x184/0x1c0
[   51.400412][ T4570]  ? mutex_lock+0x58/0x90
[   51.400433][ T4570]  ksys_read+0xda/0x1a0
[   51.400484][ T4570]  __x64_sys_read+0x40/0x50
[   51.400573][ T4570]  x64_sys_call+0x2889/0x3000
[   51.400594][ T4570]  do_syscall_64+0xd8/0x2a0
[   51.400619][ T4570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.400642][ T4570] RIP: 0033:0x7f83c303e15c
[   51.400656][ T4570] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.400679][ T4570] RSP: 002b:00007f83c1aa7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.400697][ T4570] RAX: ffffffffffffffda RBX: 00007f83c3295fa0 RCX: 00007f83c303e15c
[   51.400711][ T4570] RDX: 000000000000000f RSI: 00007f83c1aa70a0 RDI: 0000000000000003
[   51.400724][ T4570] RBP: 00007f83c1aa7090 R08: 0000000000000000 R09: 0000000000000000
[   51.400734][ T4570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.400872][ T4570] R13: 00007f83c3296038 R14: 00007f83c3295fa0 R15: 00007fff57a2f3b8
[   51.400889][ T4570]  </TASK>
[   51.422340][ T4563] EXT4-fs (loop2): shut down requested (1)
[   51.440111][ T4574] FAULT_INJECTION: forcing a failure.
[   51.440111][ T4574] name failslab, interval 1, probability 0, space 0, times 0
[   51.496825][ T4579] 9pnet_fd: Insufficient options for proto=fd
[   51.500116][ T4574] CPU: 1 UID: 0 PID: 4574 Comm: syz.3.367 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   51.500146][ T4574] Tainted: [W]=WARN
[   51.500153][ T4574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   51.500240][ T4574] Call Trace:
[   51.500247][ T4574]  <TASK>
[   51.500254][ T4574]  __dump_stack+0x1d/0x30
[   51.500277][ T4574]  dump_stack_lvl+0xe8/0x140
[   51.500316][ T4574]  dump_stack+0x15/0x1b
[   51.500335][ T4574]  should_fail_ex+0x265/0x280
[   51.500365][ T4574]  should_failslab+0x8c/0xb0
[   51.500453][ T4574]  __kvmalloc_node_noprof+0x12e/0x690
[   51.500477][ T4574]  ? alloc_fdtable+0xc2/0x1d0
[   51.500509][ T4574]  alloc_fdtable+0xc2/0x1d0
[   51.500551][ T4574]  dup_fd+0x492/0x510
[   51.500579][ T4574]  copy_files+0x98/0xf0
[   51.500598][ T4574]  copy_process+0xc17/0x1ef0
[   51.500657][ T4574]  kernel_clone+0x16c/0x5c0
[   51.500680][ T4574]  __se_sys_clone3+0x1c2/0x200
[   51.500832][ T4574]  __x64_sys_clone3+0x31/0x40
[   51.500922][ T4574]  x64_sys_call+0x2c0f/0x3000
[   51.500946][ T4574]  do_syscall_64+0xd8/0x2a0
[   51.500972][ T4574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.501021][ T4574] RIP: 0033:0x7f21a708f749
[   51.501036][ T4574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.501053][ T4574] RSP: 002b:00007f21a5af6f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[   51.501072][ T4574] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f21a708f749
[   51.501085][ T4574] RDX: 00007f21a5af6f20 RSI: 0000000000000058 RDI: 00007f21a5af6f20
[   51.501130][ T4574] RBP: 00007f21a5af7090 R08: 0000000000000000 R09: 0000000000000058
[   51.501142][ T4574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.501154][ T4574] R13: 00007f21a72e6038 R14: 00007f21a72e5fa0 R15: 00007fff727352f8
[   51.501172][ T4574]  </TASK>
[   51.520379][ T4580] syzkaller0: entered promiscuous mode
[   51.554933][ T4584] --map-set only usable from mangle table
[   51.561054][ T4580] syzkaller0: entered allmulticast mode
[   51.661156][ T4139] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[   51.668785][ T4585] bridge0: port 3(batadv2) entered blocking state
[   51.672842][ T4139] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2
[   51.677532][ T4585] bridge0: port 3(batadv2) entered disabled state
[   51.677839][ T4585] batadv2: entered allmulticast mode
[   51.682719][ T4139] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x3
[   51.687864][ T4582] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   51.707590][ T4139] hid-generic 0000:3000000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   51.710376][ T4585] batadv2: entered promiscuous mode
[   51.715851][ T4582] netlink: 4 bytes leftover after parsing attributes in process `syz.2.359'.
[   51.750896][ T4579] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.833622][ T4563] netlink: 12 bytes leftover after parsing attributes in process `syz.2.359'.
[   52.003149][ T4606] FAULT_INJECTION: forcing a failure.
[   52.003149][ T4606] name failslab, interval 1, probability 0, space 0, times 0
[   52.015811][ T4606] CPU: 1 UID: 0 PID: 4606 Comm: syz.1.379 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   52.015952][ T4606] Tainted: [W]=WARN
[   52.015960][ T4606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.015995][ T4606] Call Trace:
[   52.016002][ T4606]  <TASK>
[   52.016009][ T4606]  __dump_stack+0x1d/0x30
[   52.016034][ T4606]  dump_stack_lvl+0xe8/0x140
[   52.016056][ T4606]  dump_stack+0x15/0x1b
[   52.016075][ T4606]  should_fail_ex+0x265/0x280
[   52.016140][ T4606]  should_failslab+0x8c/0xb0
[   52.016157][ T4606]  kmem_cache_alloc_noprof+0x50/0x4a0
[   52.016313][ T4606]  ? skb_clone+0x151/0x1f0
[   52.016333][ T4606]  skb_clone+0x151/0x1f0
[   52.016351][ T4606]  __netlink_deliver_tap+0x2c9/0x500
[   52.016378][ T4606]  netlink_unicast+0x66b/0x690
[   52.016402][ T4606]  netlink_sendmsg+0x58b/0x6b0
[   52.016429][ T4606]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.016491][ T4606]  __sock_sendmsg+0x145/0x180
[   52.016546][ T4606]  ____sys_sendmsg+0x31e/0x4a0
[   52.016571][ T4606]  ___sys_sendmsg+0x17b/0x1d0
[   52.016608][ T4606]  __x64_sys_sendmsg+0xd4/0x160
[   52.016634][ T4606]  x64_sys_call+0x17ba/0x3000
[   52.016724][ T4606]  do_syscall_64+0xd8/0x2a0
[   52.016752][ T4606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.016776][ T4606] RIP: 0033:0x7f3deb34f749
[   52.016792][ T4606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.016883][ T4606] RSP: 002b:00007f3de9daf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.016906][ T4606] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34f749
[   52.016917][ T4606] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[   52.016928][ T4606] RBP: 00007f3de9daf090 R08: 0000000000000000 R09: 0000000000000000
[   52.016938][ T4606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.016982][ T4606] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   52.017000][ T4606]  </TASK>
[   52.215728][ T4607] netlink: 'syz.2.378': attribute type 4 has an invalid length.
[   52.223953][ T2561] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[   52.233289][ T2561] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[   52.243813][ T4606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.379'.
[   52.260519][   T29] kauditd_printk_skb: 302 callbacks suppressed
[   52.260532][   T29] audit: type=1400 audit(1764947443.898:1875): avc:  denied  { name_bind } for  pid=4611 comm="syz.0.377" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   52.289897][   T29] audit: type=1400 audit(1764947443.898:1876): avc:  denied  { node_bind } for  pid=4611 comm="syz.0.377" saddr=224.0.0.1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   52.312001][   T29] audit: type=1400 audit(1764947443.935:1877): avc:  denied  { create } for  pid=4609 comm="syz.3.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   52.331411][   T29] audit: type=1400 audit(1764947443.935:1878): avc:  denied  { bind } for  pid=4609 comm="syz.3.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   52.363113][ T4600] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   52.379568][   T29] audit: type=1400 audit(1764947444.001:1879): avc:  denied  { execute } for  pid=4609 comm="syz.3.380" path="/87/cpu.stat" dev="tmpfs" ino=485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   52.391766][ T4614] --map-set only usable from mangle table
[   52.402308][   T29] audit: type=1400 audit(1764947444.001:1880): avc:  denied  { execmem } for  pid=4609 comm="syz.3.380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   52.447685][ T4600] EXT4-fs (loop4): 1 truncate cleaned up
[   52.475443][ T4620] FAULT_INJECTION: forcing a failure.
[   52.475443][ T4620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.488539][ T4620] CPU: 1 UID: 0 PID: 4620 Comm: syz.1.382 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   52.488625][ T4620] Tainted: [W]=WARN
[   52.488631][ T4620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.488704][ T4620] Call Trace:
[   52.488709][ T4620]  <TASK>
[   52.488715][ T4620]  __dump_stack+0x1d/0x30
[   52.488737][ T4620]  dump_stack_lvl+0xe8/0x140
[   52.488869][ T4620]  dump_stack+0x15/0x1b
[   52.488886][ T4620]  should_fail_ex+0x265/0x280
[   52.488986][ T4620]  should_fail+0xb/0x20
[   52.489057][ T4620]  should_fail_usercopy+0x1a/0x20
[   52.489079][ T4620]  _copy_to_user+0x20/0xa0
[   52.489099][ T4620]  simple_read_from_buffer+0xb5/0x130
[   52.489242][ T4620]  proc_fail_nth_read+0x10e/0x150
[   52.489264][ T4620]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.489285][ T4620]  vfs_read+0x1a8/0x770
[   52.489311][ T4620]  ? __rcu_read_unlock+0x4f/0x70
[   52.489360][ T4620]  ? __fget_files+0x184/0x1c0
[   52.489379][ T4620]  ? mutex_lock+0x58/0x90
[   52.489401][ T4620]  ksys_read+0xda/0x1a0
[   52.489489][ T4620]  __x64_sys_read+0x40/0x50
[   52.489515][ T4620]  x64_sys_call+0x2889/0x3000
[   52.489538][ T4620]  do_syscall_64+0xd8/0x2a0
[   52.489678][ T4620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.489700][ T4620] RIP: 0033:0x7f3deb34e15c
[   52.489714][ T4620] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.489730][ T4620] RSP: 002b:00007f3de9daf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.489750][ T4620] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34e15c
[   52.489770][ T4620] RDX: 000000000000000f RSI: 00007f3de9daf0a0 RDI: 0000000000000005
[   52.489819][ T4620] RBP: 00007f3de9daf090 R08: 0000000000000000 R09: 000000000000001e
[   52.489831][ T4620] R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000001
[   52.489842][ T4620] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   52.489858][ T4620]  </TASK>
[   52.710551][   T29] audit: type=1400 audit(1764947444.309:1881): avc:  denied  { ioctl } for  pid=4621 comm="syz.2.383" path="socket:[8229]" dev="sockfs" ino=8229 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.735018][   T29] audit: type=1400 audit(1764947444.309:1882): avc:  denied  { write } for  pid=4621 comm="syz.2.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.811374][ T4629] smc: net device bond0 erased user defined pnetid SYZ0
[   52.861518][   T29] audit: type=1400 audit(1764947444.459:1883): avc:  denied  { create } for  pid=4633 comm="syz.0.389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   52.885411][   T29] audit: type=1400 audit(1764947444.469:1884): avc:  denied  { read } for  pid=4634 comm="syz.2.388" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   52.928397][ T4640] netlink: 'syz.1.391': attribute type 4 has an invalid length.
[   52.979156][ T4644] netlink: 36 bytes leftover after parsing attributes in process `syz.4.392'.
[   53.014137][ T4650] netlink: 'syz.0.396': attribute type 1 has an invalid length.
[   53.060713][ T4650] 8021q: adding VLAN 0 to HW filter on device bond0
[   53.125943][ T4651] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   53.140251][ T4651] EXT4-fs (loop2): 1 truncate cleaned up
[   53.145785][ T4660] bond0: (slave geneve2): making interface the new active one
[   53.147061][ T4660] bond0: (slave geneve2): Enslaving as an active interface with an up link
[   53.179431][ T4661] hsr_slave_0: left promiscuous mode
[   53.179835][ T4661] hsr_slave_1: left promiscuous mode
[   53.253418][ T4678] netlink: 'syz.4.404': attribute type 4 has an invalid length.
[   53.329698][ T4694] FAULT_INJECTION: forcing a failure.
[   53.329698][ T4694] name failslab, interval 1, probability 0, space 0, times 0
[   53.342332][ T4694] CPU: 1 UID: 0 PID: 4694 Comm: syz.0.408 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.342363][ T4694] Tainted: [W]=WARN
[   53.342370][ T4694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   53.342380][ T4694] Call Trace:
[   53.342386][ T4694]  <TASK>
[   53.342394][ T4694]  __dump_stack+0x1d/0x30
[   53.342492][ T4694]  dump_stack_lvl+0xe8/0x140
[   53.342515][ T4694]  dump_stack+0x15/0x1b
[   53.342531][ T4694]  should_fail_ex+0x265/0x280
[   53.342636][ T4694]  ? audit_log_d_path+0x8d/0x150
[   53.342654][ T4694]  should_failslab+0x8c/0xb0
[   53.342670][ T4694]  __kmalloc_cache_noprof+0x4c/0x4c0
[   53.342694][ T4694]  audit_log_d_path+0x8d/0x150
[   53.342721][ T4694]  audit_log_d_path_exe+0x42/0x70
[   53.342807][ T4694]  audit_log_task+0x1e9/0x250
[   53.342834][ T4694]  ? kstrtouint+0x76/0xc0
[   53.342914][ T4694]  audit_seccomp+0x61/0x100
[   53.342938][ T4694]  ? __seccomp_filter+0x832/0x1260
[   53.342962][ T4694]  __seccomp_filter+0x843/0x1260
[   53.342988][ T4694]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   53.343032][ T4694]  ? vfs_write+0x7e8/0x960
[   53.343058][ T4694]  ? __rcu_read_unlock+0x4f/0x70
[   53.343089][ T4694]  ? __fget_files+0x184/0x1c0
[   53.343111][ T4694]  __secure_computing+0x82/0x150
[   53.343137][ T4694]  syscall_trace_enter+0xcf/0x1e0
[   53.343163][ T4694]  do_syscall_64+0xb2/0x2a0
[   53.343269][ T4694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.343288][ T4694] RIP: 0033:0x7fc41aa5f749
[   53.343301][ T4694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.343316][ T4694] RSP: 002b:00007fc4194bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000067
[   53.343337][ T4694] RAX: ffffffffffffffda RBX: 00007fc41acb5fa0 RCX: 00007fc41aa5f749
[   53.343351][ T4694] RDX: 00000000000000a4 RSI: 00002000000004c0 RDI: 0000000000000002
[   53.343385][ T4694] RBP: 00007fc4194bf090 R08: 0000000000000000 R09: 0000000000000000
[   53.343398][ T4694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.343411][ T4694] R13: 00007fc41acb6038 R14: 00007fc41acb5fa0 R15: 00007ffc55659868
[   53.343503][ T4694]  </TASK>
[   53.573358][ T4690] syzkaller0: entered promiscuous mode
[   53.578944][ T4690] syzkaller0: entered allmulticast mode
[   53.637960][ T4697] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[   53.738911][ T4717] set_capacity_and_notify: 17 callbacks suppressed
[   53.738924][ T4717] loop4: detected capacity change from 0 to 128
[   53.836903][ T4724] netlink: 'syz.1.418': attribute type 4 has an invalid length.
[   53.893682][ T4729] FAULT_INJECTION: forcing a failure.
[   53.893682][ T4729] name failslab, interval 1, probability 0, space 0, times 0
[   53.906366][ T4729] CPU: 0 UID: 0 PID: 4729 Comm: syz.1.420 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.906460][ T4729] Tainted: [W]=WARN
[   53.906467][ T4729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   53.906480][ T4729] Call Trace:
[   53.906485][ T4729]  <TASK>
[   53.906491][ T4729]  __dump_stack+0x1d/0x30
[   53.906512][ T4729]  dump_stack_lvl+0xe8/0x140
[   53.906567][ T4729]  dump_stack+0x15/0x1b
[   53.906586][ T4729]  should_fail_ex+0x265/0x280
[   53.906614][ T4729]  should_failslab+0x8c/0xb0
[   53.906631][ T4729]  __kmalloc_cache_node_noprof+0x54/0x4c0
[   53.906754][ T4729]  ? __get_vm_area_node+0x106/0x1d0
[   53.906777][ T4729]  __get_vm_area_node+0x106/0x1d0
[   53.906797][ T4729]  __vmalloc_node_range_noprof+0x28c/0xed0
[   53.906879][ T4729]  ? xt_counters_alloc+0x40/0x50
[   53.906907][ T4729]  ? xt_check_table_hooks+0xfb/0x5f0
[   53.906930][ T4729]  ? xt_counters_alloc+0x40/0x50
[   53.906956][ T4729]  vzalloc_noprof+0x82/0xc0
[   53.907039][ T4729]  ? xt_counters_alloc+0x40/0x50
[   53.907118][ T4729]  xt_counters_alloc+0x40/0x50
[   53.907143][ T4729]  __do_replace+0x4d/0x570
[   53.907170][ T4729]  ? _copy_from_user+0x89/0xb0
[   53.907196][ T4729]  do_ipt_set_ctl+0x6ea/0x820
[   53.907264][ T4729]  ? _raw_spin_unlock_bh+0x36/0x40
[   53.907294][ T4729]  ? tcp_release_cb+0xf1/0x370
[   53.907391][ T4729]  nf_setsockopt+0x199/0x1b0
[   53.907425][ T4729]  ip_setsockopt+0x102/0x110
[   53.907445][ T4729]  tcp_setsockopt+0x98/0xb0
[   53.907510][ T4729]  sock_common_setsockopt+0x69/0x80
[   53.907553][ T4729]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   53.907636][ T4729]  __sys_setsockopt+0x184/0x200
[   53.907660][ T4729]  __x64_sys_setsockopt+0x64/0x80
[   53.907679][ T4729]  x64_sys_call+0x21d5/0x3000
[   53.907709][ T4729]  do_syscall_64+0xd8/0x2a0
[   53.907738][ T4729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.907760][ T4729] RIP: 0033:0x7f3deb34f749
[   53.907777][ T4729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.907795][ T4729] RSP: 002b:00007f3de9daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   53.907893][ T4729] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34f749
[   53.907904][ T4729] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005
[   53.907953][ T4729] RBP: 00007f3de9daf090 R08: 0000000000000238 R09: 0000000000000000
[   53.907966][ T4729] R10: 00002000000008c0 R11: 0000000000000246 R12: 0000000000000001
[   53.907980][ T4729] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   53.908001][ T4729]  </TASK>
[   53.908009][ T4729] syz.1.420: vmalloc error: size 131072, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   54.176149][ T4729] CPU: 0 UID: 0 PID: 4729 Comm: syz.1.420 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   54.176178][ T4729] Tainted: [W]=WARN
[   54.176183][ T4729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.176200][ T4729] Call Trace:
[   54.176207][ T4729]  <TASK>
[   54.176216][ T4729]  __dump_stack+0x1d/0x30
[   54.176303][ T4729]  dump_stack_lvl+0xe8/0x140
[   54.176324][ T4729]  dump_stack+0x15/0x1b
[   54.176410][ T4729]  warn_alloc+0x12b/0x1a0
[   54.176434][ T4729]  __vmalloc_node_range_noprof+0x2b1/0xed0
[   54.176520][ T4729]  ? xt_check_table_hooks+0xfb/0x5f0
[   54.176547][ T4729]  ? xt_counters_alloc+0x40/0x50
[   54.176639][ T4729]  vzalloc_noprof+0x82/0xc0
[   54.176660][ T4729]  ? xt_counters_alloc+0x40/0x50
[   54.176685][ T4729]  xt_counters_alloc+0x40/0x50
[   54.176748][ T4729]  __do_replace+0x4d/0x570
[   54.176778][ T4729]  ? _copy_from_user+0x89/0xb0
[   54.176804][ T4729]  do_ipt_set_ctl+0x6ea/0x820
[   54.176928][ T4729]  ? _raw_spin_unlock_bh+0x36/0x40
[   54.176964][ T4729]  ? tcp_release_cb+0xf1/0x370
[   54.176997][ T4729]  nf_setsockopt+0x199/0x1b0
[   54.177029][ T4729]  ip_setsockopt+0x102/0x110
[   54.177116][ T4729]  tcp_setsockopt+0x98/0xb0
[   54.177148][ T4729]  sock_common_setsockopt+0x69/0x80
[   54.177177][ T4729]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   54.177206][ T4729]  __sys_setsockopt+0x184/0x200
[   54.177230][ T4729]  __x64_sys_setsockopt+0x64/0x80
[   54.177309][ T4729]  x64_sys_call+0x21d5/0x3000
[   54.177335][ T4729]  do_syscall_64+0xd8/0x2a0
[   54.177430][ T4729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.177458][ T4729] RIP: 0033:0x7f3deb34f749
[   54.177474][ T4729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.177492][ T4729] RSP: 002b:00007f3de9daf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   54.177512][ T4729] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34f749
[   54.177525][ T4729] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005
[   54.177593][ T4729] RBP: 00007f3de9daf090 R08: 0000000000000238 R09: 0000000000000000
[   54.177606][ T4729] R10: 00002000000008c0 R11: 0000000000000246 R12: 0000000000000001
[   54.177619][ T4729] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   54.177638][ T4729]  </TASK>
[   54.404265][ T4729] Mem-Info:
[   54.407363][ T4729] active_anon:10090 inactive_anon:4 isolated_anon:0
[   54.407363][ T4729]  active_file:8905 inactive_file:2291 isolated_file:0
[   54.407363][ T4729]  unevictable:0 dirty:332 writeback:0
[   54.407363][ T4729]  slab_reclaimable:3205 slab_unreclaimable:16842
[   54.407363][ T4729]  mapped:29440 shmem:3018 pagetables:1525
[   54.407363][ T4729]  sec_pagetables:0 bounce:0
[   54.407363][ T4729]  kernel_misc_reclaimable:0
[   54.407363][ T4729]  free:1879220 free_pcp:18537 free_cma:0
[   54.452432][ T4729] Node 0 active_anon:40360kB inactive_anon:16kB active_file:35620kB inactive_file:9164kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117760kB dirty:1328kB writeback:0kB shmem:12072kB kernel_stack:3808kB pagetables:6100kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   54.479910][ T4729] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   54.509525][ T4729] lowmem_reserve[]: 0 2880 7859 7859
[   54.514861][ T4729] Node 0 DMA32 free:2946060kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949588kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   54.546230][ T4729] lowmem_reserve[]: 0 0 4978 4978
[   54.551415][ T4729] Node 0 Normal free:4555460kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:38736kB inactive_anon:16kB active_file:35620kB inactive_file:9164kB unevictable:0kB writepending:1328kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:72268kB local_pcp:5596kB free_cma:0kB
[   54.584402][ T4729] lowmem_reserve[]: 0 0 0 0
[   54.588952][ T4729] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   54.601702][ T4729] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 4*16kB (M) 1*32kB (M) 4*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2946060kB
[   54.602041][ T4729] Node 0 Normal: 1089*4kB (UME) 599*8kB (UME) 378*16kB (UME) 260*32kB (UME) 155*64kB (UME) 137*128kB (UME) 120*256kB (UME) 104*512kB (UME) 83*1024kB (UME) 62*2048kB (UME) 1033*4096kB (UM) = 4578076kB
[   54.602210][ T4729] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   54.602226][ T4729] 11386 total pagecache pages
[   54.602234][ T4729] 4 pages in swap cache
[   54.602241][ T4729] Free swap  = 124980kB
[   54.602249][ T4729] Total swap = 124996kB
[   54.602257][ T4729] 2097051 pages RAM
[   54.602264][ T4729] 0 pages HighMem/MovableOnly
[   54.602270][ T4729] 81254 pages reserved
[   54.604445][    C1] Illegal XDP return value 16128 on prog  (id 251) dev lo, expect packet loss!
[   54.692875][ T4749] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[   54.773197][ T4747] netem: change failed
[   54.795307][ T4758] loop2: detected capacity change from 0 to 2048
[   54.820423][ T4762] loop3: detected capacity change from 0 to 1024
[   54.835005][ T4762] EXT4-fs: Ignoring removed orlov option
[   54.856001][ T4762] FAULT_INJECTION: forcing a failure.
[   54.856001][ T4762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.869191][ T4762] CPU: 0 UID: 0 PID: 4762 Comm: syz.3.430 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   54.869217][ T4762] Tainted: [W]=WARN
[   54.869223][ T4762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.869314][ T4762] Call Trace:
[   54.869320][ T4762]  <TASK>
[   54.869326][ T4762]  __dump_stack+0x1d/0x30
[   54.869378][ T4762]  dump_stack_lvl+0xe8/0x140
[   54.869401][ T4762]  dump_stack+0x15/0x1b
[   54.869417][ T4762]  should_fail_ex+0x265/0x280
[   54.869446][ T4762]  should_fail+0xb/0x20
[   54.869552][ T4762]  should_fail_usercopy+0x1a/0x20
[   54.869571][ T4762]  _copy_from_user+0x1c/0xb0
[   54.869590][ T4762]  copy_from_sockptr_offset+0x66/0xa0
[   54.869649][ T4762]  do_ip6t_set_ctl+0x5d1/0x840
[   54.869685][ T4762]  ? kstrtoull+0x111/0x140
[   54.869709][ T4762]  ? __rcu_read_unlock+0x4f/0x70
[   54.869806][ T4762]  nf_setsockopt+0x199/0x1b0
[   54.869832][ T4762]  ipv6_setsockopt+0x11a/0x130
[   54.869927][ T4762]  tcp_setsockopt+0x98/0xb0
[   54.869956][ T4762]  sock_common_setsockopt+0x69/0x80
[   54.870031][ T4762]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   54.870062][ T4762]  __sys_setsockopt+0x184/0x200
[   54.870137][ T4762]  __x64_sys_setsockopt+0x64/0x80
[   54.870160][ T4762]  x64_sys_call+0x21d5/0x3000
[   54.870198][ T4762]  do_syscall_64+0xd8/0x2a0
[   54.870227][ T4762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.870250][ T4762] RIP: 0033:0x7f21a708f749
[   54.870322][ T4762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.870341][ T4762] RSP: 002b:00007f21a5af7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   54.870361][ T4762] RAX: ffffffffffffffda RBX: 00007f21a72e5fa0 RCX: 00007f21a708f749
[   54.870375][ T4762] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000000c
[   54.870389][ T4762] RBP: 00007f21a5af7090 R08: 0000000000000500 R09: 0000000000000000
[   54.870399][ T4762] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.870434][ T4762] R13: 00007f21a72e6038 R14: 00007f21a72e5fa0 R15: 00007fff727352f8
[   54.870458][ T4762]  </TASK>
[   55.081018][ T4768] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   55.095883][ T4758] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 534 with error 28
[   55.108320][ T4758] EXT4-fs (loop2): This should not happen!! Data will be lost
[   55.108320][ T4758] 
[   55.117949][ T4758] EXT4-fs (loop2): Total free blocks count 0
[   55.123921][ T4758] EXT4-fs (loop2): Free/Dirty block details
[   55.129825][ T4758] EXT4-fs (loop2): free_blocks=2415919104
[   55.135569][ T4758] EXT4-fs (loop2): dirty_blocks=544
[   55.140800][ T4758] EXT4-fs (loop2): Block reservation details
[   55.146770][ T4758] EXT4-fs (loop2): i_reserved_data_blocks=34
[   55.156992][ T4769] loop4: detected capacity change from 0 to 512
[   55.173873][ T4777] loop1: detected capacity change from 0 to 512
[   55.186416][ T4771] loop0: detected capacity change from 0 to 512
[   55.194264][ T4777] EXT4-fs: Ignoring removed orlov option
[   55.205030][ T4771] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #18: comm syz.0.431: iget: bad extra_isize 90 (inode size 256)
[   55.206838][ T4758] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #12: comm syz.2.428: corrupted in-inode xattr: e_value size too large
[   55.224358][ T4777] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #15: comm syz.1.434: corrupted in-inode xattr: bad e_name length
[   55.252297][ T4777] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.434: couldn't read orphan inode 15 (err -117)
[   55.255914][ T4771] EXT4-fs (loop0): Remounting filesystem read-only
[   55.270070][ T4777] EXT4-fs (loop1): shut down requested (1)
[   55.276714][ T4758] sd 0:0:1:0: device reset
[   55.277364][ T4771] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -30)
[   55.281698][ T4769] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm syz.4.432: iget: bad extra_isize 90 (inode size 256)
[   55.290114][ T4771] EXT4-fs (loop0): 1 orphan inode deleted
[   55.332036][ T2432] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[   55.341382][ T4769] EXT4-fs (loop4): Remounting filesystem read-only
[   55.344331][ T2432] EXT4-fs (loop2): This should not happen!! Data will be lost
[   55.344331][ T2432] 
[   55.350985][ T4769] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -30)
[   55.369666][ T4769] EXT4-fs (loop4): 1 orphan inode deleted
[   55.375518][ T4777] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   55.453001][ T4777] __nla_validate_parse: 3 callbacks suppressed
[   55.453016][ T4777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.434'.
[   55.471682][ T4796] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   55.502250][ T4777] netlink: 12 bytes leftover after parsing attributes in process `syz.1.434'.
[   55.578365][ T4806] FAULT_INJECTION: forcing a failure.
[   55.578365][ T4806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.591488][ T4806] CPU: 0 UID: 0 PID: 4806 Comm: syz.4.440 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.591538][ T4806] Tainted: [W]=WARN
[   55.591542][ T4806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   55.591549][ T4806] Call Trace:
[   55.591614][ T4806]  <TASK>
[   55.591618][ T4806]  __dump_stack+0x1d/0x30
[   55.591633][ T4806]  dump_stack_lvl+0xe8/0x140
[   55.591645][ T4806]  dump_stack+0x15/0x1b
[   55.591708][ T4806]  should_fail_ex+0x265/0x280
[   55.591727][ T4806]  should_fail+0xb/0x20
[   55.591752][ T4806]  should_fail_usercopy+0x1a/0x20
[   55.591764][ T4806]  _copy_from_user+0x1c/0xb0
[   55.591800][ T4806]  memdup_user+0x5e/0xd0
[   55.591824][ T4806]  io_parse_restrictions+0x56/0x210
[   55.591910][ T4806]  io_register_restrictions+0x81/0xc0
[   55.591927][ T4806]  __se_sys_io_uring_register+0xde6/0xf20
[   55.591989][ T4806]  ? fput+0x8f/0xc0
[   55.592004][ T4806]  ? ksys_write+0x192/0x1a0
[   55.592021][ T4806]  __x64_sys_io_uring_register+0x55/0x70
[   55.592143][ T4806]  x64_sys_call+0x27ad/0x3000
[   55.592156][ T4806]  do_syscall_64+0xd8/0x2a0
[   55.592175][ T4806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.592197][ T4806] RIP: 0033:0x7f83c303f749
[   55.592255][ T4806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.592265][ T4806] RSP: 002b:00007f83c1aa7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   55.592277][ T4806] RAX: ffffffffffffffda RBX: 00007f83c3295fa0 RCX: 00007f83c303f749
[   55.592296][ T4806] RDX: 0000200000000480 RSI: 000000000000000b RDI: 0000000000000006
[   55.592309][ T4806] RBP: 00007f83c1aa7090 R08: 0000000000000000 R09: 0000000000000000
[   55.592319][ T4806] R10: 0000000000000066 R11: 0000000000000246 R12: 0000000000000001
[   55.592330][ T4806] R13: 00007f83c3296038 R14: 00007f83c3295fa0 R15: 00007fff57a2f3b8
[   55.592346][ T4806]  </TASK>
[   55.793690][ T4790] FAULT_INJECTION: forcing a failure.
[   55.793690][ T4790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.806825][ T4790] CPU: 0 UID: 0 PID: 4790 Comm: syz.2.436 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.806857][ T4790] Tainted: [W]=WARN
[   55.806862][ T4790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   55.806873][ T4790] Call Trace:
[   55.806940][ T4790]  <TASK>
[   55.806947][ T4790]  __dump_stack+0x1d/0x30
[   55.806974][ T4790]  dump_stack_lvl+0xe8/0x140
[   55.807037][ T4790]  dump_stack+0x15/0x1b
[   55.807053][ T4790]  should_fail_ex+0x265/0x280
[   55.807141][ T4790]  should_fail+0xb/0x20
[   55.807167][ T4790]  should_fail_usercopy+0x1a/0x20
[   55.807184][ T4790]  _copy_from_iter+0xcf/0xe70
[   55.807260][ T4790]  ? __pfx_woken_wake_function+0x10/0x10
[   55.807294][ T4790]  file_tty_write+0x322/0x690
[   55.807336][ T4790]  ? __pfx_tty_write+0x10/0x10
[   55.807357][ T4790]  tty_write+0x25/0x30
[   55.807374][ T4790]  vfs_write+0x52a/0x960
[   55.807440][ T4790]  ksys_write+0xda/0x1a0
[   55.807548][ T4790]  __x64_sys_write+0x40/0x50
[   55.807573][ T4790]  x64_sys_call+0x2847/0x3000
[   55.807595][ T4790]  do_syscall_64+0xd8/0x2a0
[   55.807624][ T4790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.807662][ T4790] RIP: 0033:0x7f7beee1f749
[   55.807676][ T4790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.807690][ T4790] RSP: 002b:00007f7bed887038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   55.807771][ T4790] RAX: ffffffffffffffda RBX: 00007f7bef075fa0 RCX: 00007f7beee1f749
[   55.807782][ T4790] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 000000000000000a
[   55.807793][ T4790] RBP: 00007f7bed887090 R08: 0000000000000000 R09: 0000000000000000
[   55.807804][ T4790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.807815][ T4790] R13: 00007f7bef076038 R14: 00007f7bef075fa0 R15: 00007ffd6a6dbba8
[   55.807831][ T4790]  </TASK>
[   56.002178][ T4811] loop4: detected capacity change from 0 to 128
[   56.052376][ T4809] loop2: detected capacity change from 0 to 164
[   56.160938][ T4817] netlink: 28 bytes leftover after parsing attributes in process `syz.4.443'.
[   56.163510][ T4815] loop1: detected capacity change from 0 to 164
[   56.216035][ T4821] smc: net device bond0 applied user defined pnetid SYZ0
[   56.223721][ T4821] smc: net device bond0 erased user defined pnetid SYZ0
[   56.512638][ T4836] loop4: detected capacity change from 0 to 164
[   56.520125][ T4836] iso9660: Unknown parameter 'ioch_rset'
[   56.566326][ T4841] netlink: 'syz.3.452': attribute type 21 has an invalid length.
[   56.566342][ T4841] netlink: 128 bytes leftover after parsing attributes in process `syz.3.452'.
[   56.566420][ T4841] netlink: 'syz.3.452': attribute type 4 has an invalid length.
[   56.566430][ T4841] netlink: 'syz.3.452': attribute type 5 has an invalid length.
[   56.566441][ T4841] netlink: 3 bytes leftover after parsing attributes in process `syz.3.452'.
[   56.613261][ T4842] SELinux:  Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped).
[   57.117961][ T4852] EXT4-fs: Ignoring removed i_version option
[   57.129053][ T4852] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.350433][ T4858] EXT4-fs: Ignoring removed oldalloc option
[   57.356514][ T4858] EXT4-fs: Ignoring removed bh option
[   57.431643][ T4866] EXT4-fs: Ignoring removed orlov option
[   57.495164][ T4866] team0 (unregistering): Port device team_slave_0 removed
[   57.511176][ T4866] team0 (unregistering): Port device team_slave_1 removed
[   57.625445][   T29] kauditd_printk_skb: 240 callbacks suppressed
[   57.625459][   T29] audit: type=1326 audit(1764947448.922:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.668408][  T813] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   57.669304][   T29] audit: type=1326 audit(1764947448.950:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   57.706543][   T29] audit: type=1326 audit(1764947448.950:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   57.730025][   T29] audit: type=1326 audit(1764947448.950:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beee1f749 code=0x7ffc0000
[   57.730059][  T813] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1634 with error 28
[   57.753396][   T29] audit: type=1326 audit(1764947448.950:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.753421][   T29] audit: type=1326 audit(1764947448.950:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.765881][  T813] EXT4-fs (loop3): This should not happen!! Data will be lost
[   57.765881][  T813] 
[   57.789204][   T29] audit: type=1326 audit(1764947448.950:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.812452][  T813] EXT4-fs (loop3): Total free blocks count 0
[   57.822072][   T29] audit: type=1326 audit(1764947448.950:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.822109][   T29] audit: type=1326 audit(1764947448.950:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.845374][  T813] EXT4-fs (loop3): Free/Dirty block details
[   57.851310][   T29] audit: type=1326 audit(1764947448.950:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3deb34f749 code=0x7ffc0000
[   57.874575][  T813] EXT4-fs (loop3): free_blocks=2415919104
[   57.932785][  T813] EXT4-fs (loop3): dirty_blocks=1648
[   57.938060][  T813] EXT4-fs (loop3): Block reservation details
[   57.944088][  T813] EXT4-fs (loop3): i_reserved_data_blocks=103
[   57.956930][ T4889] netlink: 'syz.0.468': attribute type 39 has an invalid length.
[   58.090860][ T4899] EXT4-fs: Ignoring removed oldalloc option
[   58.096814][ T4899] EXT4-fs: Ignoring removed bh option
[   58.102674][ T1685] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   58.114861][ T1685] EXT4-fs (loop3): This should not happen!! Data will be lost
[   58.114861][ T1685] 
[   58.134138][ T4901] netlink: 'syz.2.473': attribute type 21 has an invalid length.
[   58.141875][ T4901] netlink: 128 bytes leftover after parsing attributes in process `syz.2.473'.
[   58.161676][ T4901] netlink: 'syz.2.473': attribute type 4 has an invalid length.
[   58.169373][ T4901] netlink: 'syz.2.473': attribute type 5 has an invalid length.
[   58.177085][ T4901] netlink: 3 bytes leftover after parsing attributes in process `syz.2.473'.
[   58.226683][ T4908] FAULT_INJECTION: forcing a failure.
[   58.226683][ T4908] name failslab, interval 1, probability 0, space 0, times 0
[   58.239348][ T4908] CPU: 0 UID: 0 PID: 4908 Comm: syz.1.475 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.239410][ T4908] Tainted: [W]=WARN
[   58.239414][ T4908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   58.239477][ T4908] Call Trace:
[   58.239481][ T4908]  <TASK>
[   58.239485][ T4908]  __dump_stack+0x1d/0x30
[   58.239499][ T4908]  dump_stack_lvl+0xe8/0x140
[   58.239512][ T4908]  dump_stack+0x15/0x1b
[   58.239522][ T4908]  should_fail_ex+0x265/0x280
[   58.239583][ T4908]  ? audit_log_d_path+0x8d/0x150
[   58.239613][ T4908]  should_failslab+0x8c/0xb0
[   58.239624][ T4908]  __kmalloc_cache_noprof+0x4c/0x4c0
[   58.239637][ T4908]  audit_log_d_path+0x8d/0x150
[   58.239720][ T4908]  audit_log_d_path_exe+0x42/0x70
[   58.239732][ T4908]  audit_log_task+0x1e9/0x250
[   58.239749][ T4908]  ? kstrtouint+0x76/0xc0
[   58.239812][ T4908]  audit_seccomp+0x61/0x100
[   58.239856][ T4908]  ? __seccomp_filter+0x832/0x1260
[   58.239871][ T4908]  __seccomp_filter+0x843/0x1260
[   58.239885][ T4908]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   58.239900][ T4908]  ? vfs_write+0x7e8/0x960
[   58.239989][ T4908]  ? __rcu_read_unlock+0x4f/0x70
[   58.240001][ T4908]  ? __fget_files+0x184/0x1c0
[   58.240039][ T4908]  __secure_computing+0x82/0x150
[   58.240123][ T4908]  syscall_trace_enter+0xcf/0x1e0
[   58.240137][ T4908]  do_syscall_64+0xb2/0x2a0
[   58.240152][ T4908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.240237][ T4908] RIP: 0033:0x7f3deb34f749
[   58.240252][ T4908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.240329][ T4908] RSP: 002b:00007f3de9daf038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f
[   58.240341][ T4908] RAX: ffffffffffffffda RBX: 00007f3deb5a5fa0 RCX: 00007f3deb34f749
[   58.240348][ T4908] RDX: 0000000000000000 RSI: 00000000fffffee1 RDI: 0000200000000140
[   58.240355][ T4908] RBP: 00007f3de9daf090 R08: 0000000000000000 R09: 0000000000000000
[   58.240362][ T4908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.240385][ T4908] R13: 00007f3deb5a6038 R14: 00007f3deb5a5fa0 R15: 00007ffd32915e88
[   58.240403][ T4908]  </TASK>
[   58.465505][ T4910] sctp: [Deprecated]: syz.4.474 (pid 4910) Use of struct sctp_assoc_value in delayed_ack socket option.
[   58.465505][ T4910] Use struct sctp_sack_info instead
[   58.636777][ T4918] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   58.651889][ T4918] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 912 with error 28
[   58.664628][ T4918] EXT4-fs (loop1): This should not happen!! Data will be lost
[   58.664628][ T4918] 
[   58.674487][ T4918] EXT4-fs (loop1): Total free blocks count 0
[   58.680521][ T4918] EXT4-fs (loop1): Free/Dirty block details
[   58.686406][ T4918] EXT4-fs (loop1): free_blocks=2415919104
[   58.692147][ T4918] EXT4-fs (loop1): dirty_blocks=912
[   58.697338][ T4918] EXT4-fs (loop1): Block reservation details
[   58.703362][ T4918] EXT4-fs (loop1): i_reserved_data_blocks=57
[   58.718786][ T4929] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #12: comm syz.1.478: corrupted in-inode xattr: e_value size too large
[   58.768348][ T4918] sd 0:0:1:0: device reset
[   58.810724][   T31] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[   58.823024][   T31] EXT4-fs (loop1): This should not happen!! Data will be lost
[   58.823024][   T31] 
[   58.877168][ T4936] netlink: 24 bytes leftover after parsing attributes in process `syz.3.476'.
[   58.928318][ T4938] EXT4-fs: Ignoring removed oldalloc option
[   58.934534][ T4938] EXT4-fs: Ignoring removed bh option
[   59.032135][ T4947] ext4: Unknown parameter 'nouser_xattr'
[   59.045756][ T4947] tap0: tun_chr_ioctl cmd 1074025675
[   59.051184][ T4947] tap0: persist disabled
[   59.074553][ T4947] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   59.098755][ T4947] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.123730][ T4960] netlink: 'syz.0.490': attribute type 3 has an invalid length.
[   59.131442][ T4960] netlink: 'syz.0.490': attribute type 2 has an invalid length.
[   59.139101][ T4960] netlink: 'syz.0.490': attribute type 2 has an invalid length.
[   59.250482][ T4971] set_capacity_and_notify: 10 callbacks suppressed
[   59.250545][ T4971] loop1: detected capacity change from 0 to 2048
[   59.353953][ T4984] netlink: 'syz.0.499': attribute type 21 has an invalid length.
[   59.361802][ T4984] netlink: 128 bytes leftover after parsing attributes in process `syz.0.499'.
[   59.379540][ T4984] netlink: 'syz.0.499': attribute type 4 has an invalid length.
[   59.387228][ T4984] netlink: 'syz.0.499': attribute type 5 has an invalid length.
[   59.394911][ T4984] netlink: 3 bytes leftover after parsing attributes in process `syz.0.499'.
[   59.407170][ T4971] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   59.416650][ T4988] loop4: detected capacity change from 0 to 512
[   59.424306][ T4971] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   59.440653][ T4971] EXT4-fs (loop1): This should not happen!! Data will be lost
[   59.440653][ T4971] 
[   59.450379][ T4971] EXT4-fs (loop1): Total free blocks count 0
[   59.456355][ T4971] EXT4-fs (loop1): Free/Dirty block details
[   59.462263][ T4971] EXT4-fs (loop1): free_blocks=2415919104
[   59.462985][ T4988] EXT4-fs: Ignoring removed orlov option
[   59.468070][ T4971] EXT4-fs (loop1): dirty_blocks=2080
[   59.468085][ T4971] EXT4-fs (loop1): Block reservation details
[   59.485000][ T4971] EXT4-fs (loop1): i_reserved_data_blocks=130
[   59.504776][ T4990] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #12: comm syz.1.495: corrupted in-inode xattr: e_value size too large
[   59.532607][ T4988] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.500: corrupted in-inode xattr: bad e_name length
[   59.560439][ T4988] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.500: couldn't read orphan inode 15 (err -117)
[   59.618488][ T4988] EXT4-fs (loop4): shut down requested (1)
[   59.619679][ T4999] loop3: detected capacity change from 0 to 512
[   59.630953][ T4988] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   59.645911][ T4999] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.504: iget: bad extra_isize 90 (inode size 256)
[   59.660272][ T4999] EXT4-fs (loop3): Remounting filesystem read-only
[   59.660779][  T813] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[   59.666863][ T4999] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30)
[   59.678946][  T813] EXT4-fs (loop1): This should not happen!! Data will be lost
[   59.678946][  T813] 
[   59.698048][ T4999] EXT4-fs (loop3): 1 orphan inode deleted
[   59.730245][ T5003] --map-set only usable from mangle table
[   59.742807][ T5005] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.781177][ T5005] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.793135][ T5009] loop1: detected capacity change from 0 to 512
[   59.801156][ T3010] ==================================================================
[   59.809237][ T3010] BUG: KCSAN: data-race in __filemap_add_folio / filemap_write_and_wait_range
[   59.818100][ T3010] 
[   59.818913][ T5009] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.508: inode has both inline data and extents flags
[   59.820409][ T3010] read-write to 0xffff8881004811f8 of 8 bytes by task 5009 on cpu 1:
[   59.820427][ T3010]  __filemap_add_folio+0x5b9/0x7d0
[   59.833651][ T5009] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.508: couldn't read orphan inode 15 (err -117)
[   59.841452][ T3010]  filemap_add_folio+0x1d9/0x360
[   59.841472][ T3010]  __filemap_get_folio+0x31e/0x650
[   59.841491][ T3010]  bdev_getblk+0x14d/0x3b0
[   59.841508][ T3010]  __ext4_sb_bread_gfp+0x44/0x170
[   59.841534][ T3010]  ext4_fill_super+0x496/0x37a0
[   59.882500][ T3010]  get_tree_bdev_flags+0x291/0x300
[   59.887604][ T3010]  get_tree_bdev+0x1f/0x30
[   59.892017][ T3010]  ext4_get_tree+0x1c/0x30
[   59.896422][ T3010]  vfs_get_tree+0x57/0x1d0
[   59.900827][ T3010]  do_new_mount+0x24d/0x6a0
[   59.905326][ T3010]  path_mount+0x4ab/0xb80
[   59.909646][ T3010]  __se_sys_mount+0x28c/0x2e0
[   59.914315][ T3010]  __x64_sys_mount+0x67/0x80
[   59.918895][ T3010]  x64_sys_call+0x2cca/0x3000
[   59.923562][ T3010]  do_syscall_64+0xd8/0x2a0
[   59.928054][ T3010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.933932][ T3010] 
[   59.936237][ T3010] read to 0xffff8881004811f8 of 8 bytes by task 3010 on cpu 0:
[   59.943759][ T3010]  filemap_write_and_wait_range+0x59/0x340
[   59.949559][ T3010]  bdev_release+0xeb/0x3d0
[   59.953957][ T3010]  blkdev_release+0x15/0x20
[   59.958442][ T3010]  __fput+0x29b/0x650
[   59.962409][ T3010]  fput_close_sync+0xad/0x190
[   59.967072][ T3010]  __x64_sys_close+0x56/0xf0
[   59.971650][ T3010]  x64_sys_call+0x2c25/0x3000
[   59.976313][ T3010]  do_syscall_64+0xd8/0x2a0
[   59.980804][ T3010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.986691][ T3010] 
[   59.988996][ T3010] value changed: 0x0000000000000000 -> 0x0000000000000001
[   59.996077][ T3010] 
[   59.998379][ T3010] Reported by Kernel Concurrency Sanitizer on:
[   60.004510][ T3010] CPU: 0 UID: 0 PID: 3010 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   60.015342][ T3010] Tainted: [W]=WARN
[   60.019127][ T3010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   60.029166][ T3010] ==================================================================
[   60.081366][ T5005] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.122476][ T5005] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.181522][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   60.192958][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   60.204319][   T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   60.216081][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.678429][ T5013] loop4: detected capacity change from 0 to 512
[   60.686639][ T5013] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   60.698791][ T5013] ext4 filesystem being mounted at /89/bus supports timestamps until 2038-01-19 (0x7fffffff)