last executing test programs:

1m30.386443537s ago: executing program 2 (id=783):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="a271", 0x2}], 0x1, 0x5412, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r1, &(0x7f0000000140)='./file1\x00', r1, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

1m30.315874482s ago: executing program 2 (id=784):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

1m30.315450632s ago: executing program 2 (id=788):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x759, &(0x7f0000000780)={[{@noload}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}, 0x0}, {@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0xf}}, {@i_version}, {@nobarrier}, {@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xb6a}}, {@data_err_ignore}], [], 0x2c}, 0x2, 0x4f9, &(0x7f0000000200)="$eJzs3ElvHFUeAPB/te04zjL2ZNYsM+mZzAgLRBw764FDgkDKBQkJhMLR2E4U4iQoNlISWcRBKEgcQPkELDckPgEnuCBAHEBcibgipAj5ksABFarqatN2ub2l7cbx7yd151XVq37v31Uv/ZZuB7BpVbOnJGJHRHwXEb21zbkZqrV/7s9Mjfw8MzWSRJo+91OS57s3MzVSz1o/b3ux0V+JqLyRxN5ysd0T165fGB4fH7tS7BiYrBSpi8Pnxs6NXRo6ceLI4Z7jx4aOtiTOrE739rx2ed/u0y/efmbkzO2Xvvgoq29aHG+Mo6Yvf96y7BI6SnuqUZ37Xjb4//KrviHsbEgnndlzpX2VYdmyuza7XF15+++Njnyrpjeefr2tlQPWVJqmaXdp7+xn2XTaKElqJ6TpzRR4CCTR7hoA7VH/oL83k41Up0bK4+CH291TkY+AsrjvF4/akc58BFvtq42Nutao/L9GxJnpX97NHrHgPAQAQGt9cipiW9HvqD9qRyrx94Z8fyrWhvoi4s8RsSsi/lL0X/4Wkef9R0T8s+GcHctYBajO2y73f77pKRKN3dWWyfp/TxRrW3P7f7M17+sotnbm8XclZ8+Pjx0q3pP+6OrOtgfLLz07rfbpU9++06z8akP/L3tk5df7gkU9fuycN0E3Ojw5/KBx1929mb+xN8rxJ9GZ1FMRuyNizypeP3vPzj/64b5mx+fEn8VZiv/t5i/euYoKzZO+H/FI7fpPx7z4o1j/S/L1yYuvDExcu/74+cb1ycHjx4aODmyN8bFDA/W7ouzLr289WyRLw4hFrn+9aazpQlp2/bcteP/Prlz2ZanZ9dqJlZdx686bTcc0q73/tyTP5+n6+uzV4cnJK4MRW5Lp8v6h38+9OtwzJ38Wf/+Bhdv/rohf3yvO2xsR2U38r4j4d0TsL+r+n4j4b0QcWCT+z5/838vNhpBLx7+2svhHV3T9myVOfhWx8KGOC599XCr4rWop/q5odv2P5Kn+Ys/o8OTWpeJarKaNiQd+AwEAAGAD2J/P0yaVg8VE046oVA4ejNg+O4MyMfnY2cuvXhqtzef2RVelPtPV2zAfOljMDWfb2VlDDdvZ8cP5vHGapmlPtp2N38d3tjd02PS2N2n/mR/KP2kBHjYrWkdr9os2YEOa3/7vLPvM1n8hA1hfLfgeDbBBaf+weS27/a/Vr+CAtlmo/d+IuN+GqgDrbKH2/0Jpz8l1qQuwvoz/YfNaffv3ZQDY6Hz+w6a0rB/JryKx6/QieZLOtSm0eaISi/8VgL6I+p56n2bxF/y+EtGaGna0NNKeOde0smCerdGKsqKyZJ7OFfwhhvVNVP4Y1agluiNiibt39ma7UU9cX+uK5Y3gg/b+7wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDgfgsAAP//RUTTKw==")
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)

1m30.169468324s ago: executing program 2 (id=796):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_io_uring_setup(0x5472, 0x0, 0x0, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, &(0x7f0000000040)=0x13e)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200454, &(0x7f0000000000), 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
writev(0xffffffffffffffff, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x803, 0x2000404)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x3, 0x0, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007c3000/0x1000)=nil, 0x1000)

1m29.950419542s ago: executing program 2 (id=810):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)

1m29.628837318s ago: executing program 2 (id=835):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @local}, @in={0x2, 0x4e21, @remote}], 0x20)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)

1m29.628667858s ago: executing program 32 (id=835):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @local}, @in={0x2, 0x4e21, @remote}], 0x20)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)

3.443276453s ago: executing program 3 (id=2502):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7f, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsmount(r4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
memfd_secret(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f089061bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)

2.892450418s ago: executing program 1 (id=2511):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ptrace$ARCH_GET_CPUID(0x1e, 0x0, 0x0, 0x1011)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rt_tgsigqueueinfo(0x0, 0x0, 0x30, &(0x7f0000000300)={0x3, 0x4, 0xe})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x44, r4, 0x1, 0x170bd2c, 0x8000, {0x34}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x73}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0xfffffffc}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000de00"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r8, 0x8, &(0x7f0000000040)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x62, 0x0, 0x0, 0xfffffffffffffdc3}, 0x77)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.530112617s ago: executing program 0 (id=2521):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES32=r3], 0x3c}}, 0x0)
close(r3)
socket$inet(0x2, 0x4, 0x9)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x8000f28, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r6, 0x70e78000)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000640)={r6, 0x20, &(0x7f0000000280)={&(0x7f0000000400)=""/179, 0xb3, 0x0, &(0x7f0000000580)=""/150, 0x96}}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="dfbf00000000000000006700000008000300", @ANYRES32=r4, @ANYBLOB="0800c300741300000800c4"], 0x30}, 0x1, 0x0, 0x0, 0x240408c3}, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
sendmmsg$inet(r8, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}}], 0x1, 0x44000840)
r9 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'xfrm0\x00', <r11=>0x0})
sendto$packet(r9, &(0x7f0000000080)="33031600d1fd", 0x6, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r11, 0x1, 0x62}, 0x14)

1.516423028s ago: executing program 5 (id=2522):
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
pwrite64(r2, 0x0, 0x0, 0xfecc)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0', [{0x20, ')('}, {}, {0x20, '\\(\xf1^)@'}, {}, {0x20, '\x0e;\xd43\x8c\x8f\x7f\xcan\xb0\xdbJ\x02\x94\x9d\xf4Q\xd6\xae\xd9\xd9\xe1e\x95\xe3r.\xd1uq\xac\xebN\xb2?`\x89\x887\x053K\xc3W_\xeb\x96\x16Y\xd3q\xc98\xe7*v\xc4\x8f\xde\v\xd47\xa9\xcd\xbd\x83]<\x12\x1f\xa7\xa2\x97+\xe6!\xec\x91A\xef\xc6\xf9\x1a\x1a\x96w?\xbeC\xa2`\xa8\xee\xd7\x1e\xf6\xa1\x83M\x11^\x8a^\x03\xc6\\Rd\xfb\xaap\xde\xc6\xb9S\xa7O\xa0\n\xae\x94(s\x8e?\x95\x06T\xb7\xf9\an\x85\x89\xa9\xc4\xca\x16\x13\xbd\xcc\x12\x83\x0f\xeb\x1fb\xe6\xebI\x87\xa4Ar\xaa\b\x94\x9ej\xf8o`\x01Dj\xe0DH9\x12a\xe5\x9f\xe5@K;\xf5It$\xd5\xdc\x7f\xb09\xfd\xee\n\xdd\x1c\xa5(\xba\xee\x06\xacf\r\x87\xf6\xd2\xec#\f\x05\xa3\xf9\x14\xa4\xec\'\x03\xf4\xae\xa4\xeeF{w\xee/2\xa3\xea\xeb\xda\xe1\x04\xc0\xe3\x9ef\xd6\t\xab'}, {0x20, '+{-,-'}, {0x20, '#! '}, {0x20, '\xdd$^%\xe4{'}, {0x20, '#! '}]}, 0x119)
fallocate(r1, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

1.418985216s ago: executing program 0 (id=2523):
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000680)=ANY=[@ANYBLOB="0200000002000000000000000400060000000000100001000000000020"], 0x24, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca0200000000000000adcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d070490893616810a121ff4feedd1d176b313b9fc7bf31ddff431a4a50760ce18a76c4b7aa73cec3eec984c76d16f798c436410f3f4a41715e736a132c3cb9421be0b3c2bd40b75896c007fa2d47e3d8392d905d582b8eff689b0f493770c91e8c2e8bd0b08ffa4fd0289b04b0ea024768d196ef721314d68d29988b01871c6ea39f95a0b77744caadd24867acab274e8e4bf3fb44df31e15ffdce52f9f60ffe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)={@cgroup=r0, r1, 0x2f, 0x18, 0x4}, 0x20)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0x9, &(0x7f0000000d80)={0x3, 0x1c88000000}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3, 0x0, 0x3}, 0x18)
io_setup(0xffff, &(0x7f0000001080))
r4 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_RESETEP(r4, 0x80045503, &(0x7f0000000040)={0x1, 0x1})
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x8010, r4, 0x9a6af000)
r5 = gettid()
syz_open_procfs(r5, &(0x7f0000000240)='net/ptype\x00')
ioctl$KDGKBSENT(r2, 0x5602, &(0x7f0000000000)={0x0, "96d3e9659db3f50cb3c4e683f4fae026a3b284dd56630882be4bc0f34042227a71f06b95d73e34c8ecf3325e43f75f16f13d8905d3bdce627dc6ae0b14840f4c8bebc40872293c61ddd293631a22c6d5c8c9b16b987f4326874ddc5e2610c5505cea115e51bf6feb3e93cf89b8f44394fa2ac7f6cf757a9416c7545c5e5caa34450f0397d179f2225b57f644ce8ad31b15547b9364daef8e784f2036a75c3c5cfd124cdd424a558ea90d054d36c0d1d0db92e5e7f668dadcbfaed92c7cf3204be0c4904d308feba3447d7f41a58bc2fd4682e306a592696e4de9427d87c008d3e172cf162cc35f00915fe9fc9ea84e28838940e4bb2fda4c55a34abdf6db63d547c91a17211a1ce43a2933f8227e8b6767ab70bc9223e62a2d3ad9b13f74e2000961e62eaea005088d6d74a19eb0c56ce314323143fcfe27e410e10bd21a2140783385bdb1a7d33038427e336829ccfb63c04e537ca51ddae5fdf29505fca04fc4b2a13d6dad7db2eace60e9589712719a49a2d2d44587465037851b1fe93a0ed46822294671098fd53e79fe428bf6ae3846299ab1d238ad07be6cc01b5fcaacfce829c209e67d5548a38b637f3b44905b8be24dfba30e1b6d074b43e53fcded14a4190a585949baa43fef6c70ce7b1612299d734c07feed23252886a1317358cf5ecaf0186d2dbdb3eab8a9c3c21d4828ef8a9dd89207f2884a57679fcd495a"})

1.327280063s ago: executing program 5 (id=2525):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757811"], 0x65)

1.324771563s ago: executing program 1 (id=2526):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003500)=[{{&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000008c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x41}, @loopback}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000002d00)=[@ip_retopts={{0x10}}], 0x10}}], 0x2, 0x44004)

1.228415161s ago: executing program 0 (id=2527):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x7fffffff, 0x43, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x4001, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='devpts\x00', 0x1010401, 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r5, &(0x7f0000000100)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x6100, 0x4, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r6 = syz_open_pts(r5, 0x8182)
r7 = dup3(r6, r5, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x17)
write$RDMA_USER_CM_CMD_NOTIFY(r7, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYRES8=r0, @ANYBLOB="51977dc2970711b94d209279ad2d97e662e680cc65254b2f5c25ef630e891a52c1a365c0952ea101a95efefd8377f2ed1c5a5dc3e6893fb6670c0e19512ffec8b5debdb467f48a5488aa6d4c429ae228752ae5c560c5150c8b27e3e1be4a13afd719d1d1ef664229c545e872b098c0b7b2459e0a980073a55b346c84da1e129a4a13e99813f4a2509b58a848210a1081caae95b4d124cca73c8bee6c51393cc9d71367e79f7d865f1325c8877ab23b001279c3386878836ab7a1acd876a8fce9f0b811974f0f1f02e7"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x1b, 0x2000000000000125, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000001b0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x4, 0xc, &(0x7f0000001040)=ANY=[], &(0x7f0000001000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
unshare(0x40020000)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'lo\x00'})
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001040)=ANY=[@ANYBLOB="3400000014000b034753f4004f8a8d770a281000", @ANYRES8=r8, @ANYRESHEX=r9], 0x34}}, 0x4011)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100)={0x3ff8, 0x0, 0x0, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)

1.228096001s ago: executing program 1 (id=2528):
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000000200))
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x50, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{0x1ff, 0x4, 0x0, 0x0, 0xfffffffd, 0x8}, [@TCA_NETEM_LOSS={0x4}]}}}]}, 0x50}}, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf250301f2", @ANYRES32=r2, @ANYRES32, @ANYRES16=r3, @ANYRESOCT], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.12653346s ago: executing program 1 (id=2530):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {0x0, 0xfff1}, {0xfff2, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK={0x6}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r6=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000010010000000ffdbdf2500000000", @ANYRES32=r6, @ANYBLOB="20000000280e0400280012800b0001006d61637365630000180002800500030008"], 0x48}, 0x1, 0x0, 0x0, 0x24008001}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200010, &(0x7f0000000240)={[{@resgid}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@discard}, {@noauto_da_alloc}, {@i_version}]}, 0x3, 0x582, &(0x7f0000000c40)="$eJzs3V9rW+UfAPDvSdP9//3awRjqhRR24WQuXVv/TBA2L0WHA72foc3KaLqMJh1rHWy7cCDeyBBEHIgvwHsvhy9AX8VAB0NG0Qu9iJz0ZItN07Rd1nTm84GzPM85J3meJ895nn3Pn9AABtZY+k8u4sWI+DKJGGnZlo9s49jqfiuPrk+nSxL1+ke/J5Fk65r7J9nrwSzzQkT89FnEiVx7udWl5bliuVxayPLjtfkr49Wl5ZOX5ouzpdnS5cmpqdNvTE2+/dabPWvrq+f//ObDe++d/uLYytc/PDh8J4mzcSjb1tqOp3CzNTMWY9l3Mhxn1+w40YPCdpOk3xVgW4aycT4c6RwwEkNRH+l3nYCdcSMi6sCASox/GFDNOKB5bt+j8+DnxsN3V0+A2tufX702Evsa50YHVpLsesiq9Hx3tAflp2X8+NvdO+kSXa5D3OhBeQBNN29FxKl8vn3+S7L5b/tONS4eb2xtGYP2/w/00700/nltvfgn9zj+iXXin4PrjN3t6D7+cw96UExHafz3zrrx7+Opa3Qoy/2vEfMNJxcvlUunIuL/EXE8hvem+Y3u55xeuV/vtK01/kuXtPxmLJjV40F+77/fM1OsFZ+mza0e3op46Un8m0Tb/L+vEeuu7f/0+zifJn7+vGsZR0t3X+60rXv7W/U+Aq5/H/HKuv3/5I5WsvH9yfHG8TDePCra/XH76C+dyt9a+3sv7f8DG7d/NGm9X1vdehnf7fur1Gnbdo//PcnHjfSebN21Yq228HfEnuSD9vWTT97bzDdeJ1bbf/zYxvPfesf//oj4ZJPtv33kdsddd0P/z2yp/7eeuP/+p992Kn9z/f96I3U8W7OZ+W+zFXya7w4AAAAAAAB2m1xEHIokV3iczuUKhdXnO47EgVy5Uq2duFhZvDwTjd/KjsZwrnmne6TleYiJ7HnYZn5yTX4qIg5HxFdD+xv5wnSlPNPvxgMAAAAAAAAAAAAAAAAAAMAucbDD7/9Tvw71u3bAM5dfu2Jvf+oB7Ly28b9WL/7SE7ArdR3/wH+W8Q+Dy/iHwWX8w+Ay/mFwGf8wuIx/GFzGPwAAAAAAAAAAAAAAAAAAAAAAAAAAAPTU+XPn0qW+8uj6dJqfubq0OFe5enKmVJ0rzC9OF6YrC1cKs5XKbLlUmK7Md/u8cqVyZWIyFq+N10rV2nh1afnCfGXxcu3CpfnibOlCaXhHWgUAAAAAAAAAAAAAAAAAAADPl+rS8lyxXC4tSHRMnIldUY1tJ5JuvXwmOxi29MmRJfL9b6DEM0i0zhK5/kxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJD5JwAA//+pkTaQ")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x9, 0x0, 0x1, 0x5, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c000000100005ff0000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a0063"], 0x3c}}, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r8, 0x20, 0x0, 0x8000)
r9 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000001c0)='cpu&08\n&\fl\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000095000000000000003dbdd97de99e60a0d40167cb0329ae"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
unshare(0x20000400)
pwrite64(r11, &(0x7f0000000100)="360612d05ebdd2557f56b8c301a6a46968df2443db83387055", 0x19, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r12}, 0x18)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000000040)={&(0x7f00000000c0)=@newsa={0x150, 0x10, 0x413, 0x0, 0x0, {{@in=@multicast1, @in6=@empty, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4d4, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x20000000008}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0xa, 0x1, 0x1}, [@algo_aead={0x60, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0xa0, 0x80, "bed40c8022674b0ecf0153d786cfc67c1aa8a9bb"}}]}, 0x150}}, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})

1.023882718s ago: executing program 5 (id=2531):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {0x0, 0xfff1}, {0xfff2, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT_MASK={0x6}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r6=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000010010000000ffdbdf2500000000", @ANYRES32=r6, @ANYBLOB="20000000280e0400280012800b0001006d61637365630000180002800500030008"], 0x48}, 0x1, 0x0, 0x0, 0x24008001}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200010, &(0x7f0000000240)={[{@resgid}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@discard}, {@noauto_da_alloc}, {@i_version}]}, 0x3, 0x582, &(0x7f0000000c40)="$eJzs3V9rW+UfAPDvSdP9//3awRjqhRR24WQuXVv/TBA2L0WHA72foc3KaLqMJh1rHWy7cCDeyBBEHIgvwHsvhy9AX8VAB0NG0Qu9iJz0ZItN07Rd1nTm84GzPM85J3meJ895nn3Pn9AABtZY+k8u4sWI+DKJGGnZlo9s49jqfiuPrk+nSxL1+ke/J5Fk65r7J9nrwSzzQkT89FnEiVx7udWl5bliuVxayPLjtfkr49Wl5ZOX5ouzpdnS5cmpqdNvTE2+/dabPWvrq+f//ObDe++d/uLYytc/PDh8J4mzcSjb1tqOp3CzNTMWY9l3Mhxn1+w40YPCdpOk3xVgW4aycT4c6RwwEkNRH+l3nYCdcSMi6sCASox/GFDNOKB5bt+j8+DnxsN3V0+A2tufX702Evsa50YHVpLsesiq9Hx3tAflp2X8+NvdO+kSXa5D3OhBeQBNN29FxKl8vn3+S7L5b/tONS4eb2xtGYP2/w/00700/nltvfgn9zj+iXXin4PrjN3t6D7+cw96UExHafz3zrrx7+Opa3Qoy/2vEfMNJxcvlUunIuL/EXE8hvem+Y3u55xeuV/vtK01/kuXtPxmLJjV40F+77/fM1OsFZ+mza0e3op46Un8m0Tb/L+vEeuu7f/0+zifJn7+vGsZR0t3X+60rXv7W/U+Aq5/H/HKuv3/5I5WsvH9yfHG8TDePCra/XH76C+dyt9a+3sv7f8DG7d/NGm9X1vdehnf7fur1Gnbdo//PcnHjfSebN21Yq228HfEnuSD9vWTT97bzDdeJ1bbf/zYxvPfesf//oj4ZJPtv33kdsddd0P/z2yp/7eeuP/+p992Kn9z/f96I3U8W7OZ+W+zFXya7w4AAAAAAAB2m1xEHIokV3iczuUKhdXnO47EgVy5Uq2duFhZvDwTjd/KjsZwrnmne6TleYiJ7HnYZn5yTX4qIg5HxFdD+xv5wnSlPNPvxgMAAAAAAAAAAAAAAAAAAMAucbDD7/9Tvw71u3bAM5dfu2Jvf+oB7Ly28b9WL/7SE7ArdR3/wH+W8Q+Dy/iHwWX8w+Ay/mFwGf8wuIx/GFzGPwAAAAAAAAAAAAAAAAAAAAAAAAAAAPTU+XPn0qW+8uj6dJqfubq0OFe5enKmVJ0rzC9OF6YrC1cKs5XKbLlUmK7Md/u8cqVyZWIyFq+N10rV2nh1afnCfGXxcu3CpfnibOlCaXhHWgUAAAAAAAAAAAAAAAAAAADPl+rS8lyxXC4tSHRMnIldUY1tJ5JuvXwmOxi29MmRJfL9b6DEM0i0zhK5/kxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJD5JwAA//+pkTaQ")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x9, 0x0, 0x1, 0x5, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c000000100005ff0000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a0063"], 0x3c}}, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r8, 0x20, 0x0, 0x8000)
r9 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000001c0)='cpu&08\n&\fl\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000095000000000000003dbdd97de99e60a0d40167cb0329ae"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
unshare(0x20000400)
pwrite64(r11, &(0x7f0000000100)="360612d05ebdd2557f56b8c301a6a46968df2443db83387055", 0x19, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r12}, 0x18)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newsa={0x150, 0x10, 0x413, 0x0, 0x0, {{@in=@multicast1, @in6=@empty, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4d4, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x20000000008}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0xa, 0x1, 0x1}, [@algo_aead={0x60, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0xa0, 0x80, "bed40c8022674b0ecf0153d786cfc67c1aa8a9bb"}}]}, 0x150}}, 0x0) (fail_nth: 4)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})

900.936407ms ago: executing program 3 (id=2533):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES32=r3], 0x3c}}, 0x0)
close(r3)
socket$inet(0x2, 0x4, 0x9)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x8000f28, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r6, 0x70e78000)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000640)={r6, 0x20, &(0x7f0000000280)={&(0x7f0000000400)=""/179, 0xb3, 0x0, &(0x7f0000000580)=""/150, 0x96}}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="dfbf00000000000000006700000008000300", @ANYRES32=r4, @ANYBLOB="0800c300741300000800c4"], 0x30}, 0x1, 0x0, 0x0, 0x240408c3}, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
sendmmsg$inet(r8, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}}], 0x1, 0x44000840)
r9 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'xfrm0\x00', <r11=>0x0})
sendto$packet(r9, &(0x7f0000000080)="33031600d1fd", 0x6, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r11, 0x1, 0x62}, 0x14)

823.896024ms ago: executing program 3 (id=2535):
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x2, 0x0, 0x49e, 0x12800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0xc8101339d8526c63}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x4)
capset(&(0x7f0000000200)={0x19980330}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad01409bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e26cff13274e729c516bc3933538afa8af9", 0x89}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0, 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000940)='sys_enter\x00', r2}, 0x18)
syncfs(r0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x8, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69, 0x1, @perf_config_ext={0xf60, 0x40ffffffff}, 0x3008, 0x5, 0x10, 0x5, 0x10000000, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="300000006800010003001000fdffff7f00000000000000000c0002000100000015abd3040b0002"], 0x30}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r5 = semget$private(0x0, 0x6, 0x3b1)
semtimedop(r5, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095", @ANYRESOCT=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r8, 0x0, r10, 0x0, 0x8000f28, 0x0)
splice(r9, 0x0, r8, 0x0, 0x7f, 0xe)
write(r7, 0x0, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x0, &(0x7f0000000200), 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x7f, 0x2, 0x800, 0x59})
prctl$PR_CAPBSET_DROP(0x18, 0x5)
semop(r5, &(0x7f0000000180)=[{}], 0x1)

374.18792ms ago: executing program 0 (id=2536):
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
pwrite64(r2, &(0x7f0000000140), 0x0, 0xfecc)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0', [{0x20, ')('}, {}, {0x20, '\\(\xf1^)@'}, {}, {0x20, '\x0e;\xd43\x8c\x8f\x7f\xcan\xb0\xdbJ\x02\x94\x9d\xf4Q\xd6\xae\xd9\xd9\xe1e\x95\xe3r.\xd1uq\xac\xebN\xb2?`\x89\x887\x053K\xc3W_\xeb\x96\x16Y\xd3q\xc98\xe7*v\xc4\x8f\xde\v\xd47\xa9\xcd\xbd\x83]<\x12\x1f\xa7\xa2\x97+\xe6!\xec\x91A\xef\xc6\xf9\x1a\x1a\x96w?\xbeC\xa2`\xa8\xee\xd7\x1e\xf6\xa1\x83M\x11^\x8a^\x03\xc6\\Rd\xfb\xaap\xde\xc6\xb9S\xa7O\xa0\n\xae\x94(s\x8e?\x95\x06T\xb7\xf9\an\x85\x89\xa9\xc4\xca\x16\x13\xbd\xcc\x12\x83\x0f\xeb\x1fb\xe6\xebI\x87\xa4Ar\xaa\b\x94\x9ej\xf8o`\x01Dj\xe0DH9\x12a\xe5\x9f\xe5@K;\xf5It$\xd5\xdc\x7f\xb09\xfd\xee\n\xdd\x1c\xa5(\xba\xee\x06\xacf\r\x87\xf6\xd2\xec#\f\x05\xa3\xf9\x14\xa4\xec\'\x03\xf4\xae\xa4\xeeF{w\xee/2\xa3\xea\xeb\xda\xe1\x04\xc0\xe3\x9ef\xd6\t\xab'}, {0x20, '+{-,-'}, {0x20, '#! '}, {0x20, '\xdd$^%\xe4{'}, {0x20, '#! '}]}, 0x119)
fallocate(r1, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

373.93902ms ago: executing program 4 (id=2537):
futex(&(0x7f0000000440)=0x2, 0x8b, 0x2, &(0x7f0000000480), 0x0, 0x1)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000280)=ANY=[@ANYRES32=0x0, @ANYBLOB="b9835998a0bc2c942a2c8c98672df407c7e3734de0258e94a6846655aeb1b8eafea978c8bf42a8deef60bc9ef4357025a2fb42ec36bf29642fbfa5b61a81bac3cea3fb459bbaa1aaaaf0655d4c3bb6f92ae64889246c7d2e783d57afcb1374499cc5720879e785ea6b3ac85bf1c9b1089d69bf0e899d9906510122eea1ebe15707bfe3c922a96b317eb87b90d99f29ac7f8e7cfcbfa988cd0dde6705eda7db8cc93188b57a0defea41e7e90daf5bffb81ee931a9c86127f776357a98c450ce724ad8a619", @ANYRES32=0x0, @ANYRESOCT], 0x1, 0x375, &(0x7f0000000700)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aUhJf3w/0OZJ3veZed9MEp43MJOD9776uFn3zLrVkayhkhEReSJSlqwkMtFNXlLsyctX/nz8/M3bd96uVKvXtlSvV269sqmqq2s/fPJZMe72qCD75Q8OxPht/+n9Zw/+u/VRw9OGp612Ry292/61Y911bN1ueE1T9YZjW56tjZZnu1F7O2qvO+2dnZ5are2rKzuu7XlqtXratHvaaWvH7an1odVoqWmaenUlbbgXmDFDTu3+1pZVmXGH92bMw7z94/v+Mc2uW7GWRMzikZba/VMdFwAAOJNG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/x+88FPnyrsPV+P6/1E+rf5/9Zcof6j+D/Y+9/r/u5H7Ryuic2/3JJ0H6v94kbeX1u244hKLtjb8jvz98GDGgvo/eDf0V/RfvP9gPQyo/wEAAAAAAAAAAAAAAAAAAAAAOA+e+H7J9/1Scpv8HZ5CEN9P7nEuyIUy7vgX4isK9F8PuJBu3r4jRnjiXm5VxPmyW+vWotu4Pem4LiX5N3w9xKILTkTni2mgLD86u93acpywFP6viKg4YsuGlKQ8lB/G19+qXtvQSJQf7n+3W8vkVoL8ujTC/E0pyVPp+Zup+Xl56cWBfFNK8vM9aYsj2/HnWJL/+Ybqm+9UR/KLYb80r5/uIQEAAAAAYO5MVSNePpeH17/R+t00VdPag7W8DK7Pj34/0F9fr6euz3Ol53KLnTsAAAAAAJeFl/+0aTmO7Xq9sUFRJvUpxFsbacrJhC0HQW6KPkPB4zBYPq7P0sAMp91yPv4FjWmH4Xo9mXrMSfBXQVKfzOQSrkNNRvqzOmWQzH+KzsZJD4HrZU8+d9v11oLx6EzTGQiSr43G9ZEbs255XJBcOXdS52e+/vbv2XaRia/aO9j02kNjwkzDIDPyyN6EF+0fvj9xPMvpnxbfz/IjMwAAAADOiKToL3rJI28sdkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxCc71M2phg0XMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzor/AwAA//+A2/cw")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xa3}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000004c000000090a01040000000000000000070000000900020073797a31000000000900010073797a3000000000080005400000001c08000a4000000000080003400000004008"], 0xdc}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, <r4=>0xffffffffffffffff, {0x29}}, './file0\x00'})
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={r4, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000a80), &(0x7f0000000ac0)=[0x0, 0x0], 0x0, 0x4000002f, &(0x7f0000000b00)=[{}], 0x8, 0x10, &(0x7f0000000b40), 0x0, 0x0, 0xbb, 0x8, 0x8, &(0x7f0000000bc0)}}, 0x10)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x64, 0x6, 0x7, 0x7cd}]})
fremovexattr(r6, &(0x7f0000002300)=@known='system.posix_acl_default\x00')
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

299.501086ms ago: executing program 4 (id=2538):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x401, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13101}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x100000}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}]}, 0x4c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = gettid()
ptrace$peeksig(0x4209, r3, &(0x7f00000000c0)={0x521b, 0x0, 0x9}, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}, {}])
r4 = socket$kcm(0xa, 0x5, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x100000d, 0x10010, r1, 0x56c31000) (async)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x100000d, 0x10010, r1, 0x56c31000)
sendmsg$kcm(r4, &(0x7f0000000600)={&(0x7f0000000100)=@in={0x2, 0x4e21, @remote}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000080)="be", 0x1}], 0x1, &(0x7f0000000040)=[{0x18, 0x84, 0x0, 'r'}], 0x18}, 0x41)

296.078436ms ago: executing program 0 (id=2539):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b000000000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000040000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000feffffff00000000000004008500000036000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010400000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000040)='trans=rdma,')

283.225788ms ago: executing program 3 (id=2540):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x50}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
io_setup(0x2, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r3, 0x11, 0x1, &(0x7f0000000040)=0x6, 0x4)
sendmmsg$inet6(r3, &(0x7f0000000740)=[{{&(0x7f0000000100)={0x2, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x20000001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0xe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x97a3}, 0x18)
r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r7, 0xfffffffffffffffe, r7, 0x1)
msgsnd(0x0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
unshare(0x2000000)

227.396021ms ago: executing program 5 (id=2541):
symlink(0x0, &(0x7f00000017c0)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0', [{0x20, ')('}, {}, {0x20, '\\(\xf1^)@'}, {}, {0x20, '\x0e;\xd43\x8c\x8f\x7f\xcan\xb0\xdbJ\x02\x94\x9d\xf4Q\xd6\xae\xd9\xd9\xe1e\x95\xe3r.\xd1uq\xac\xebN\xb2?`\x89\x887\x053K\xc3W_\xeb\x96\x16Y\xd3q\xc98\xe7*v\xc4\x8f\xde\v\xd47\xa9\xcd\xbd\x83]<\x12\x1f\xa7\xa2\x97+\xe6!\xec\x91A\xef\xc6\xf9\x1a\x1a\x96w?\xbeC\xa2`\xa8\xee\xd7\x1e\xf6\xa1\x83M\x11^\x8a^\x03\xc6\\Rd\xfb\xaap\xde\xc6\xb9S\xa7O\xa0\n\xae\x94(s\x8e?\x95\x06T\xb7\xf9\an\x85\x89\xa9\xc4\xca\x16\x13\xbd\xcc\x12\x83\x0f\xeb\x1fb\xe6\xebI\x87\xa4Ar\xaa\b\x94\x9ej\xf8o`\x01Dj\xe0DH9\x12a\xe5\x9f\xe5@K;\xf5It$\xd5\xdc\x7f\xb09\xfd\xee\n\xdd\x1c\xa5(\xba\xee\x06\xacf\r\x87\xf6\xd2\xec#\f\x05\xa3\xf9\x14\xa4\xec\'\x03\xf4\xae\xa4\xeeF{w\xee/2\xa3\xea\xeb\xda\xe1\x04\xc0\xe3\x9ef\xd6\t\xab'}, {0x20, '+{-,-'}, {0x20, '#! '}, {0x20, '\xdd$^%\xe4{'}, {0x20, '#! '}]}, 0x119)
fallocate(r1, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

225.343392ms ago: executing program 0 (id=2542):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000600)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000340)={0x3, 0x2, 0x8, 0x3, 0x3ff})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYBLOB="f7b78da7d50f3b0c164f19c9c3ebfd4cd3dde6e20c4d93828bc5d10bfe5830c67a658704c81851b5f3537928ab72edc64be926e0f02d3309f832a7ed345e31bc31b395cb706dc674b290627afb0564a276f20575e3737f41ab2a19acc6d01a9013673c99ea2f778e8db839b86ec6ff69e513584f9e83648a59ce839be7bcbf23ef72542a5d99e725be8ca01b96df7650a6ec389f47979c576e71effaf57ea711855f2ab61e0c2339c731bd387052577a5635b6d64360870ad5a2798671bbbcc8780542fbd1", @ANYBLOB="0000000000008da4b70800000400396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x82000000, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r4, 0x0, 0xfffffffffffffbff}, 0x18)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
dup3(r5, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@max_batch_time={'max_batch_time', 0x3d, 0x131}}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x437, &(0x7f0000000d80)="$eJzs281vG0UbAPBn7aR9+/UmVOWjaYFAQUR8JE1aSg9cikDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTRzHdhPHiQP+/aRtZ3bHmnm8M/bMThxAzxpO/0kiDkbEbxExUM2uLTBc/e/u8uLUX8uLU0mUy2/+mVTK3VlenMqL5q87kGf6IgqfJnGsQb3z165fmiyVZq5m+bGFy++NzV+7/tzs5cmLMxdnrkycPXv61PgLZyae70icaVx3hj6cO3701bdvvj51/uY7P32T5PHXxdGmvrr8cKvCT5bLW6xudzlUk07q3wl2rWLWcfsr438gijXdeCBe+aSrjQO2VblcLj/Q/PJSGfgPS6LbLQC6I/+iT9e/+bFDU49d4fa56gIojftudlSv9EUhK9Nft77tpOGIOL/095fpEZ15DgEA0NJ36fzn2Ubzv0LUPhf6f7aHMhgR90XE4Yg4ExFHIuL+iErZByPioU3WX79Jsn7+U7jVVmAblM7/Xsz2ttbO//LZXwwWs9yhSvz9yYXZ0szJ7D0Zif69aX68RR3fv/zr582u1c7/0iOtP58LZu241bd37WumJxcmtxJzrdsfRwz1NYo/WdkJSCLiaEQMtVnH7NNfH2927d7xt9CBfabyVxFPVe//UtTFn0ta70+O/S9KMyfH8l6x3s+/3HijWf1bir8D0vu/v2H/X4l/MKndr53ffB03fv+s6Zqm3f6/J3lrzbkPJhcWro5H7Eleqza69vxEXbmJ1fJp/CMnGo//w7H6ThyLiLQTPxwRj0TEo1nbH4uIxyPiRIv4f3zpiXfbj397pfFPb+r+ryb2RP2ZxonipR++XVPp4GbiT+//6UpqJDuzkc+/jbSrvd4MAAAA/z6FiDgYSWF0JV0ojI5W/4b/SOwvlObmF565MPf+lenqbwQGo7+QP+kaqHkeOp4t6/P8RF3+VPbc+Ivivkp+dGquNN3t4KHHHWgy/lN/FLvdOmDb+b0W9C7jH3qX8Q+9y/iH3tVg/O/rRjuAndfo+/+jLrQD2Hl149+2H/QQ63/oXQ3G/7lutAPYeb7/oSfN74t7/0heQmJdIgq7ohkS25To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wTAAD//+e45xo=")
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
keyctl$restrict_keyring(0xb, 0xfffffffffffffffc, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r7, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmmsg(r9, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r8, r7, 0x0, 0x578410eb)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})

224.170142ms ago: executing program 4 (id=2543):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x81)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x38}}, 0x0)

159.441897ms ago: executing program 3 (id=2544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
write$binfmt_script(r3, &(0x7f0000000200)={'#! ', './file0', [{0x20, ')('}, {}, {0x20, '\\(\xf1^)@'}, {}, {0x20, '\x0e;\xd43\x8c\x8f\x7f\xcan\xb0\xdbJ\x02\x94\x9d\xf4Q\xd6\xae\xd9\xd9\xe1e\x95\xe3r.\xd1uq\xac\xebN\xb2?`\x89\x887\x053K\xc3W_\xeb\x96\x16Y\xd3q\xc98\xe7*v\xc4\x8f\xde\v\xd47\xa9\xcd\xbd\x83]<\x12\x1f\xa7\xa2\x97+\xe6!\xec\x91A\xef\xc6\xf9\x1a\x1a\x96w?\xbeC\xa2`\xa8\xee\xd7\x1e\xf6\xa1\x83M\x11^\x8a^\x03\xc6\\Rd\xfb\xaap\xde\xc6\xb9S\xa7O\xa0\n\xae\x94(s\x8e?\x95\x06T\xb7\xf9\an\x85\x89\xa9\xc4\xca\x16\x13\xbd\xcc\x12\x83\x0f\xeb\x1fb\xe6\xebI\x87\xa4Ar\xaa\b\x94\x9ej\xf8o`\x01Dj\xe0DH9\x12a\xe5\x9f\xe5@K;\xf5It$\xd5\xdc\x7f\xb09\xfd\xee\n\xdd\x1c\xa5(\xba\xee\x06\xacf\r\x87\xf6\xd2\xec#\f\x05\xa3\xf9\x14\xa4\xec\'\x03\xf4\xae\xa4\xeeF{w\xee/2\xa3\xea\xeb\xda\xe1\x04\xc0\xe3\x9ef\xd6\t\xab'}, {0x20, '+{-,-'}, {0x20, '#! '}, {0x20, '\xdd$^%\xe4{'}, {0x20, '#! '}]}, 0x119)
fallocate(r2, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

159.069947ms ago: executing program 4 (id=2545):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1410aa"], 0x38}}, 0x0)

136.737399ms ago: executing program 4 (id=2546):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
open(&(0x7f00000003c0)='.\x00', 0x101080, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

134.238269ms ago: executing program 1 (id=2547):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0x6, 0x2, @scatter={0x1, 0xfffffff, &(0x7f0000000040)=[{&(0x7f0000000580)=""/226, 0x95}]}, &(0x7f00000000c0)="ff33501ef663", 0x0, 0x840804, 0x10032, 0x1000, 0x0})

66.552444ms ago: executing program 5 (id=2548):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0xffd0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200), 0x13f, 0x6}}, 0x20)
close(r0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r5, @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095", @ANYBLOB="2676369985d4215d6ad835594d3a45", @ANYRES64=r6, @ANYRES8=r0, @ANYRESOCT=r5], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0xfffffea7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, &(0x7f0000000700)={{{@in6=@private0, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000800)=0xe8)
quotactl_fd$Q_GETFMT(r6, 0xffffffff80000401, r9, &(0x7f0000000840))
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000280)={@rand_addr, @private, <r10=>0x0}, &(0x7f00000003c0)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000100}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)=@delqdisc={0x174, 0x25, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0x1, 0x10}, {0x5, 0xfff3}, {0x10, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x2}}, @TCA_STAB={0x134, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x0, 0x6, 0x8, 0x2, 0x80, 0xfff, 0x5}}, {0xe, 0x2, [0x4, 0x4, 0x3, 0xfff9, 0x17df]}}, {{0x1c, 0x1, {0x3, 0x6, 0x2, 0xb05, 0x2, 0x0, 0x6, 0x7}}, {0x12, 0x2, [0x7, 0x101, 0x93ff, 0x81, 0x29d, 0x2, 0x0]}}, {{0x1c, 0x1, {0x8c, 0x81, 0x4, 0x80000000, 0x0, 0x9, 0x6, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x4, 0xe, 0x0, 0x80000001, 0x1, 0x6, 0x4, 0x3}}, {0xa, 0x2, [0xd, 0x0, 0x81]}}, {{0x1c, 0x1, {0x0, 0x56, 0x81, 0x200, 0x2, 0xf59, 0x8, 0xa}}, {0x18, 0x2, [0x101, 0x0, 0x1, 0x4, 0x40b7, 0x1, 0x7a, 0x5, 0xff80, 0x28]}}, {{0x1c, 0x1, {0x0, 0xb, 0xff85, 0xae, 0x2, 0x50, 0x9, 0x7}}, {0x12, 0x2, [0x29b, 0x8001, 0x1ff, 0xf, 0xa00b, 0x5, 0x4]}}, {{0x1c, 0x1, {0xf4, 0x1, 0xfff, 0x7fff, 0x2, 0x6, 0x67, 0x2}}, {0x8, 0x2, [0x2, 0x1]}}]}, @qdisc_kind_options=@q_atm={0x8}]}, 0x174}, 0x1, 0x0, 0x0, 0x1}, 0xc801)
ppoll(&(0x7f0000000180)=[{r8}], 0x1, &(0x7f0000000100)={0x0, 0x989680}, 0x0, 0x0)
r11 = open(&(0x7f0000000880)='./file0\x00', 0x1, 0x82)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r11, &(0x7f00000008c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, {0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffff276}, r1, 0x7f}}, 0x48)
linkat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1400)

30.666917ms ago: executing program 1 (id=2549):
futex(&(0x7f0000000440)=0x2, 0x8b, 0x2, &(0x7f0000000480), 0x0, 0x1)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000280)=ANY=[@ANYRES32=0x0, @ANYBLOB="b9835998a0bc2c942a2c8c98672df407c7e3734de0258e94a6846655aeb1b8eafea978c8bf42a8deef60bc9ef4357025a2fb42ec36bf29642fbfa5b61a81bac3cea3fb459bbaa1aaaaf0655d4c3bb6f92ae64889246c7d2e783d57afcb1374499cc5720879e785ea6b3ac85bf1c9b1089d69bf0e899d9906510122eea1ebe15707bfe3c922a96b317eb87b90d99f29ac7f8e7cfcbfa988cd0dde6705eda7db8cc93188b57a0defea41e7e90daf5bffb81ee931a9c86127f776357a98c450ce724ad8a619", @ANYRES32=0x0, @ANYRESOCT], 0x1, 0x375, &(0x7f0000000700)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aUhJf3w/0OZJ3veZed9MEp43MJOD9776uFn3zLrVkayhkhEReSJSlqwkMtFNXlLsyctX/nz8/M3bd96uVKvXtlSvV269sqmqq2s/fPJZMe72qCD75Q8OxPht/+n9Zw/+u/VRw9OGp612Ry292/61Y911bN1ueE1T9YZjW56tjZZnu1F7O2qvO+2dnZ5are2rKzuu7XlqtXratHvaaWvH7an1odVoqWmaenUlbbgXmDFDTu3+1pZVmXGH92bMw7z94/v+Mc2uW7GWRMzikZba/VMdFwAAOJNG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/x+88FPnyrsPV+P6/1E+rf5/9Zcof6j+D/Y+9/r/u5H7Ryuic2/3JJ0H6v94kbeX1u244hKLtjb8jvz98GDGgvo/eDf0V/RfvP9gPQyo/wEAAAAAAAAAAAAAAAAAAAAAOA+e+H7J9/1Scpv8HZ5CEN9P7nEuyIUy7vgX4isK9F8PuJBu3r4jRnjiXm5VxPmyW+vWotu4Pem4LiX5N3w9xKILTkTni2mgLD86u93acpywFP6viKg4YsuGlKQ8lB/G19+qXtvQSJQf7n+3W8vkVoL8ujTC/E0pyVPp+Zup+Xl56cWBfFNK8vM9aYsj2/HnWJL/+Ybqm+9UR/KLYb80r5/uIQEAAAAAYO5MVSNePpeH17/R+t00VdPag7W8DK7Pj34/0F9fr6euz3Ol53KLnTsAAAAAAJeFl/+0aTmO7Xq9sUFRJvUpxFsbacrJhC0HQW6KPkPB4zBYPq7P0sAMp91yPv4FjWmH4Xo9mXrMSfBXQVKfzOQSrkNNRvqzOmWQzH+KzsZJD4HrZU8+d9v11oLx6EzTGQiSr43G9ZEbs255XJBcOXdS52e+/vbv2XaRia/aO9j02kNjwkzDIDPyyN6EF+0fvj9xPMvpnxbfz/IjMwAAAADOiKToL3rJI28sdkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxCc71M2phg0XMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzor/AwAA//+A2/cw")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xa3}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000004c000000090a01040000000000000000070000000900020073797a31000000000900010073797a3000000000080005400000001c08000a4000000000080003400000004008"], 0xdc}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, <r4=>0xffffffffffffffff, {0x29}}, './file0\x00'})
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={r4, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000a80), &(0x7f0000000ac0)=[0x0, 0x0], 0x0, 0x4000002f, &(0x7f0000000b00)=[{}], 0x8, 0x10, &(0x7f0000000b40), &(0x7f0000000b80), 0x8, 0xbb, 0x8, 0x0, 0x0}}, 0x10)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x64, 0x6, 0x7, 0x7cd}]})
fremovexattr(r6, &(0x7f0000002300)=@known='system.posix_acl_default\x00')
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

30.269867ms ago: executing program 3 (id=2550):
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)
pwrite64(r2, &(0x7f0000000140), 0x0, 0xfecc)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0', [{0x20, ')('}, {}, {0x20, '\\(\xf1^)@'}, {}, {0x20, '\x0e;\xd43\x8c\x8f\x7f\xcan\xb0\xdbJ\x02\x94\x9d\xf4Q\xd6\xae\xd9\xd9\xe1e\x95\xe3r.\xd1uq\xac\xebN\xb2?`\x89\x887\x053K\xc3W_\xeb\x96\x16Y\xd3q\xc98\xe7*v\xc4\x8f\xde\v\xd47\xa9\xcd\xbd\x83]<\x12\x1f\xa7\xa2\x97+\xe6!\xec\x91A\xef\xc6\xf9\x1a\x1a\x96w?\xbeC\xa2`\xa8\xee\xd7\x1e\xf6\xa1\x83M\x11^\x8a^\x03\xc6\\Rd\xfb\xaap\xde\xc6\xb9S\xa7O\xa0\n\xae\x94(s\x8e?\x95\x06T\xb7\xf9\an\x85\x89\xa9\xc4\xca\x16\x13\xbd\xcc\x12\x83\x0f\xeb\x1fb\xe6\xebI\x87\xa4Ar\xaa\b\x94\x9ej\xf8o`\x01Dj\xe0DH9\x12a\xe5\x9f\xe5@K;\xf5It$\xd5\xdc\x7f\xb09\xfd\xee\n\xdd\x1c\xa5(\xba\xee\x06\xacf\r\x87\xf6\xd2\xec#\f\x05\xa3\xf9\x14\xa4\xec\'\x03\xf4\xae\xa4\xeeF{w\xee/2\xa3\xea\xeb\xda\xe1\x04\xc0\xe3\x9ef\xd6\t\xab'}, {0x20, '+{-,-'}, {0x20, '#! '}, {0x20, '\xdd$^%\xe4{'}, {0x20, '#! '}]}, 0x119)
fallocate(r1, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

506.23µs ago: executing program 5 (id=2551):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001700)={{}, &(0x7f0000001680), &(0x7f00000016c0)='%+9llu \x00'}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c00"], 0x30}], 0x1, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400))
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 4 (id=2552):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0xffd0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200), 0x13f, 0x6}}, 0x20)
close(r0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r5, @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095", @ANYBLOB="2676369985d4215d6ad835594d3a45", @ANYRES64=r6, @ANYRES8=r0, @ANYRESOCT=r5], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0xfffffea7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, &(0x7f0000000700)={{{@in6=@private0, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000800)=0xe8)
quotactl_fd$Q_GETFMT(r6, 0xffffffff80000401, r9, &(0x7f0000000840))
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000280)={@rand_addr, @private, <r10=>0x0}, &(0x7f00000003c0)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000100}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)=@delqdisc={0x174, 0x25, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0x1, 0x10}, {0x5, 0xfff3}, {0x10, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x2}}, @TCA_STAB={0x134, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x0, 0x6, 0x8, 0x2, 0x80, 0xfff, 0x5}}, {0xe, 0x2, [0x4, 0x4, 0x3, 0xfff9, 0x17df]}}, {{0x1c, 0x1, {0x3, 0x6, 0x2, 0xb05, 0x2, 0x0, 0x6, 0x7}}, {0x12, 0x2, [0x7, 0x101, 0x93ff, 0x81, 0x29d, 0x2, 0x0]}}, {{0x1c, 0x1, {0x8c, 0x81, 0x4, 0x80000000, 0x0, 0x9, 0x6, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x4, 0xe, 0x0, 0x80000001, 0x1, 0x6, 0x4, 0x3}}, {0xa, 0x2, [0xd, 0x0, 0x81]}}, {{0x1c, 0x1, {0x0, 0x56, 0x81, 0x200, 0x2, 0xf59, 0x8, 0xa}}, {0x18, 0x2, [0x101, 0x0, 0x1, 0x4, 0x40b7, 0x1, 0x7a, 0x5, 0xff80, 0x28]}}, {{0x1c, 0x1, {0x0, 0xb, 0xff85, 0xae, 0x2, 0x50, 0x9, 0x7}}, {0x12, 0x2, [0x29b, 0x8001, 0x1ff, 0xf, 0xa00b, 0x5, 0x4]}}, {{0x1c, 0x1, {0xf4, 0x1, 0xfff, 0x7fff, 0x2, 0x6, 0x67, 0x2}}, {0x8, 0x2, [0x2, 0x1]}}]}, @qdisc_kind_options=@q_atm={0x8}]}, 0x174}, 0x1, 0x0, 0x0, 0x1}, 0xc801)
ppoll(&(0x7f0000000180)=[{r8}], 0x1, &(0x7f0000000100)={0x0, 0x989680}, 0x0, 0x0)
r11 = open(&(0x7f0000000880)='./file0\x00', 0x1, 0x82)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r11, &(0x7f00000008c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, {0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffff276}, r1, 0x7f}}, 0x48)
linkat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1400)

kernel console output (not intermixed with test programs):

+0x11b/0x400
[  129.010697][ T9097]  ? bpf_trace_run2+0x124/0x1c0
[  129.010855][ T9097]  __x64_sys_io_getevents+0xca/0x190
[  129.010880][ T9097]  x64_sys_call+0x1a5e/0x2ff0
[  129.010901][ T9097]  do_syscall_64+0xd2/0x200
[  129.010991][ T9097]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.011172][ T9097]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.011256][ T9097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.011276][ T9097] RIP: 0033:0x7f278244ebe9
[  129.011307][ T9097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.011324][ T9097] RSP: 002b:00007f2780eb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0
[  129.011341][ T9097] RAX: ffffffffffffffda RBX: 00007f2782675fa0 RCX: 00007f278244ebe9
[  129.011354][ T9097] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 00007f27831b1000
[  129.011366][ T9097] RBP: 00007f2780eb7090 R08: 0000000000000000 R09: 0000000000000000
[  129.011378][ T9097] R10: 0000200000001340 R11: 0000000000000246 R12: 0000000000000001
[  129.011390][ T9097] R13: 00007f2782676038 R14: 00007f2782675fa0 R15: 00007fff46f45bc8
[  129.011448][ T9097]  </TASK>
[  129.352246][ T9102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1970'.
[  129.364281][ T9102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1970'.
[  129.417762][ T9099] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.461967][ T9115] loop1: detected capacity change from 0 to 512
[  129.559999][ T9115] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  129.576752][ T9123] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  129.578224][ T9115] EXT4-fs (loop1): failed to initialize system zone (-117)
[  129.602024][ T9115] EXT4-fs (loop1): mount failed
[  129.704738][ T9126] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1978'.
[  129.746294][ T9129] loop1: detected capacity change from 0 to 2048
[  129.761176][ T9129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.801809][ T9129] hub 2-0:1.0: USB hub found
[  129.806540][ T9129] hub 2-0:1.0: 8 ports detected
[  129.816430][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.818342][ T9129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1979'.
[  129.852295][ T9137] loop0: detected capacity change from 0 to 128
[  129.903362][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1982'.
[  129.915918][ T9139] @: renamed from vlan0 (while UP)
[  129.973096][ T9137] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1982'.
[  130.050617][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.097436][ T9150] loop1: detected capacity change from 0 to 512
[  130.114336][ T9150] EXT4-fs: Ignoring removed mblk_io_submit option
[  130.114516][ T9152] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  130.131962][ T9150] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  130.146502][ T9150] EXT4-fs (loop1): 1 truncate cleaned up
[  130.153778][ T9150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.187515][ T9156] loop0: detected capacity change from 0 to 512
[  130.200072][ T9156] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  130.208170][ T9156] EXT4-fs (loop0): failed to initialize system zone (-117)
[  130.215571][ T9156] EXT4-fs (loop0): mount failed
[  130.217408][ T9159] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket pid=9159 comm=syz.4.1990
[  130.276332][ T9164] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  130.388755][ T9164] syzkaller0: entered promiscuous mode
[  130.394261][ T9164] syzkaller0: entered allmulticast mode
[  130.526956][ T9181] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  130.630986][ T9183] loop4: detected capacity change from 0 to 512
[  130.760942][ T9183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.773485][ T9183] ext4 filesystem being mounted at /422/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.072077][ T9190] loop5: detected capacity change from 0 to 512
[  131.140602][ T9190] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.249495][ T9190] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.723614][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.784232][ T9198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2005'.
[  131.818594][ T9198] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2005'.
[  131.847651][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.911756][ T9204] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  131.930420][ T9204] syzkaller0: entered promiscuous mode
[  131.935908][ T9204] syzkaller0: entered allmulticast mode
[  132.069574][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.087313][ T9212] loop5: detected capacity change from 0 to 512
[  132.097752][ T9215] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  132.102963][ T9217] loop1: detected capacity change from 0 to 1024
[  132.131579][ T9212] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.145658][ T9217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.146349][ T9212] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.208420][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.238885][ T9236] loop0: detected capacity change from 0 to 512
[  132.245502][ T9236] EXT4-fs: Ignoring removed oldalloc option
[  132.251712][ T9236] EXT4-fs: dax option not supported
[  132.337568][ T9246] loop0: detected capacity change from 0 to 1024
[  132.344623][ T9246] EXT4-fs: Ignoring removed nobh option
[  132.353068][ T9244] loop5: detected capacity change from 0 to 128
[  132.361465][ T9244] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  132.373805][ T9244] ext4 filesystem being mounted at /256/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  132.373885][ T9246] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  132.425360][ T9246] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.2020: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  132.445314][ T9246] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2020: couldn't read orphan inode 11 (err -117)
[  132.457910][ T9246] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.458131][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.478252][ T9246] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2020: Invalid block bitmap block 0 in block_group 0
[  132.493917][ T9246] __quota_error: 343 callbacks suppressed
[  132.493930][ T9246] Quota error (device loop0): write_blk: dquota write failed
[  132.505206][ T9250] loop1: detected capacity change from 0 to 512
[  132.507056][ T9246] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  132.518868][ T9250] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  132.523939][ T9246] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2020: Failed to acquire dquot type 0
[  132.534374][ T9250] EXT4-fs (loop1): failed to initialize system zone (-117)
[  132.543051][ T9252] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.2020: Invalid inode table block 8589934593 in block_group 0
[  132.549805][ T9250] EXT4-fs (loop1): mount failed
[  132.594119][ T9254] loop1: detected capacity change from 0 to 512
[  132.620518][ T9254] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.633322][ T9254] ext4 filesystem being mounted at /460/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.673868][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.762879][ T9261] syz!: rxe_newlink: already configured on team_slave_0
[  132.770990][   T29] audit: type=1326 audit(1754839140.934:2927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9245 comm="syz.0.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  132.794506][   T29] audit: type=1326 audit(1754839140.934:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9245 comm="syz.0.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  132.818083][   T29] audit: type=1326 audit(1754839140.934:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9245 comm="syz.0.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  132.841663][   T29] audit: type=1326 audit(1754839140.934:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9245 comm="syz.0.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  132.865255][   T29] audit: type=1326 audit(1754839140.934:2931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9245 comm="syz.0.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  132.953282][ T9268] loop3: detected capacity change from 0 to 512
[  133.015238][ T9277] loop4: detected capacity change from 0 to 128
[  133.025324][ T9268] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.038561][ T9268] ext4 filesystem being mounted at /322/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.088685][ T9277] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2031'.
[  133.150901][ T5888] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.173349][ T9283] loop5: detected capacity change from 0 to 128
[  133.181003][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.216898][ T9287] loop5: detected capacity change from 0 to 512
[  133.240894][ T9287] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.264257][ T9287] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.277103][ T9291] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  133.303618][ T9293] loop3: detected capacity change from 0 to 512
[  133.321232][ T9293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.345809][  T122] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 8589934593 in block_group 0
[  133.359681][ T9293] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.371805][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.382704][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.435802][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.454171][ T9300] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  133.471857][   T29] audit: type=1326 audit(1754839141.634:2932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.3.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf093ebe9 code=0x7ffc0000
[  133.495459][   T29] audit: type=1326 audit(1754839141.644:2933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.3.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cf093ebe9 code=0x7ffc0000
[  133.518964][   T29] audit: type=1326 audit(1754839141.644:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9307 comm="syz.3.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9cf093ebe9 code=0x7ffc0000
[  133.538490][ T9315] loop0: detected capacity change from 0 to 512
[  133.575444][ T9315] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.596028][ T9315] ext4 filesystem being mounted at /397/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.610135][ T9325] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  133.619746][ T9327] __nla_validate_parse: 2 callbacks suppressed
[  133.619760][ T9327] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2049'.
[  133.636522][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.704760][ T9339] loop3: detected capacity change from 0 to 512
[  133.712592][ T9339] EXT4-fs: Ignoring removed mblk_io_submit option
[  133.719170][ T9339] EXT4-fs: Ignoring removed bh option
[  133.724705][ T9344] loop1: detected capacity change from 0 to 128
[  133.724947][ T9339] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  133.742524][ T9339] EXT4-fs (loop3): 1 truncate cleaned up
[  133.748801][ T9339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.749353][ T9344] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.803597][ T9344] ext4 filesystem being mounted at /468/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  133.835652][ T9340] dummy0: left promiscuous mode
[  133.844985][ T9340] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  133.865607][ T9352] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.889575][ T9358] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2060'.
[  133.898882][ T9358] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2060'.
[  133.920950][ T9360] netlink: 100 bytes leftover after parsing attributes in process `syz.5.2061'.
[  133.944135][ T9362] loop5: detected capacity change from 0 to 512
[  133.959740][ T9362] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.972300][ T9362] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.996976][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.207765][ T9383] sd 0:0:1:0: device reset
[  134.223785][ T9383] bond1: entered promiscuous mode
[  134.229044][ T9383] bond1: entered allmulticast mode
[  134.234529][ T9383] 8021q: adding VLAN 0 to HW filter on device bond1
[  134.244049][ T9383] bond1 (unregistering): Released all slaves
[  134.396023][ T9389] netlink: 100 bytes leftover after parsing attributes in process `syz.4.2072'.
[  134.430385][ T9391] loop4: detected capacity change from 0 to 512
[  134.439521][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.460180][ T9392] loop0: detected capacity change from 0 to 128
[  134.468548][ T9391] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.481597][ T9391] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.482268][ T9395] loop3: detected capacity change from 0 to 1024
[  134.493959][ T9392] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  134.511233][ T9392] ext4 filesystem being mounted at /401/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  134.529871][ T9391] FAULT_INJECTION: forcing a failure.
[  134.529871][ T9391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.556352][ T9391] CPU: 1 UID: 0 PID: 9391 Comm: syz.4.2073 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  134.556418][ T9391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  134.556429][ T9391] Call Trace:
[  134.556434][ T9391]  <TASK>
[  134.556440][ T9391]  __dump_stack+0x1d/0x30
[  134.556462][ T9391]  dump_stack_lvl+0xe8/0x140
[  134.556481][ T9391]  dump_stack+0x15/0x1b
[  134.556498][ T9391]  should_fail_ex+0x265/0x280
[  134.556570][ T9391]  should_fail+0xb/0x20
[  134.556585][ T9391]  should_fail_usercopy+0x1a/0x20
[  134.556607][ T9391]  _copy_to_user+0x20/0xa0
[  134.556634][ T9391]  simple_read_from_buffer+0xb5/0x130
[  134.556735][ T9391]  proc_fail_nth_read+0x10e/0x150
[  134.556788][ T9391]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.556813][ T9391]  vfs_read+0x1a8/0x770
[  134.556846][ T9391]  ? __rcu_read_unlock+0x4f/0x70
[  134.556868][ T9391]  ? __fget_files+0x184/0x1c0
[  134.556892][ T9391]  ksys_read+0xda/0x1a0
[  134.556976][ T9391]  __x64_sys_read+0x40/0x50
[  134.556993][ T9391]  x64_sys_call+0x27bc/0x2ff0
[  134.557011][ T9391]  do_syscall_64+0xd2/0x200
[  134.557090][ T9391]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.557153][ T9391]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  134.557225][ T9391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.557243][ T9391] RIP: 0033:0x7f08ac98d5fc
[  134.557306][ T9391] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  134.557321][ T9391] RSP: 002b:00007f08ab3f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  134.557338][ T9391] RAX: ffffffffffffffda RBX: 00007f08acbb5fa0 RCX: 00007f08ac98d5fc
[  134.557351][ T9391] RDX: 000000000000000f RSI: 00007f08ab3f70a0 RDI: 0000000000000006
[  134.557364][ T9391] RBP: 00007f08ab3f7090 R08: 0000000000000000 R09: 0000000000000000
[  134.557424][ T9391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.557437][ T9391] R13: 00007f08acbb6038 R14: 00007f08acbb5fa0 R15: 00007ffe175d2d68
[  134.557456][ T9391]  </TASK>
[  134.766590][ T3305] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.767688][ T9395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.811665][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.833565][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.837669][ T9406] loop4: detected capacity change from 0 to 512
[  134.850693][ T9406] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  134.858741][ T9406] EXT4-fs (loop4): failed to initialize system zone (-117)
[  134.866092][ T9406] EXT4-fs (loop4): mount failed
[  134.885960][ T9411] loop5: detected capacity change from 0 to 512
[  134.894697][ T9411] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  134.903190][ T9411] EXT4-fs (loop5): failed to initialize system zone (-117)
[  134.910692][ T9411] EXT4-fs (loop5): mount failed
[  134.945387][ T9421] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  134.954547][ T9421] syzkaller0: entered promiscuous mode
[  134.960118][ T9421] syzkaller0: entered allmulticast mode
[  134.980834][ T9425] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  134.987430][ T9425] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  134.995010][ T9425] vhci_hcd vhci_hcd.0: Device attached
[  135.001157][ T9425] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14)
[  135.007738][ T9425] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  135.015206][ T9425] vhci_hcd vhci_hcd.0: Device attached
[  135.024405][ T9425] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(16)
[  135.031006][ T9425] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  135.038591][ T9425] vhci_hcd vhci_hcd.0: Device attached
[  135.047184][ T9425] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(18)
[  135.053776][ T9425] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  135.061555][ T9425] vhci_hcd vhci_hcd.0: Device attached
[  135.068548][ T9425] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  135.076868][ T9425] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  135.085329][ T9425] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  135.095076][ T9425] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(28)
[  135.101675][ T9425] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  135.109230][ T9425] vhci_hcd vhci_hcd.0: Device attached
[  135.118743][ T9438] vhci_hcd: connection closed
[  135.119230][ T9431] vhci_hcd: connection closed
[  135.119259][ T9434] vhci_hcd: connection closed
[  135.128854][ T1850] vhci_hcd: stop threads
[  135.133941][ T9429] vhci_hcd: connection closed
[  135.137762][ T1850] vhci_hcd: release socket
[  135.137779][ T1850] vhci_hcd: disconnect device
[  135.137819][ T9427] vhci_hcd: connection closed
[  135.144181][ T1850] vhci_hcd: stop threads
[  135.160527][ T1850] vhci_hcd: release socket
[  135.164961][ T1850] vhci_hcd: disconnect device
[  135.169866][ T1850] vhci_hcd: stop threads
[  135.174088][ T1850] vhci_hcd: release socket
[  135.178537][ T1850] vhci_hcd: disconnect device
[  135.183572][ T1850] vhci_hcd: stop threads
[  135.187798][ T1850] vhci_hcd: release socket
[  135.192233][ T1850] vhci_hcd: disconnect device
[  135.197018][ T1850] vhci_hcd: stop threads
[  135.201320][ T1850] vhci_hcd: release socket
[  135.205730][ T1850] vhci_hcd: disconnect device
[  135.230462][ T3304] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  135.248047][ T3389] usb 3-1: new low-speed USB device number 5 using vhci_hcd
[  135.255481][ T3389] usb 3-1: enqueue for inactive port 0
[  135.261299][ T3389] usb 3-1: enqueue for inactive port 0
[  135.266918][ T3389] usb 3-1: enqueue for inactive port 0
[  135.307334][ T9449] netlink: 'syz.0.2090': attribute type 1 has an invalid length.
[  135.328995][ T9451] loop0: detected capacity change from 0 to 1024
[  135.335743][ T9451] EXT4-fs: Ignoring removed nobh option
[  135.341547][ T3389] vhci_hcd: vhci_device speed not set
[  135.347352][ T9451] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  135.358630][ T9451] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.2091: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  135.377421][ T9451] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2091: couldn't read orphan inode 11 (err -117)
[  135.390057][ T9451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.404795][ T9451] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2091: Invalid block bitmap block 0 in block_group 0
[  135.419525][ T9451] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2091: Failed to acquire dquot type 0
[  135.431512][ T9451] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.2091: Invalid inode table block 8589934593 in block_group 0
[  135.564067][ T9459] loop4: detected capacity change from 0 to 1024
[  135.570796][ T9459] EXT4-fs: Ignoring removed bh option
[  135.576264][ T9459] EXT4-fs: inline encryption not supported
[  135.641080][ T9459] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  135.677740][ T9459] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  135.691399][ T9459] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.2094: lblock 2 mapped to illegal pblock 2 (length 1)
[  135.707275][ T9459] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.2094: lblock 0 mapped to illegal pblock 48 (length 1)
[  135.723409][ T9459] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2094: Failed to acquire dquot type 0
[  135.735299][ T9459] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  135.746201][ T9459] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.2094: mark_inode_dirty error
[  135.783519][ T9464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2095'.
[  135.813461][ T9464] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2095'.
[  135.824348][ T9459] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  135.852525][ T9459] EXT4-fs (loop4): 1 orphan inode deleted
[  135.877543][ T9459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.913376][  T122] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  135.936403][  T122] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  135.969820][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.985996][ T3301] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  135.998890][ T9476] loop5: detected capacity change from 0 to 1024
[  136.000351][ T3301] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  136.014836][ T3301] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  136.027756][ T9476] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.044527][ T9480] loop4: detected capacity change from 0 to 256
[  136.052425][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.073310][ T9480] loop4: detected capacity change from 0 to 512
[  136.080397][ T9480] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  136.184846][ T9480] loop4: detected capacity change from 0 to 2048
[  136.200492][  T412] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm kworker/u8:6: Invalid inode table block 8589934593 in block_group 0
[  136.231709][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2104'.
[  136.243741][ T9480] Alternate GPT is invalid, using primary GPT.
[  136.250172][ T9480]  loop4: p2 p3 p7
[  136.260875][ T9490] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  136.267473][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.275002][ T9490] vhci_hcd vhci_hcd.0: Device attached
[  136.281258][ T9490] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(14)
[  136.287866][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.295438][ T9490] vhci_hcd vhci_hcd.0: Device attached
[  136.301685][ T9490] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(16)
[  136.308284][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.315793][ T9490] vhci_hcd vhci_hcd.0: Device attached
[  136.326186][ T9490] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(18)
[  136.332781][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  136.340527][ T9490] vhci_hcd vhci_hcd.0: Device attached
[  136.346798][ T9490] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  136.356117][ T9490] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  136.362415][ T9502] loop4: detected capacity change from 0 to 512
[  136.366123][ T9490] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  136.381032][ T9490] vhci_hcd vhci_hcd.0: pdev(0) rhport(6) sockfd(28)
[  136.381283][ T9502] ext4 filesystem being mounted at /443/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.387699][ T9490] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  136.405731][ T9490] vhci_hcd vhci_hcd.0: Device attached
[  136.419370][ T9505] vhci_hcd: connection closed
[  136.419667][   T31] vhci_hcd: stop threads
[  136.419808][ T9495] vhci_hcd: connection closed
[  136.424354][   T31] vhci_hcd: release socket
[  136.424371][   T31] vhci_hcd: disconnect device
[  136.424409][ T9497] vhci_hcd: connection closed
[  136.430146][ T9491] vhci_hcd: connection closed
[  136.436125][ T9493] vhci_hcd: connection closed
[  136.439493][   T31] vhci_hcd: stop threads
[  136.460662][   T31] vhci_hcd: release socket
[  136.465072][   T31] vhci_hcd: disconnect device
[  136.469924][   T31] vhci_hcd: stop threads
[  136.474157][   T31] vhci_hcd: release socket
[  136.478617][   T31] vhci_hcd: disconnect device
[  136.483519][   T31] vhci_hcd: stop threads
[  136.487814][   T31] vhci_hcd: release socket
[  136.492241][   T31] vhci_hcd: disconnect device
[  136.497030][   T31] vhci_hcd: stop threads
[  136.501315][   T31] vhci_hcd: release socket
[  136.505812][   T31] vhci_hcd: disconnect device
[  136.523908][ T9510] loop1: detected capacity change from 0 to 512
[  136.531624][ T9510] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  136.540070][ T9510] EXT4-fs (loop1): failed to initialize system zone (-117)
[  136.547311][ T9510] EXT4-fs (loop1): mount failed
[  136.704441][ T9522] loop3: detected capacity change from 0 to 1024
[  136.717002][ T9522] EXT4-fs: Ignoring removed nobh option
[  136.723032][ T9522] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  136.733551][ T9523] loop5: detected capacity change from 0 to 128
[  136.738684][ T9522] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.2113: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  136.743332][ T9523] ext4 filesystem being mounted at /279/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  136.760577][ T9522] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2113: couldn't read orphan inode 11 (err -117)
[  136.808546][ T9522] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2113: Invalid block bitmap block 0 in block_group 0
[  136.822210][ T9522] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2113: Failed to acquire dquot type 0
[  136.834521][ T9522] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.2113: Invalid inode table block 8589934593 in block_group 0
[  136.960387][ T9528] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2114'.
[  137.191306][ T9537] loop0: detected capacity change from 0 to 1024
[  137.201995][ T9537] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  137.212902][ T9537] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  137.225497][ T9537] JBD2: no valid journal superblock found
[  137.231395][ T9537] EXT4-fs (loop0): Could not load journal inode
[  137.480062][ T9553] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2124'.
[  137.507681][ T9555] futex_wake_op: syz.5.2125 tries to shift op by -1; fix this program
[  137.582318][  T122] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 8589934593 in block_group 0
[  137.601411][ T9559] loop1: detected capacity change from 0 to 512
[  137.610837][ T9559] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  137.622772][   T29] kauditd_printk_skb: 350 callbacks suppressed
[  137.622782][   T29] audit: type=1326 audit(1754839145.784:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.654345][ T9564] loop3: detected capacity change from 0 to 128
[  137.668193][ T9559] EXT4-fs (loop1): failed to initialize system zone (-117)
[  137.685583][ T9559] EXT4-fs (loop1): mount failed
[  137.691358][   T29] audit: type=1326 audit(1754839145.784:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.714802][   T29] audit: type=1326 audit(1754839145.784:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.738193][   T29] audit: type=1326 audit(1754839145.784:3281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.761663][   T29] audit: type=1326 audit(1754839145.784:3282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.769316][ T9562] sd 0:0:1:0: device reset
[  137.785066][   T29] audit: type=1326 audit(1754839145.784:3283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.812875][   T29] audit: type=1326 audit(1754839145.784:3284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.836245][   T29] audit: type=1326 audit(1754839145.784:3285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.859633][   T29] audit: type=1326 audit(1754839145.784:3286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.883124][   T29] audit: type=1326 audit(1754839145.794:3287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9560 comm="syz.5.2128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  137.918169][ T9566] usb usb1: check_ctrlrecip: process 9566 (syz.5.2128) requesting ep 01 but needs 81
[  137.927784][ T9566] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  138.085696][ T9588] loop3: detected capacity change from 0 to 1024
[  138.096459][ T9588] EXT4-fs: Ignoring removed nobh option
[  138.161203][ T9590] loop5: detected capacity change from 0 to 128
[  138.170019][ T9588] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  138.191482][ T9588] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.2138: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  138.373745][ T9588] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2138: couldn't read orphan inode 11 (err -117)
[  138.423854][ T9588] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2138: Invalid block bitmap block 0 in block_group 0
[  138.467657][ T9600] loop5: detected capacity change from 0 to 512
[  138.476298][ T9588] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2138: Failed to acquire dquot type 0
[  138.510292][ T9601] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.2138: Invalid inode table block 8589934593 in block_group 0
[  138.537647][ T9600] ext4 filesystem being mounted at /286/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.924820][ T9623] netlink: 'syz.1.2149': attribute type 12 has an invalid length.
[  139.000031][ T9631] netlink: 'syz.5.2152': attribute type 10 has an invalid length.
[  139.011162][ T9631] team0: Port device dummy0 added
[  139.020213][ T9631] netlink: 'syz.5.2152': attribute type 10 has an invalid length.
[  139.030881][ T9631] team0: Port device dummy0 removed
[  139.039967][ T9631] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  139.070915][ T9633] sd 0:0:1:0: device reset
[  139.087059][ T9633] bond1: entered promiscuous mode
[  139.092143][ T9633] bond1: entered allmulticast mode
[  139.097619][ T9633] 8021q: adding VLAN 0 to HW filter on device bond1
[  139.109172][ T9633] bond1 (unregistering): Released all slaves
[  139.119686][   T51] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm kworker/u8:3: Invalid inode table block 8589934593 in block_group 0
[  139.141061][ T9636] __nla_validate_parse: 7 callbacks suppressed
[  139.141122][ T9636] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2154'.
[  139.156205][ T9636] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2154'.
[  139.193356][ T9640] bond4: entered promiscuous mode
[  139.198470][ T9640] bond4: entered allmulticast mode
[  139.203961][ T9640] 8021q: adding VLAN 0 to HW filter on device bond4
[  139.213450][ T9640] bond4 (unregistering): Released all slaves
[  139.384708][ T9653] loop5: detected capacity change from 0 to 512
[  139.391721][ T9653] EXT4-fs: Ignoring removed mblk_io_submit option
[  139.398386][ T9653] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  139.414862][ T9653] EXT4-fs (loop5): 1 truncate cleaned up
[  139.425865][ T9657] loop4: detected capacity change from 0 to 512
[  139.439855][ T9657] ext4 filesystem being mounted at /451/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.812613][ T9665] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2164'.
[  139.968249][ T3367] usb usb8-port1: attempt power cycle
[  140.027402][ T9673] loop1: detected capacity change from 0 to 2048
[  140.121746][ T9679] sd 0:0:1:0: device reset
[  140.128113][ T9681] netlink: 'syz.4.2168': attribute type 12 has an invalid length.
[  140.138895][ T9683] IPv6: Can't replace route, no match found
[  140.182998][ T9693] loop4: detected capacity change from 0 to 1024
[  140.189612][ T9693] EXT4-fs: Ignoring removed bh option
[  140.199443][ T9693] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  140.223166][ T9696] loop1: detected capacity change from 0 to 512
[  140.239992][ T9700] loop3: detected capacity change from 0 to 512
[  140.247806][ T9696] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.256929][ T9696] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  140.267153][ T9700] ext4 filesystem being mounted at /348/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.281624][ T9696] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  140.290799][ T9696] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  140.299759][ T9696] System zones: 0-2, 18-18, 34-34
[  140.310758][ T9696] EXT4-fs (loop1): 1 truncate cleaned up
[  140.329357][ T9696] -: renamed from syzkaller0
[  140.467782][ T9726] sd 0:0:1:0: device reset
[  140.506572][ T9710] loop5: detected capacity change from 0 to 2048
[  140.525086][ T9727] FAULT_INJECTION: forcing a failure.
[  140.525086][ T9727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.538304][ T9727] CPU: 0 UID: 0 PID: 9727 Comm: syz.1.2183 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  140.538345][ T9727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.538353][ T9727] Call Trace:
[  140.538358][ T9727]  <TASK>
[  140.538362][ T9727]  __dump_stack+0x1d/0x30
[  140.538375][ T9727]  dump_stack_lvl+0xe8/0x140
[  140.538387][ T9727]  dump_stack+0x15/0x1b
[  140.538395][ T9727]  should_fail_ex+0x265/0x280
[  140.538424][ T9727]  should_fail+0xb/0x20
[  140.538433][ T9727]  should_fail_usercopy+0x1a/0x20
[  140.538448][ T9727]  strncpy_from_user+0x25/0x230
[  140.538570][ T9727]  ? __kmalloc_cache_noprof+0x189/0x320
[  140.538587][ T9727]  __se_sys_memfd_create+0x1ff/0x590
[  140.538600][ T9727]  __x64_sys_memfd_create+0x31/0x40
[  140.538611][ T9727]  x64_sys_call+0x2abe/0x2ff0
[  140.538623][ T9727]  do_syscall_64+0xd2/0x200
[  140.538664][ T9727]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.538756][ T9727]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  140.538770][ T9727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.538782][ T9727] RIP: 0033:0x7f278244ebe9
[  140.538790][ T9727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.538820][ T9727] RSP: 002b:00007f2780e95e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  140.538834][ T9727] RAX: ffffffffffffffda RBX: 0000000000000558 RCX: 00007f278244ebe9
[  140.538847][ T9727] RDX: 00007f2780e95ef0 RSI: 0000000000000000 RDI: 00007f27824d27e8
[  140.538859][ T9727] RBP: 0000200000000680 R08: 00007f2780e95bb7 R09: 00007f2780e95e40
[  140.538871][ T9727] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  140.538884][ T9727] R13: 00007f2780e95ef0 R14: 00007f2780e95eb0 R15: 0000200000001780
[  140.538895][ T9727]  </TASK>
[  140.740249][ T9732] loop3: detected capacity change from 0 to 512
[  140.749876][ T9732] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.964151][ T9743] loop3: detected capacity change from 0 to 512
[  141.020653][ T9743] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  141.039806][ T9743] EXT4-fs (loop3): 1 truncate cleaned up
[  141.471472][ T9758] loop1: detected capacity change from 0 to 512
[  141.496963][ T9758] ext4 filesystem being mounted at /500/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  141.602025][ T9768] loop4: detected capacity change from 0 to 512
[  141.620312][ T9768] ext4 filesystem being mounted at /466/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.665916][ T9774] loop3: detected capacity change from 0 to 512
[  141.690808][ T9774] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.707788][ T9784] sd 0:0:1:0: device reset
[  141.773269][ T9792] syzkaller0: entered promiscuous mode
[  141.778940][ T9792] syzkaller0: entered allmulticast mode
[  141.803540][ T9794] loop4: detected capacity change from 0 to 512
[  141.831088][ T9794] ext4 filesystem being mounted at /471/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.863960][ T9786] loop5: detected capacity change from 0 to 2048
[  141.873359][ T3367] usb usb8-port1: unable to enumerate USB device
[  141.885643][ T9547] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  141.891815][ T9804] syzkaller0: entered promiscuous mode
[  141.898185][ T9804] syzkaller0: entered allmulticast mode
[  141.951998][ T9816] netlink: 'syz.0.2217': attribute type 12 has an invalid length.
[  141.979210][ T9820] loop5: detected capacity change from 0 to 512
[  141.985915][ T9820] EXT4-fs: Ignoring removed mblk_io_submit option
[  142.005201][ T9820] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  142.016562][ T9824] netlink: 'syz.4.2221': attribute type 4 has an invalid length.
[  142.025223][ T9824] netlink: 'syz.4.2221': attribute type 4 has an invalid length.
[  142.036973][ T9828] loop0: detected capacity change from 0 to 512
[  142.044116][ T9820] EXT4-fs (loop5): 1 truncate cleaned up
[  142.060676][ T9828] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.078788][ T9832] sd 0:0:1:0: device reset
[  142.276054][ T9848] netlink: 'syz.1.2229': attribute type 12 has an invalid length.
[  142.321823][ T9853] syz!: rxe_newlink: already configured on team_slave_0
[  142.420568][ T9858] loop3: detected capacity change from 0 to 512
[  142.421594][ T9859] netlink: 'syz.1.2233': attribute type 12 has an invalid length.
[  142.452486][ T9862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2235'.
[  142.458138][ T9858] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.461494][ T9862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2235'.
[  142.653666][ T9872] loop1: detected capacity change from 0 to 512
[  142.680681][ T9872] ext4 filesystem being mounted at /509/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  142.772208][ T9887] syzkaller0: entered promiscuous mode
[  142.777706][ T9887] syzkaller0: entered allmulticast mode
[  142.877847][ T9893] loop5: detected capacity change from 0 to 512
[  142.893896][ T9893] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.905083][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2248'.
[  142.914071][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2248'.
[  143.006237][ T9916] sd 0:0:1:0: device reset
[  143.022482][ T9916] bond1: entered promiscuous mode
[  143.027520][ T9916] bond1: entered allmulticast mode
[  143.034242][ T9916] 8021q: adding VLAN 0 to HW filter on device bond1
[  143.043965][ T9916] bond1 (unregistering): Released all slaves
[  143.253627][ T9922] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  143.392731][ T9928] loop0: detected capacity change from 0 to 512
[  143.421943][ T9928] ext4 filesystem being mounted at /440/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.595050][ T9941] loop1: detected capacity change from 0 to 512
[  143.603529][ T9941] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.632238][ T9941] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  143.649934][ T9941] EXT4-fs (loop1): 1 truncate cleaned up
[  143.679528][ T9944] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  143.759317][ T9953] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2269'.
[  143.824339][ T9961] loop5: detected capacity change from 0 to 512
[  143.891241][ T9961] ext4 filesystem being mounted at /307/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.988848][ T9965] sd 0:0:1:0: device reset
[  144.004454][ T9965] bond1: entered promiscuous mode
[  144.009605][ T9965] bond1: entered allmulticast mode
[  144.015516][ T9965] 8021q: adding VLAN 0 to HW filter on device bond1
[  144.026617][ T9965] bond1 (unregistering): Released all slaves
[  144.241084][ T9970] loop5: detected capacity change from 0 to 2048
[  144.339887][   T29] kauditd_printk_skb: 285 callbacks suppressed
[  144.339921][   T29] audit: type=1400 audit(1754839152.504:3571): avc:  denied  { shutdown } for  pid=9969 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  144.410263][ T9981] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  144.498910][ T9985] loop0: detected capacity change from 0 to 512
[  144.524068][ T9987] loop1: detected capacity change from 0 to 1024
[  144.528821][ T9985] ext4 filesystem being mounted at /449/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.530766][ T9987] EXT4-fs: Ignoring removed nobh option
[  144.570324][ T9987] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.606225][ T9987] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.2283: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  144.627425][ T9987] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2283: couldn't read orphan inode 11 (err -117)
[  144.654335][   T29] audit: type=1400 audit(1754839152.814:3572): avc:  denied  { write } for  pid=9998 comm="syz.3.2289" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  144.684808][ T9987] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2283: Invalid block bitmap block 0 in block_group 0
[  144.700063][ T9987] Quota error (device loop1): write_blk: dquota write failed
[  144.707482][ T9987] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  144.717494][ T9987] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2283: Failed to acquire dquot type 0
[  144.731872][ T9987] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.2283: Invalid inode table block 8589934593 in block_group 0
[  144.867010][T10007] netlink: 'syz.0.2290': attribute type 12 has an invalid length.
[  144.965924][   T29] audit: type=1326 audit(1754839153.124:3573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9986 comm="syz.1.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278244ebe9 code=0x7ffc0000
[  144.989433][   T29] audit: type=1326 audit(1754839153.124:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9986 comm="syz.1.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278244ebe9 code=0x7ffc0000
[  145.012945][   T29] audit: type=1326 audit(1754839153.124:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9986 comm="syz.1.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f278244ebe9 code=0x7ffc0000
[  145.036253][   T29] audit: type=1326 audit(1754839153.124:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9986 comm="syz.1.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278244ebe9 code=0x7ffc0000
[  145.059665][   T29] audit: type=1326 audit(1754839153.124:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9986 comm="syz.1.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278244ebe9 code=0x7ffc0000
[  145.146751][T10011] loop3: detected capacity change from 0 to 512
[  145.250667][ T9970] syz.5.2276 (9970) used greatest stack depth: 9512 bytes left
[  145.278915][T10011] ext4 filesystem being mounted at /371/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.319473][T10020] loop5: detected capacity change from 0 to 2048
[  145.343014][T10023] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2296'.
[  145.413407][  T122] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 8589934593 in block_group 0
[  145.457037][T10035] netlink: 'syz.1.2300': attribute type 12 has an invalid length.
[  145.504190][T10040] netlink: 'syz.3.2301': attribute type 12 has an invalid length.
[  145.515054][T10020] hub 2-0:1.0: USB hub found
[  145.520002][T10020] hub 2-0:1.0: 8 ports detected
[  145.531381][T10020] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2295'.
[  145.532851][T10044] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2305'.
[  145.593081][   T29] audit: type=1326 audit(1754839153.754:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10049 comm="syz.4.2307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08ac98ebe9 code=0x7ffc0000
[  145.616812][T10037] loop0: detected capacity change from 0 to 2048
[  145.673997][T10058] loop5: detected capacity change from 0 to 128
[  145.686600][T10059] loop1: detected capacity change from 0 to 512
[  145.695570][T10059] EXT4-fs (loop1): orphan cleanup on readonly fs
[  145.695541][T10058] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2308'.
[  145.705163][T10059] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2309: bg 0: block 248: padding at end of block bitmap is not set
[  145.725562][T10059] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2309: Failed to acquire dquot type 1
[  145.738290][T10059] EXT4-fs (loop1): 1 truncate cleaned up
[  145.750323][T10059] bridge0: entered promiscuous mode
[  145.755598][T10059] macsec1: entered promiscuous mode
[  145.763357][T10059] bridge0: left promiscuous mode
[  145.763565][T10058] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2308'.
[  145.830616][T10059] syz.1.2309 (10059) used greatest stack depth: 9280 bytes left
[  145.913030][T10083] FAULT_INJECTION: forcing a failure.
[  145.913030][T10083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.926296][T10083] CPU: 1 UID: 0 PID: 10083 Comm: syz.1.2319 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  145.926314][T10083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  145.926321][T10083] Call Trace:
[  145.926388][T10083]  <TASK>
[  145.926392][T10083]  __dump_stack+0x1d/0x30
[  145.926434][T10083]  dump_stack_lvl+0xe8/0x140
[  145.926445][T10083]  dump_stack+0x15/0x1b
[  145.926454][T10083]  should_fail_ex+0x265/0x280
[  145.926466][T10083]  should_fail+0xb/0x20
[  145.926486][T10083]  should_fail_usercopy+0x1a/0x20
[  145.926498][T10083]  _copy_from_iter+0xcf/0xe40
[  145.926512][T10083]  ? __build_skb_around+0x1a0/0x200
[  145.926597][T10083]  ? __alloc_skb+0x223/0x320
[  145.926626][T10083]  netlink_sendmsg+0x471/0x6b0
[  145.926640][T10083]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.926652][T10083]  __sock_sendmsg+0x145/0x180
[  145.926689][T10083]  ____sys_sendmsg+0x31e/0x4e0
[  145.926705][T10083]  ___sys_sendmsg+0x17b/0x1d0
[  145.926724][T10083]  __x64_sys_sendmsg+0xd4/0x160
[  145.926737][T10083]  x64_sys_call+0x191e/0x2ff0
[  145.926769][T10083]  do_syscall_64+0xd2/0x200
[  145.926785][T10083]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.926798][T10083]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  145.926830][T10083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.927000][T10083] RIP: 0033:0x7f278244ebe9
[  145.927010][T10083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.927019][T10083] RSP: 002b:00007f2780eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.927031][T10083] RAX: ffffffffffffffda RBX: 00007f2782675fa0 RCX: 00007f278244ebe9
[  145.927038][T10083] RDX: 0000000000040000 RSI: 0000200000000100 RDI: 0000000000000005
[  145.927057][T10083] RBP: 00007f2780eb7090 R08: 0000000000000000 R09: 0000000000000000
[  145.927064][T10083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.927071][T10083] R13: 00007f2782676038 R14: 00007f2782675fa0 R15: 00007fff46f45bc8
[  145.927081][T10083]  </TASK>
[  146.132469][T10084] loop0: detected capacity change from 0 to 512
[  146.155424][T10087] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  146.162110][T10087] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  146.164496][T10088] loop1: detected capacity change from 0 to 2048
[  146.169648][T10087] vhci_hcd vhci_hcd.0: Device attached
[  146.178386][T10084] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  146.197759][T10084] EXT4-fs (loop0): mount failed
[  146.199670][T10087] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(13)
[  146.209273][T10087] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  146.216842][T10087] vhci_hcd vhci_hcd.0: Device attached
[  146.224070][T10087] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  146.235817][T10088] hub 2-0:1.0: USB hub found
[  146.239330][T10087] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(17)
[  146.240518][T10088] hub 2-0:1.0: 8 ports detected
[  146.246986][T10087] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  146.247036][T10087] vhci_hcd vhci_hcd.0: Device attached
[  146.267485][T10088] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2320'.
[  146.298857][T10087] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(19)
[  146.305496][T10087] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  146.313275][T10087] vhci_hcd vhci_hcd.0: Device attached
[  146.319306][T10087] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  146.327712][T10087] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  146.336292][T10087] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  146.349995][T10087] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(29)
[  146.356674][T10087] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  146.364400][T10087] vhci_hcd vhci_hcd.0: Device attached
[  146.376160][T10097] vhci_hcd: connection closed
[  146.376280][T10093] vhci_hcd: connection closed
[  146.379429][T10104] vhci_hcd: connection closed
[  146.385816][T10089] vhci_hcd: connection closed
[  146.390670][  T412] vhci_hcd: stop threads
[  146.399779][  T412] vhci_hcd: release socket
[  146.404299][  T412] vhci_hcd: disconnect device
[  146.411017][T10101] vhci_hcd: connection closed
[  146.426835][  T412] vhci_hcd: stop threads
[  146.428224][   T36] usb 11-1: new low-speed USB device number 4 using vhci_hcd
[  146.431583][  T412] vhci_hcd: release socket
[  146.447696][  T412] vhci_hcd: disconnect device
[  146.448176][T10090] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  146.452918][  T412] vhci_hcd: stop threads
[  146.462553][  T412] vhci_hcd: release socket
[  146.466958][  T412] vhci_hcd: disconnect device
[  146.477498][  T412] vhci_hcd: stop threads
[  146.481959][  T412] vhci_hcd: release socket
[  146.486417][  T412] vhci_hcd: disconnect device
[  146.492658][  T412] vhci_hcd: stop threads
[  146.496891][  T412] vhci_hcd: release socket
[  146.501507][  T412] vhci_hcd: disconnect device
[  146.520019][T10121] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  146.539668][T10121] tipc: Resetting bearer <eth:syzkaller0>
[  146.551113][T10120] tipc: Disabling bearer <eth:syzkaller0>
[  146.639869][T10135] loop4: detected capacity change from 0 to 512
[  146.646573][T10135] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  146.659992][T10135] EXT4-fs (loop4): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  146.671268][T10135] lo speed is unknown, defaulting to 1000
[  146.677024][T10135] lo speed is unknown, defaulting to 1000
[  146.683173][T10135] lo speed is unknown, defaulting to 1000
[  146.689354][T10135] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  146.696772][T10135] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  146.706073][T10135] lo speed is unknown, defaulting to 1000
[  146.712174][T10135] lo speed is unknown, defaulting to 1000
[  146.718198][T10135] lo speed is unknown, defaulting to 1000
[  146.724323][T10135] lo speed is unknown, defaulting to 1000
[  146.730311][T10135] lo speed is unknown, defaulting to 1000
[  146.777209][T10142] loop4: detected capacity change from 0 to 2048
[  146.820123][T10142] hub 2-0:1.0: USB hub found
[  146.824764][T10142] hub 2-0:1.0: 8 ports detected
[  146.833401][T10142] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2337'.
[  146.916658][T10148] loop5: detected capacity change from 0 to 512
[  146.930027][T10150] loop4: detected capacity change from 0 to 512
[  146.936631][T10150] EXT4-fs: Ignoring removed mblk_io_submit option
[  146.937424][T10148] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.943749][T10150] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  146.970011][T10150] EXT4-fs (loop4): 1 truncate cleaned up
[  146.986368][T10155] loop5: detected capacity change from 0 to 512
[  146.999765][T10155] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.100112][T10167] loop5: detected capacity change from 0 to 512
[  147.108196][T10167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[  147.116236][T10167] EXT4-fs (loop5): failed to initialize system zone (-117)
[  147.124859][T10167] EXT4-fs (loop5): mount failed
[  147.209146][T10176] loop5: detected capacity change from 0 to 512
[  147.231613][T10176] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.293789][T10182] loop5: detected capacity change from 0 to 512
[  147.309830][T10182] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.353113][T10186] sd 0:0:1:0: device reset
[  147.364449][T10186] bond1: entered promiscuous mode
[  147.369693][T10186] bond1: entered allmulticast mode
[  147.374998][T10186] 8021q: adding VLAN 0 to HW filter on device bond1
[  147.385026][T10186] bond1 (unregistering): Released all slaves
[  147.409494][T10190] netlink: 'syz.3.2353': attribute type 12 has an invalid length.
[  147.461860][T10194] loop0: detected capacity change from 0 to 128
[  147.483852][T10194] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2355'.
[  147.495933][T10194] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2355'.
[  147.709950][T10208] loop5: detected capacity change from 0 to 512
[  147.771002][T10208] ext4 filesystem being mounted at /332/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.006428][T10212] syz!: rxe_newlink: already configured on team_slave_0
[  148.334124][T10219] loop0: detected capacity change from 0 to 2048
[  148.705891][T10230] FAULT_INJECTION: forcing a failure.
[  148.705891][T10230] name failslab, interval 1, probability 0, space 0, times 0
[  148.718659][T10230] CPU: 0 UID: 0 PID: 10230 Comm: syz.4.2367 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  148.718688][T10230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  148.718701][T10230] Call Trace:
[  148.718708][T10230]  <TASK>
[  148.718716][T10230]  __dump_stack+0x1d/0x30
[  148.718817][T10230]  dump_stack_lvl+0xe8/0x140
[  148.718833][T10230]  dump_stack+0x15/0x1b
[  148.718847][T10230]  should_fail_ex+0x265/0x280
[  148.718869][T10230]  ? __se_sys_mount+0xef/0x2e0
[  148.719024][T10230]  should_failslab+0x8c/0xb0
[  148.719045][T10230]  __kmalloc_cache_noprof+0x4c/0x320
[  148.719074][T10230]  ? memdup_user+0x99/0xd0
[  148.719101][T10230]  __se_sys_mount+0xef/0x2e0
[  148.719178][T10230]  ? fput+0x8f/0xc0
[  148.719200][T10230]  ? ksys_write+0x192/0x1a0
[  148.719220][T10230]  __x64_sys_mount+0x67/0x80
[  148.719243][T10230]  x64_sys_call+0x2b4d/0x2ff0
[  148.719263][T10230]  do_syscall_64+0xd2/0x200
[  148.719322][T10230]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  148.719342][T10230]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  148.719364][T10230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.719455][T10230] RIP: 0033:0x7f08ac98ebe9
[  148.719470][T10230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.719485][T10230] RSP: 002b:00007f08ab3f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  148.719501][T10230] RAX: ffffffffffffffda RBX: 00007f08acbb5fa0 RCX: 00007f08ac98ebe9
[  148.719531][T10230] RDX: 0000200000001400 RSI: 0000200000000300 RDI: 0000200000000240
[  148.719543][T10230] RBP: 00007f08ab3f7090 R08: 0000200000000140 R09: 0000000000000000
[  148.719554][T10230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.719564][T10230] R13: 00007f08acbb6038 R14: 00007f08acbb5fa0 R15: 00007ffe175d2d68
[  148.719579][T10230]  </TASK>
[  148.990476][T10232] sd 0:0:1:0: device reset
[  149.016804][T10232] bond1: entered promiscuous mode
[  149.021884][T10232] bond1: entered allmulticast mode
[  149.029074][T10232] 8021q: adding VLAN 0 to HW filter on device bond1
[  149.040751][T10232] bond1 (unregistering): Released all slaves
[  149.088951][T10237] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2370'.
[  149.174043][T10243] loop0: detected capacity change from 0 to 128
[  149.283376][T10251] loop0: detected capacity change from 0 to 1024
[  149.293755][T10254] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  149.298114][T10249] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  149.305535][T10251] EXT4-fs: Ignoring removed nobh option
[  149.307017][T10249] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.320082][T10249] vhci_hcd vhci_hcd.0: Device attached
[  149.320536][T10251] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  149.362248][T10256] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(12)
[  149.368853][T10256] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.376419][T10256] vhci_hcd vhci_hcd.0: Device attached
[  149.403209][T10261] netlink: 'syz.4.2377': attribute type 12 has an invalid length.
[  149.412904][T10249] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.421329][T10251] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.2374: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  149.450439][T10251] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2374: couldn't read orphan inode 11 (err -117)
[  149.450470][T10249] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(16)
[  149.468865][T10249] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.476450][T10249] vhci_hcd vhci_hcd.0: Device attached
[  149.494442][T10251] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2374: Invalid block bitmap block 0 in block_group 0
[  149.509368][T10251] __quota_error: 90 callbacks suppressed
[  149.509382][T10251] Quota error (device loop0): write_blk: dquota write failed
[  149.522488][T10251] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  149.534524][T10251] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2374: Failed to acquire dquot type 0
[  149.546765][T10267] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.2374: Invalid inode table block 8589934593 in block_group 0
[  149.548985][T10249] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(18)
[  149.562815][T10256] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.566708][T10249] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  149.582236][T10256] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.582566][T10249] vhci_hcd vhci_hcd.0: Device attached
[  149.591879][T10256] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.629387][T10249] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(28)
[  149.636000][T10249] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  149.643666][T10249] vhci_hcd vhci_hcd.0: Device attached
[  149.657471][T10268] vhci_hcd: connection closed
[  149.657716][   T51] vhci_hcd: stop threads
[  149.666687][   T51] vhci_hcd: release socket
[  149.671116][   T51] vhci_hcd: disconnect device
[  149.676437][T10252] vhci_hcd: connection closed
[  149.678077][T10264] vhci_hcd: connection closed
[  149.682973][T10262] vhci_hcd: connection closed
[  149.687920][T10257] vhci_hcd: connection closed
[  149.690951][   T51] vhci_hcd: stop threads
[  149.701544][   T51] vhci_hcd: release socket
[  149.705949][   T51] vhci_hcd: disconnect device
[  149.710684][   T51] vhci_hcd: stop threads
[  149.714923][   T51] vhci_hcd: release socket
[  149.719404][   T51] vhci_hcd: disconnect device
[  149.724258][   T51] vhci_hcd: stop threads
[  149.728511][   T51] vhci_hcd: release socket
[  149.732995][   T51] vhci_hcd: disconnect device
[  149.739053][   T51] vhci_hcd: stop threads
[  149.743337][   T51] vhci_hcd: release socket
[  149.747779][   T51] vhci_hcd: disconnect device
[  149.808059][   T29] audit: type=1326 audit(1754839157.954:3666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10250 comm="syz.0.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  149.831560][   T29] audit: type=1326 audit(1754839157.954:3667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10250 comm="syz.0.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  149.855062][   T29] audit: type=1326 audit(1754839157.954:3668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10250 comm="syz.0.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  149.878450][   T29] audit: type=1326 audit(1754839157.954:3669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10250 comm="syz.0.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  149.901963][   T29] audit: type=1326 audit(1754839157.954:3670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10250 comm="syz.0.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf63eebe9 code=0x7ffc0000
[  150.144633][  T122] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 8589934593 in block_group 0
[  150.167748][T10272] loop0: detected capacity change from 0 to 512
[  150.175132][T10272] EXT4-fs: Ignoring removed mblk_io_submit option
[  150.181972][T10272] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  150.193412][T10272] EXT4-fs (loop0): 1 truncate cleaned up
[  150.358212][ T3389] usb usb8-port1: attempt power cycle
[  150.394337][T10275] loop5: detected capacity change from 0 to 2048
[  150.481660][T10288] loop5: detected capacity change from 0 to 1024
[  150.488737][T10288] EXT4-fs: Ignoring removed bh option
[  150.540974][T10294] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  150.586153][T10296] lo speed is unknown, defaulting to 1000
[  150.631936][   T29] audit: type=1400 audit(1754839158.794:3671): avc:  denied  { module_load } for  pid=10295 comm="syz.5.2385" path="/sys/kernel/notes" dev="sysfs" ino=212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  150.631952][T10296] Invalid ELF header magic: != ELF
[  150.639251][T10296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.669376][T10296] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.687803][T10296] __nla_validate_parse: 2 callbacks suppressed
[  150.687812][T10296] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2385'.
[  151.115168][T10302] loop4: detected capacity change from 0 to 1024
[  151.122763][T10302] EXT4-fs: Ignoring removed nobh option
[  151.128681][T10302] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  151.140854][T10302] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.2388: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  151.159969][T10302] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2388: couldn't read orphan inode 11 (err -117)
[  151.174805][T10302] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2388: Invalid block bitmap block 0 in block_group 0
[  151.188693][T10302] Quota error (device loop4): write_blk: dquota write failed
[  151.196081][T10302] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  151.206126][T10302] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2388: Failed to acquire dquot type 0
[  151.220666][T10302] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.2388: Invalid inode table block 8589934593 in block_group 0
[  151.374958][T10310] FAULT_INJECTION: forcing a failure.
[  151.374958][T10310] name failslab, interval 1, probability 0, space 0, times 0
[  151.387674][T10310] CPU: 0 UID: 0 PID: 10310 Comm: syz.5.2390 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  151.387698][T10310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  151.387709][T10310] Call Trace:
[  151.387715][T10310]  <TASK>
[  151.387721][T10310]  __dump_stack+0x1d/0x30
[  151.387742][T10310]  dump_stack_lvl+0xe8/0x140
[  151.387785][T10310]  dump_stack+0x15/0x1b
[  151.387803][T10310]  should_fail_ex+0x265/0x280
[  151.387857][T10310]  should_failslab+0x8c/0xb0
[  151.387878][T10310]  kmem_cache_alloc_node_noprof+0x57/0x320
[  151.387902][T10310]  ? __alloc_skb+0x101/0x320
[  151.387933][T10310]  __alloc_skb+0x101/0x320
[  151.388000][T10310]  netlink_alloc_large_skb+0xba/0xf0
[  151.388032][T10310]  netlink_sendmsg+0x3cf/0x6b0
[  151.388066][T10310]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.388084][T10310]  __sock_sendmsg+0x145/0x180
[  151.388106][T10310]  ____sys_sendmsg+0x31e/0x4e0
[  151.388126][T10310]  ___sys_sendmsg+0x17b/0x1d0
[  151.388155][T10310]  __x64_sys_sendmsg+0xd4/0x160
[  151.388243][T10310]  x64_sys_call+0x191e/0x2ff0
[  151.388260][T10310]  do_syscall_64+0xd2/0x200
[  151.388281][T10310]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.388301][T10310]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  151.388323][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.388347][T10310] RIP: 0033:0x7fdaed4debe9
[  151.388361][T10310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.388379][T10310] RSP: 002b:00007fdaebf3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.388399][T10310] RAX: ffffffffffffffda RBX: 00007fdaed705fa0 RCX: 00007fdaed4debe9
[  151.388441][T10310] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000008
[  151.388452][T10310] RBP: 00007fdaebf3f090 R08: 0000000000000000 R09: 0000000000000000
[  151.388464][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.388474][T10310] R13: 00007fdaed706038 R14: 00007fdaed705fa0 R15: 00007ffec12c94a8
[  151.388493][T10310]  </TASK>
[  151.500172][   T36] usb 11-1: enqueue for inactive port 0
[  151.724201][T10313] sd 0:0:1:0: device reset
[  151.851610][T10313] bond1: entered promiscuous mode
[  151.856691][T10313] bond1: entered allmulticast mode
[  151.896218][T10313] 8021q: adding VLAN 0 to HW filter on device bond1
[  151.910264][   T36] usb 11-1: enqueue for inactive port 0
[  151.935719][T10313] bond1 (unregistering): Released all slaves
[  151.998036][   T36] vhci_hcd: vhci_device speed not set
[  152.015333][  T122] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 8589934593 in block_group 0
[  152.178827][T10318] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  152.185449][T10318] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  152.193017][T10318] vhci_hcd vhci_hcd.0: Device attached
[  152.201139][T10318] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(13)
[  152.207800][T10318] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  152.215402][T10318] vhci_hcd vhci_hcd.0: Device attached
[  152.222655][T10318] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  152.232207][T10318] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(17)
[  152.238799][T10318] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  152.246313][T10318] vhci_hcd vhci_hcd.0: Device attached
[  152.252941][T10318] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(19)
[  152.259530][T10318] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  152.267261][T10318] vhci_hcd vhci_hcd.0: Device attached
[  152.273224][T10318] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  152.281634][T10318] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  152.291772][T10318] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  152.314950][T10318] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(29)
[  152.321558][T10318] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  152.329179][T10318] vhci_hcd vhci_hcd.0: Device attached
[  152.347062][T10333] vhci_hcd: connection closed
[  152.347264][T10325] vhci_hcd: connection closed
[  152.347299][T10319] vhci_hcd: connection closed
[  152.352100][  T122] vhci_hcd: stop threads
[  152.352109][  T122] vhci_hcd: release socket
[  152.357131][T10321] vhci_hcd: connection closed
[  152.361538][  T122] vhci_hcd: disconnect device
[  152.379630][T10328] vhci_hcd: connection closed
[  152.379856][  T122] vhci_hcd: stop threads
[  152.388828][  T122] vhci_hcd: release socket
[  152.393237][  T122] vhci_hcd: disconnect device
[  152.399127][  T122] vhci_hcd: stop threads
[  152.403370][  T122] vhci_hcd: release socket
[  152.407780][  T122] vhci_hcd: disconnect device
[  152.414318][  T122] vhci_hcd: stop threads
[  152.418578][  T122] vhci_hcd: release socket
[  152.423020][  T122] vhci_hcd: disconnect device
[  152.427857][  T122] vhci_hcd: stop threads
[  152.432103][  T122] vhci_hcd: release socket
[  152.436624][  T122] vhci_hcd: disconnect device
[  152.441425][ T3409] usb 9-1: new low-speed USB device number 3 using vhci_hcd
[  152.449106][ T3409] usb 9-1: enqueue for inactive port 0
[  152.454566][ T3409] usb 9-1: enqueue for inactive port 0
[  152.460201][ T3409] usb 9-1: enqueue for inactive port 0
[  152.460538][T10332] loop5: detected capacity change from 0 to 2048
[  152.528153][ T3409] vhci_hcd: vhci_device speed not set
[  152.858263][ T3389] usb usb8-port1: unable to enumerate USB device
[  152.864845][T10222] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  152.910187][T10346] Illegal XDP return value 4294967274 on prog  (id 1097) dev N/A, expect packet loss!
[  152.966256][T10346] SELinux:  policydb version 82 does not match my version range 15-35
[  152.982025][T10346] SELinux: failed to load policy
[  153.041376][T10353] loop1: detected capacity change from 0 to 512
[  153.118394][T10353] ext4 filesystem being mounted at /531/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.161683][T10360] loop5: detected capacity change from 0 to 512
[  153.200910][T10360] ext4 filesystem being mounted at /349/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.338494][T10369] sd 0:0:1:0: device reset
[  153.387544][T10369] bond4: entered promiscuous mode
[  153.392667][T10369] bond4: entered allmulticast mode
[  153.442690][T10369] 8021q: adding VLAN 0 to HW filter on device bond4
[  153.480604][T10369] bond4 (unregistering): Released all slaves
[  153.745151][T10371] lo speed is unknown, defaulting to 1000
[  153.779122][T10379] FAULT_INJECTION: forcing a failure.
[  153.779122][T10379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.792267][T10379] CPU: 1 UID: 0 PID: 10379 Comm: syz.3.2409 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  153.792292][T10379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.792343][T10379] Call Trace:
[  153.792350][T10379]  <TASK>
[  153.792359][T10379]  __dump_stack+0x1d/0x30
[  153.792381][T10379]  dump_stack_lvl+0xe8/0x140
[  153.792401][T10379]  dump_stack+0x15/0x1b
[  153.792417][T10379]  should_fail_ex+0x265/0x280
[  153.792472][T10379]  should_fail+0xb/0x20
[  153.792524][T10379]  should_fail_usercopy+0x1a/0x20
[  153.792546][T10379]  _copy_to_user+0x20/0xa0
[  153.792571][T10379]  simple_read_from_buffer+0xb5/0x130
[  153.792590][T10379]  proc_fail_nth_read+0x10e/0x150
[  153.792628][T10379]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.792653][T10379]  vfs_read+0x1a8/0x770
[  153.792713][T10379]  ? __rcu_read_unlock+0x4f/0x70
[  153.792731][T10379]  ? __fget_files+0x184/0x1c0
[  153.792750][T10379]  ? fput+0x8f/0xc0
[  153.792819][T10379]  ksys_read+0xda/0x1a0
[  153.792838][T10379]  __x64_sys_read+0x40/0x50
[  153.792930][T10379]  x64_sys_call+0x27bc/0x2ff0
[  153.792949][T10379]  do_syscall_64+0xd2/0x200
[  153.793015][T10379]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  153.793034][T10379]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  153.793053][T10379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.793073][T10379] RIP: 0033:0x7f9cf093d5fc
[  153.793088][T10379] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  153.793138][T10379] RSP: 002b:00007f9cef3a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  153.793187][T10379] RAX: ffffffffffffffda RBX: 00007f9cf0b65fa0 RCX: 00007f9cf093d5fc
[  153.793200][T10379] RDX: 000000000000000f RSI: 00007f9cef3a70a0 RDI: 0000000000000006
[  153.793275][T10379] RBP: 00007f9cef3a7090 R08: 0000000000000000 R09: 0000000000000000
[  153.793288][T10379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.793301][T10379] R13: 00007f9cf0b66038 R14: 00007f9cf0b65fa0 R15: 00007ffcb1835c78
[  153.793395][T10379]  </TASK>
[  154.071664][T10382] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  154.078339][T10382] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  154.085847][T10382] vhci_hcd vhci_hcd.0: Device attached
[  154.129963][T10382] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(13)
[  154.136581][T10382] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  154.144411][T10382] vhci_hcd vhci_hcd.0: Device attached
[  154.152237][T10396] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.169876][T10382] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(17)
[  154.176477][T10382] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  154.184049][T10382] vhci_hcd vhci_hcd.0: Device attached
[  154.218364][T10382] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(19)
[  154.225049][T10382] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  154.232843][T10382] vhci_hcd vhci_hcd.0: Device attached
[  154.261758][T10396] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.270456][T10382] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.280157][T10382] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  154.289147][T10382] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(29)
[  154.295783][T10382] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  154.303399][T10382] vhci_hcd vhci_hcd.0: Device attached
[  154.315643][T10406] vhci_hcd: connection closed
[  154.315957][   T31] vhci_hcd: stop threads
[  154.324959][   T31] vhci_hcd: release socket
[  154.329399][   T31] vhci_hcd: disconnect device
[  154.334548][T10402] vhci_hcd: connection closed
[  154.334770][T10398] vhci_hcd: connection closed
[  154.339622][    T9] usb 10-1: SetAddress Request (3) to port 0
[  154.351324][   T31] vhci_hcd: stop threads
[  154.355558][   T31] vhci_hcd: release socket
[  154.359991][   T31] vhci_hcd: disconnect device
[  154.365727][    T9] usb 10-1: new SuperSpeed USB device number 3 using vhci_hcd
[  154.373415][T10393] vhci_hcd: connection closed
[  154.385932][T10387] vhci_hcd: connection closed
[  154.394154][    T9] usb 10-1: enqueue for inactive port 0
[  154.405810][   T31] vhci_hcd: stop threads
[  154.409728][    T9] usb 10-1: enqueue for inactive port 0
[  154.410132][   T31] vhci_hcd: release socket
[  154.415695][    T9] usb 10-1: enqueue for inactive port 0
[  154.425544][   T31] vhci_hcd: disconnect device
[  154.432777][   T31] vhci_hcd: stop threads
[  154.437038][   T31] vhci_hcd: release socket
[  154.441483][   T31] vhci_hcd: disconnect device
[  154.446659][   T31] vhci_hcd: stop threads
[  154.450965][   T31] vhci_hcd: release socket
[  154.455409][   T31] vhci_hcd: disconnect device
[  154.461565][T10411] sd 0:0:1:0: device reset
[  154.472361][T10411] bond1: entered promiscuous mode
[  154.477386][T10411] bond1: entered allmulticast mode
[  154.482687][T10411] 8021q: adding VLAN 0 to HW filter on device bond1
[  154.491853][T10411] bond1 (unregistering): Released all slaves
[  154.528091][    T9] usb 10-1: new SuperSpeed USB device number 3 using vhci_hcd
[  154.548289][    T9] usb 10-1: enqueue for inactive port 0
[  154.553904][    T9] usb 10-1: enqueue for inactive port 0
[  154.559518][    T9] usb 10-1: enqueue for inactive port 0
[  154.661336][T10414] loop5: detected capacity change from 0 to 512
[  154.679224][    T9] usb usb10-port1: attempt power cycle
[  154.680584][T10414] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.727759][T10420] loop5: detected capacity change from 0 to 128
[  154.750495][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2418'.
[  154.762779][T10420] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2418'.
[  154.880051][T10428] loop5: detected capacity change from 0 to 512
[  154.889772][T10428] ext4 filesystem being mounted at /357/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.900747][ T3367] usb usb12-port1: attempt power cycle
[  154.909147][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  154.909160][   T29] audit: type=1400 audit(1754839163.074:3681): avc:  denied  { map } for  pid=10431 comm="syz.4.2423" path="socket:[26632]" dev="sockfs" ino=26632 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  154.958350][ T3389] usb usb8-port1: attempt power cycle
[  154.969225][T10439] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2425'.
[  154.971891][T10441] loop4: detected capacity change from 0 to 512
[  154.986768][T10441] EXT4-fs (loop4): orphan cleanup on readonly fs
[  154.994140][T10441] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2423: bg 0: block 248: padding at end of block bitmap is not set
[  155.008940][T10441] Quota error (device loop4): write_blk: dquota write failed
[  155.016310][T10441] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  155.026275][T10441] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2423: Failed to acquire dquot type 1
[  155.038252][T10441] EXT4-fs (loop4): 1 truncate cleaned up
[  155.121713][T10444] loop3: detected capacity change from 0 to 512
[  155.139638][T10444] ext4 filesystem being mounted at /392/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.238503][T10452] netlink: 'syz.3.2429': attribute type 12 has an invalid length.
[  155.499985][T10456] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  155.525110][T10458] loop5: detected capacity change from 0 to 2048
[  155.570972][T10458] Alternate GPT is invalid, using primary GPT.
[  155.577346][T10458]  loop5: p2 p3 p7
[  155.584818][T10458] netlink: 'syz.5.2431': attribute type 5 has an invalid length.
[  155.593778][   T29] audit: type=1400 audit(1754839163.764:3682): avc:  denied  { write } for  pid=10457 comm="syz.5.2431" name="loop5p2" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  155.617054][   T29] audit: type=1400 audit(1754839163.764:3683): avc:  denied  { open } for  pid=10457 comm="syz.5.2431" path="/dev/loop5p2" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  155.658144][ T3409] vhci_hcd: vhci_device speed not set
[  155.694549][T10464] netlink: 'syz.5.2434': attribute type 12 has an invalid length.
[  155.707479][T10466] loop1: detected capacity change from 0 to 512
[  155.720138][T10466] ext4 filesystem being mounted at /535/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.774272][T10475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2437'.
[  155.783415][T10479] loop1: detected capacity change from 0 to 512
[  155.789685][   T29] audit: type=1400 audit(1754839163.934:3684): avc:  denied  { map } for  pid=10474 comm="syz.4.2437" path="pipe:[26172]" dev="pipefs" ino=26172 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  155.813823][T10479] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.820740][T10479] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.832074][T10479] EXT4-fs (loop1): 1 truncate cleaned up
[  155.846162][T10482] loop4: detected capacity change from 0 to 512
[  155.859526][T10482] EXT4-fs mount: 110 callbacks suppressed
[  155.859540][T10482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.877851][T10482] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.906678][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.965474][T10487] lo speed is unknown, defaulting to 1000
[  156.049401][T10491] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2441'.
[  156.155650][   T29] audit: type=1400 audit(1754839164.314:3685): avc:  denied  { map } for  pid=10486 comm="syz.4.2440" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  156.179691][   T29] audit: type=1400 audit(1754839164.314:3686): avc:  denied  { execute } for  pid=10486 comm="syz.4.2440" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  156.301217][T10512] loop3: detected capacity change from 0 to 2048
[  156.320514][T10512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.360995][T10512] hub 2-0:1.0: USB hub found
[  156.365652][T10512] hub 2-0:1.0: 8 ports detected
[  156.373493][T10512] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2447'.
[  156.449379][T10518] FAULT_INJECTION: forcing a failure.
[  156.449379][T10518] name failslab, interval 1, probability 0, space 0, times 0
[  156.462078][T10518] CPU: 1 UID: 0 PID: 10518 Comm: syz.5.2448 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  156.462103][T10518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.462114][T10518] Call Trace:
[  156.462120][T10518]  <TASK>
[  156.462127][T10518]  __dump_stack+0x1d/0x30
[  156.462148][T10518]  dump_stack_lvl+0xe8/0x140
[  156.462165][T10518]  dump_stack+0x15/0x1b
[  156.462177][T10518]  should_fail_ex+0x265/0x280
[  156.462197][T10518]  should_failslab+0x8c/0xb0
[  156.462220][T10518]  kmem_cache_alloc_noprof+0x50/0x310
[  156.462242][T10518]  ? mas_alloc_nodes+0x265/0x520
[  156.462263][T10518]  mas_alloc_nodes+0x265/0x520
[  156.462287][T10518]  mas_preallocate+0x33e/0x520
[  156.462313][T10518]  __split_vma+0x240/0x650
[  156.462341][T10518]  vma_modify+0x3f2/0xc80
[  156.462361][T10518]  ? _parse_integer_limit+0x170/0x190
[  156.462381][T10518]  vma_modify_flags+0x101/0x130
[  156.462405][T10518]  mlock_fixup+0x11d/0x210
[  156.462431][T10518]  apply_vma_lock_flags+0x193/0x250
[  156.462456][T10518]  do_mlock+0x3c6/0x520
[  156.462477][T10518]  ? __bpf_trace_sys_enter+0x10/0x30
[  156.462494][T10518]  ? trace_sys_enter+0xd0/0xf0
[  156.462514][T10518]  __x64_sys_mlock+0x36/0x50
[  156.462537][T10518]  x64_sys_call+0x18f8/0x2ff0
[  156.462555][T10518]  do_syscall_64+0xd2/0x200
[  156.462574][T10518]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  156.462592][T10518]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  156.462615][T10518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.462636][T10518] RIP: 0033:0x7fdaed4debe9
[  156.462650][T10518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.462664][T10518] RSP: 002b:00007fdaebf3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  156.462680][T10518] RAX: ffffffffffffffda RBX: 00007fdaed705fa0 RCX: 00007fdaed4debe9
[  156.462690][T10518] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00002000007d8000
[  156.462701][T10518] RBP: 00007fdaebf3f090 R08: 0000000000000000 R09: 0000000000000000
[  156.462713][T10518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.462732][T10518] R13: 00007fdaed706038 R14: 00007fdaed705fa0 R15: 00007ffec12c94a8
[  156.462748][T10518]  </TASK>
[  156.688908][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.716923][T10521] loop3: detected capacity change from 0 to 512
[  156.739556][T10521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.767563][T10521] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.784221][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.801901][T10526] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2451'.
[  156.810823][T10526] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2451'.
[  156.819872][ T3389] usb usb8-port1: unable to enumerate USB device
[  156.836929][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.865866][T10533] FAULT_INJECTION: forcing a failure.
[  156.865866][T10533] name failslab, interval 1, probability 0, space 0, times 0
[  156.878491][T10533] CPU: 1 UID: 0 PID: 10533 Comm: syz.1.2454 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  156.878517][T10533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.878528][T10533] Call Trace:
[  156.878535][T10533]  <TASK>
[  156.878545][T10533]  __dump_stack+0x1d/0x30
[  156.878619][T10531] loop3: detected capacity change from 0 to 1024
[  156.878565][T10533]  dump_stack_lvl+0xe8/0x140
[  156.878641][T10533]  dump_stack+0x15/0x1b
[  156.878654][T10533]  should_fail_ex+0x265/0x280
[  156.878674][T10533]  should_failslab+0x8c/0xb0
[  156.878699][T10533]  kmem_cache_alloc_node_noprof+0x57/0x320
[  156.878782][T10533]  ? __alloc_skb+0x101/0x320
[  156.878812][T10533]  __alloc_skb+0x101/0x320
[  156.878910][T10533]  fdb_notify+0x6e/0x120
[  156.878939][T10533]  fdb_add_local+0x117/0x1b0
[  156.879010][T10533]  br_fdb_add_local+0x3a/0x60
[  156.879039][T10533]  __vlan_add+0x3d3/0x1400
[  156.879064][T10533]  ? br_vlan_add+0x1f4/0x7c0
[  156.879110][T10533]  br_vlan_add+0x38b/0x7c0
[  156.879137][T10533]  br_vlan_info+0x121/0x230
[  156.879237][T10533]  br_process_vlan_info+0x3eb/0x510
[  156.879268][T10533]  br_afspec+0x2b9/0x420
[  156.879327][T10533]  br_setlink+0x15d/0x480
[  156.879402][T10533]  rtnl_bridge_setlink+0x3e9/0x470
[  156.879429][T10533]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[  156.879480][T10533]  rtnetlink_rcv_msg+0x65a/0x6d0
[  156.879508][T10533]  netlink_rcv_skb+0x120/0x220
[  156.879526][T10533]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  156.879556][T10533]  rtnetlink_rcv+0x1c/0x30
[  156.879578][T10533]  netlink_unicast+0x5c0/0x690
[  156.879624][T10533]  netlink_sendmsg+0x58b/0x6b0
[  156.879646][T10533]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.879665][T10533]  __sock_sendmsg+0x145/0x180
[  156.879690][T10533]  ____sys_sendmsg+0x31e/0x4e0
[  156.879767][T10533]  ___sys_sendmsg+0x17b/0x1d0
[  156.879857][T10533]  __x64_sys_sendmsg+0xd4/0x160
[  156.879881][T10533]  x64_sys_call+0x191e/0x2ff0
[  156.879901][T10533]  do_syscall_64+0xd2/0x200
[  156.879974][T10533]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  156.879997][T10533]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  156.880060][T10533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.880080][T10533] RIP: 0033:0x7f278244ebe9
[  156.880095][T10533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.880157][T10533] RSP: 002b:00007f2780eb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.880176][T10533] RAX: ffffffffffffffda RBX: 00007f2782675fa0 RCX: 00007f278244ebe9
[  156.880188][T10533] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  156.880200][T10533] RBP: 00007f2780eb7090 R08: 0000000000000000 R09: 0000000000000000
[  156.880213][T10533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.880225][T10533] R13: 00007f2782676038 R14: 00007f2782675fa0 R15: 00007fff46f45bc8
[  156.880243][T10533]  </TASK>
[  157.171643][T10531] EXT4-fs: Ignoring removed nobh option
[  157.177696][T10531] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  157.205639][   T29] audit: type=1400 audit(1754839165.334:3687): avc:  denied  { setopt } for  pid=10534 comm="syz.0.2455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  157.249767][ T3367] usb usb12-port1: unable to enumerate USB device
[  157.366302][T10553] FAULT_INJECTION: forcing a failure.
[  157.366302][T10553] name failslab, interval 1, probability 0, space 0, times 0
[  157.379017][T10553] CPU: 0 UID: 0 PID: 10553 Comm: syz.4.2461 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  157.379042][T10553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  157.379052][T10553] Call Trace:
[  157.379058][T10553]  <TASK>
[  157.379066][T10553]  __dump_stack+0x1d/0x30
[  157.379087][T10553]  dump_stack_lvl+0xe8/0x140
[  157.379157][T10553]  dump_stack+0x15/0x1b
[  157.379175][T10553]  should_fail_ex+0x265/0x280
[  157.379198][T10553]  should_failslab+0x8c/0xb0
[  157.379223][T10553]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  157.379249][T10553]  ? sidtab_sid2str_get+0xa0/0x130
[  157.379335][T10553]  kmemdup_noprof+0x2b/0x70
[  157.379498][T10553]  sidtab_sid2str_get+0xa0/0x130
[  157.379520][T10553]  security_sid_to_context_core+0x1eb/0x2e0
[  157.379543][T10553]  security_sid_to_context+0x27/0x40
[  157.379563][T10553]  selinux_lsmprop_to_secctx+0x67/0xf0
[  157.379586][T10553]  security_lsmprop_to_secctx+0x43/0x80
[  157.379654][T10553]  audit_log_task_context+0x77/0x190
[  157.379684][T10553]  audit_log_task+0xf4/0x250
[  157.379712][T10553]  audit_seccomp+0x61/0x100
[  157.379734][T10553]  ? __seccomp_filter+0x68c/0x10d0
[  157.379760][T10553]  __seccomp_filter+0x69d/0x10d0
[  157.379778][T10553]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  157.379858][T10553]  ? vfs_write+0x7e8/0x960
[  157.379879][T10553]  ? __rcu_read_unlock+0x4f/0x70
[  157.379909][T10553]  ? __fget_files+0x184/0x1c0
[  157.379987][T10553]  __secure_computing+0x82/0x150
[  157.380025][T10553]  syscall_trace_enter+0xcf/0x1e0
[  157.380046][T10553]  do_syscall_64+0xac/0x200
[  157.380072][T10553]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  157.380096][T10553]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  157.380164][T10553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.380215][T10553] RIP: 0033:0x7f08ac98ebe9
[  157.380229][T10553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.380243][T10553] RSP: 002b:00007f08ab3f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  157.380334][T10553] RAX: ffffffffffffffda RBX: 00007f08acbb5fa0 RCX: 00007f08ac98ebe9
[  157.380345][T10553] RDX: ffffffffffffffff RSI: 0000200000000140 RDI: ffffffffffffffff
[  157.380357][T10553] RBP: 00007f08ab3f7090 R08: 0000000000000001 R09: 0000000000000000
[  157.380369][T10553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.380382][T10553] R13: 00007f08acbb6038 R14: 00007f08acbb5fa0 R15: 00007ffe175d2d68
[  157.380471][T10553]  </TASK>
[  157.380480][T10553] audit: error in audit_log_task_context
[  157.589083][T10551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.640571][T10531] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.2453: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  157.661092][T10556] sd 0:0:1:0: device reset
[  157.676938][T10556] bond1: entered promiscuous mode
[  157.677099][T10531] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2453: couldn't read orphan inode 11 (err -117)
[  157.682242][T10556] bond1: entered allmulticast mode
[  157.704225][T10551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.718391][T10556] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.725754][T10531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.743380][T10556] bond1 (unregistering): Released all slaves
[  157.774211][T10531] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2453: Invalid block bitmap block 0 in block_group 0
[  157.792795][T10531] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2453: Failed to acquire dquot type 0
[  157.804468][    T9] usb usb10-port1: unable to enumerate USB device
[  157.818187][T10559] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.2453: Invalid inode table block 8589934593 in block_group 0
[  157.945086][T10564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2465'.
[  157.953996][T10564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2465'.
[  158.042014][T10568] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  158.050827][T10568] SELinux: failed to load policy
[  158.201944][T10582] loop4: detected capacity change from 0 to 512
[  158.210429][T10582] EXT4-fs: Ignoring removed oldalloc option
[  158.216718][T10582] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  158.228143][T10582] EXT4-fs (loop4): 1 truncate cleaned up
[  158.235281][T10582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.264919][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.300110][  T122] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm kworker/u8:4: Invalid inode table block 8589934593 in block_group 0
[  158.336993][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.392419][T10596] FAULT_INJECTION: forcing a failure.
[  158.392419][T10596] name failslab, interval 1, probability 0, space 0, times 0
[  158.405081][T10596] CPU: 0 UID: 0 PID: 10596 Comm: syz.3.2478 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  158.405111][T10596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  158.405123][T10596] Call Trace:
[  158.405130][T10596]  <TASK>
[  158.405138][T10596]  __dump_stack+0x1d/0x30
[  158.405223][T10596]  dump_stack_lvl+0xe8/0x140
[  158.405242][T10596]  dump_stack+0x15/0x1b
[  158.405260][T10596]  should_fail_ex+0x265/0x280
[  158.405286][T10596]  should_failslab+0x8c/0xb0
[  158.405310][T10596]  kmem_cache_alloc_noprof+0x50/0x310
[  158.405348][T10596]  ? alloc_empty_file+0x76/0x200
[  158.405374][T10596]  alloc_empty_file+0x76/0x200
[  158.405413][T10596]  alloc_file_pseudo+0xc6/0x160
[  158.405512][T10596]  __shmem_file_setup+0x1de/0x210
[  158.405587][T10596]  shmem_file_setup+0x3b/0x50
[  158.405666][T10596]  __se_sys_memfd_create+0x2c3/0x590
[  158.405685][T10596]  __x64_sys_memfd_create+0x31/0x40
[  158.405705][T10596]  x64_sys_call+0x2abe/0x2ff0
[  158.405791][T10596]  do_syscall_64+0xd2/0x200
[  158.405816][T10596]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  158.405855][T10596]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  158.405877][T10596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.405967][T10596] RIP: 0033:0x7f9cf093ebe9
[  158.405994][T10596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.406077][T10596] RSP: 002b:00007f9cef3a6d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  158.406135][T10596] RAX: ffffffffffffffda RBX: 000000000000059d RCX: 00007f9cf093ebe9
[  158.406146][T10596] RDX: 00007f9cef3a6dec RSI: 0000000000000000 RDI: 00007f9cf09c27e8
[  158.406156][T10596] RBP: 0000200000000000 R08: 00007f9cef3a6b07 R09: 0000000000000000
[  158.406167][T10596] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  158.406177][T10596] R13: 00007f9cef3a6dec R14: 00007f9cef3a6df0 R15: 00007ffcb1835c78
[  158.406192][T10596]  </TASK>
[  158.763580][T10625] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.813638][T10632] IPv6: NLM_F_CREATE should be specified when creating new route
[  158.827034][T10625] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.840340][T10632] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.849903][T10632] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.882589][T10625] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.939123][T10625] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.979178][T10654] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2485'.
[  159.008046][ T1850] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.036057][ T1850] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.058249][   T51] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.066526][   T51] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  159.127498][T10675] loop5: detected capacity change from 0 to 512
[  159.138588][T10675] EXT4-fs: Ignoring removed mblk_io_submit option
[  159.158499][T10675] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  159.172805][T10675] EXT4-fs (loop5): 1 truncate cleaned up
[  159.181145][T10675] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.228221][   T10] usb usb8-port1: attempt power cycle
[  159.482352][T10716] loop0: detected capacity change from 0 to 512
[  159.494294][T10716] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.2493: invalid block
[  159.507558][T10716] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2493: invalid indirect mapped block 4294967295 (level 1)
[  159.523060][T10716] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2493: invalid indirect mapped block 4294967295 (level 1)
[  159.537349][T10716] EXT4-fs (loop0): 2 truncates cleaned up
[  159.544475][T10716] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.560904][T10716] FAULT_INJECTION: forcing a failure.
[  159.560904][T10716] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.573971][T10716] CPU: 0 UID: 0 PID: 10716 Comm: +}[@ Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  159.574022][T10716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.574109][T10716] Call Trace:
[  159.574116][T10716]  <TASK>
[  159.574125][T10716]  __dump_stack+0x1d/0x30
[  159.574146][T10716]  dump_stack_lvl+0xe8/0x140
[  159.574204][T10716]  dump_stack+0x15/0x1b
[  159.574218][T10716]  should_fail_ex+0x265/0x280
[  159.574236][T10716]  should_fail+0xb/0x20
[  159.574276][T10716]  should_fail_usercopy+0x1a/0x20
[  159.574298][T10716]  _copy_from_iter+0xcf/0xe40
[  159.574322][T10716]  ? __build_skb_around+0x1a0/0x200
[  159.574420][T10716]  ? __alloc_skb+0x223/0x320
[  159.574486][T10716]  netlink_sendmsg+0x471/0x6b0
[  159.574522][T10716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.574541][T10716]  __sock_sendmsg+0x145/0x180
[  159.574568][T10716]  ____sys_sendmsg+0x31e/0x4e0
[  159.574620][T10716]  ___sys_sendmsg+0x17b/0x1d0
[  159.574651][T10716]  __x64_sys_sendmsg+0xd4/0x160
[  159.574676][T10716]  x64_sys_call+0x191e/0x2ff0
[  159.574698][T10716]  do_syscall_64+0xd2/0x200
[  159.574776][T10716]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  159.574801][T10716]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  159.574825][T10716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.574869][T10716] RIP: 0033:0x7fbcf63eebe9
[  159.574938][T10716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.574954][T10716] RSP: 002b:00007fbcf4e4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.574970][T10716] RAX: ffffffffffffffda RBX: 00007fbcf6615fa0 RCX: 00007fbcf63eebe9
[  159.574980][T10716] RDX: 0000000000000810 RSI: 0000200000000240 RDI: 000000000000000a
[  159.574993][T10716] RBP: 00007fbcf4e4f090 R08: 0000000000000000 R09: 0000000000000000
[  159.575006][T10716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.575019][T10716] R13: 00007fbcf6616038 R14: 00007fbcf6615fa0 R15: 00007ffdcff8c038
[  159.575042][T10716]  </TASK>
[  159.795577][T10716] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.831891][T10716] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.880948][T10716] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.892623][T10725] netlink: 'syz.3.2496': attribute type 12 has an invalid length.
[  159.940830][T10716] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.995353][  T382] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.014766][  T382] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.023267][  T382] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.028205][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.043699][  T382] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.052977][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.084731][T10733] loop0: detected capacity change from 0 to 512
[  160.099763][T10733] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.112339][T10733] ext4 filesystem being mounted at /488/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.135404][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.586865][T10740] sd 0:0:1:0: device reset
[  160.597214][T10740] bond1: entered promiscuous mode
[  160.602276][T10740] bond1: entered allmulticast mode
[  160.607528][T10740] 8021q: adding VLAN 0 to HW filter on device bond1
[  160.616821][T10740] bond1 (unregistering): Released all slaves
[  160.810900][T10754] loop5: detected capacity change from 0 to 512
[  160.817504][T10754] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.825194][T10754] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  160.836654][T10754] EXT4-fs (loop5): 1 truncate cleaned up
[  160.842857][T10754] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.066336][T10758] loop0: detected capacity change from 0 to 2048
[  161.079924][T10758] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.138069][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.174920][T10766] loop0: detected capacity change from 0 to 2048
[  161.178308][   T10] usb usb8-port1: unable to enumerate USB device
[  161.202002][T10766] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.248749][T10771] loop4: detected capacity change from 0 to 512
[  161.262241][T10766] hub 2-0:1.0: USB hub found
[  161.275596][T10766] hub 2-0:1.0: 8 ports detected
[  161.303375][T10766] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2509'.
[  161.324881][T10771] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.446593][T10771] ext4 filesystem being mounted at /521/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.513070][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.569768][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.780923][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.198383][T10790] bond1: entered promiscuous mode
[  162.203468][T10790] bond1: entered allmulticast mode
[  162.218944][T10790] 8021q: adding VLAN 0 to HW filter on device bond1
[  162.231149][T10790] bond1 (unregistering): Released all slaves
[  162.299921][T10793] loop0: detected capacity change from 0 to 512
[  162.327523][T10787] loop5: detected capacity change from 0 to 2048
[  162.349751][T10793] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.369196][T10787] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.393258][T10793] ext4 filesystem being mounted at /495/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.492179][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.543729][T10805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2520'.
[  162.552788][T10805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2520'.
[  162.583942][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.617896][   T29] kauditd_printk_skb: 162 callbacks suppressed
[  162.617909][   T29] audit: type=1400 audit(1754839170.774:3848): avc:  denied  { module_request } for  pid=10806 comm="syz.0.2521" kmod="net-pf-2-proto-9-type-4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  162.650186][T10809] loop5: detected capacity change from 0 to 512
[  162.650834][T10808] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2521'.
[  162.674257][T10802] loop4: detected capacity change from 0 to 2048
[  162.701318][T10809] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.714845][T10802] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.744639][T10809] ext4 filesystem being mounted at /383/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.796171][   T29] audit: type=1400 audit(1754839170.954:3849): avc:  denied  { map } for  pid=10817 comm="syz.0.2523" path="/dev/bus/usb/001/001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  162.797069][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.821426][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.864631][T10823] random: crng reseeded on system resumption
[  162.901709][T10826] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2528'.
[  162.937291][T10828] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  162.952198][T10830] SELinux: security policydb version 17 (MLS) not backwards compatible
[  162.972192][T10828] syzkaller0: entered promiscuous mode
[  162.977677][T10828] syzkaller0: entered allmulticast mode
[  162.998925][T10830] SELinux: failed to load policy
[  163.034777][T10828] tipc: Resetting bearer <eth:syzkaller0>
[  163.040861][T10833] lo speed is unknown, defaulting to 1000
[  163.079890][T10835] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2530'.
[  163.095465][T10827] tipc: Resetting bearer <eth:syzkaller0>
[  163.105563][T10827] tipc: Disabling bearer <eth:syzkaller0>
[  163.125234][T10839] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2531'.
[  163.159791][T10837] loop1: detected capacity change from 0 to 1024
[  163.166394][T10837] EXT4-fs: Ignoring removed orlov option
[  163.172102][T10837] EXT4-fs: Ignoring removed i_version option
[  163.179486][T10839] loop5: detected capacity change from 0 to 1024
[  163.186403][T10839] EXT4-fs: Ignoring removed orlov option
[  163.192104][T10839] EXT4-fs: Ignoring removed i_version option
[  163.200509][T10849] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2532'.
[  163.209463][T10849] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2532'.
[  163.222022][T10837] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.235710][T10839] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.252327][T10835] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2530'.
[  163.280907][T10839] FAULT_INJECTION: forcing a failure.
[  163.280907][T10839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.292475][T10860] FAULT_INJECTION: forcing a failure.
[  163.292475][T10860] name failslab, interval 1, probability 0, space 0, times 0
[  163.294020][T10839] CPU: 0 UID: 0 PID: 10839 Comm: syz.5.2531 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  163.294130][T10839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.294141][T10839] Call Trace:
[  163.294147][T10839]  <TASK>
[  163.294154][T10839]  __dump_stack+0x1d/0x30
[  163.294174][T10839]  dump_stack_lvl+0xe8/0x140
[  163.294193][T10839]  dump_stack+0x15/0x1b
[  163.294210][T10839]  should_fail_ex+0x265/0x280
[  163.294260][T10839]  should_fail+0xb/0x20
[  163.294278][T10839]  should_fail_usercopy+0x1a/0x20
[  163.294324][T10839]  _copy_from_iter+0xcf/0xe40
[  163.294346][T10839]  ? __build_skb_around+0x1a0/0x200
[  163.294376][T10839]  ? __alloc_skb+0x223/0x320
[  163.294466][T10839]  netlink_sendmsg+0x471/0x6b0
[  163.294488][T10839]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.294549][T10839]  __sock_sendmsg+0x145/0x180
[  163.294575][T10839]  ____sys_sendmsg+0x31e/0x4e0
[  163.294599][T10839]  ___sys_sendmsg+0x17b/0x1d0
[  163.294631][T10839]  __x64_sys_sendmsg+0xd4/0x160
[  163.294678][T10839]  x64_sys_call+0x191e/0x2ff0
[  163.294751][T10839]  do_syscall_64+0xd2/0x200
[  163.294794][T10839]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  163.294817][T10839]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  163.294841][T10839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.294877][T10839] RIP: 0033:0x7fdaed4debe9
[  163.294892][T10839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.294939][T10839] RSP: 002b:00007fdaebf3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.294958][T10839] RAX: ffffffffffffffda RBX: 00007fdaed705fa0 RCX: 00007fdaed4debe9
[  163.294971][T10839] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000012
[  163.294983][T10839] RBP: 00007fdaebf3f090 R08: 0000000000000000 R09: 0000000000000000
[  163.294996][T10839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.295008][T10839] R13: 00007fdaed706038 R14: 00007fdaed705fa0 R15: 00007ffec12c94a8
[  163.295026][T10839]  </TASK>
[  163.492066][T10872] loop3: detected capacity change from 0 to 2048
[  163.496893][T10860] CPU: 1 UID: 0 PID: 10860 Comm: syz.4.2534 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  163.496955][T10860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.496968][T10860] Call Trace:
[  163.496975][T10860]  <TASK>
[  163.496984][T10860]  __dump_stack+0x1d/0x30
[  163.497006][T10860]  dump_stack_lvl+0xe8/0x140
[  163.497026][T10860]  dump_stack+0x15/0x1b
[  163.497105][T10860]  should_fail_ex+0x265/0x280
[  163.497126][T10860]  should_failslab+0x8c/0xb0
[  163.497155][T10860]  __kmalloc_noprof+0xa5/0x3e0
[  163.497193][T10860]  ? nla_strdup+0x78/0xc0
[  163.497216][T10860]  nla_strdup+0x78/0xc0
[  163.497237][T10860]  nf_tables_newtable+0x3ba/0xea0
[  163.497263][T10860]  nfnetlink_rcv+0xb99/0x1690
[  163.497388][T10860]  netlink_unicast+0x5c0/0x690
[  163.497420][T10860]  netlink_sendmsg+0x58b/0x6b0
[  163.497442][T10860]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.497462][T10860]  __sock_sendmsg+0x145/0x180
[  163.497545][T10860]  ____sys_sendmsg+0x31e/0x4e0
[  163.497568][T10860]  ___sys_sendmsg+0x17b/0x1d0
[  163.497622][T10860]  __x64_sys_sendmsg+0xd4/0x160
[  163.497718][T10860]  x64_sys_call+0x191e/0x2ff0
[  163.497738][T10860]  do_syscall_64+0xd2/0x200
[  163.497763][T10860]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  163.497786][T10860]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  163.497872][T10860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.497893][T10860] RIP: 0033:0x7f08ac98ebe9
[  163.497936][T10860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.497952][T10860] RSP: 002b:00007f08ab3f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.497976][T10860] RAX: ffffffffffffffda RBX: 00007f08acbb5fa0 RCX: 00007f08ac98ebe9
[  163.498028][T10860] RDX: 0000000020000004 RSI: 0000200000000040 RDI: 0000000000000005
[  163.498112][T10860] RBP: 00007f08ab3f7090 R08: 0000000000000000 R09: 0000000000000000
[  163.498124][T10860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.498142][T10860] R13: 00007f08acbb6038 R14: 00007f08acbb5fa0 R15: 00007ffe175d2d68
[  163.498160][T10860]  </TASK>
[  163.746244][T10872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.747165][T10880] loop0: detected capacity change from 0 to 512
[  163.763023][T10882] loop4: detected capacity change from 0 to 128
[  163.782147][T10880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.794798][T10880] ext4 filesystem being mounted at /499/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.825181][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.836697][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.863470][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.888604][T10893] loop5: detected capacity change from 0 to 512
[  163.902767][T10893] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.903662][T10896] loop0: detected capacity change from 0 to 512
[  163.922454][T10896] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.929223][T10893] ext4 filesystem being mounted at /386/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.933097][T10896] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  163.966887][T10902] loop3: detected capacity change from 0 to 512
[  163.976429][T10896] EXT4-fs (loop0): 1 truncate cleaned up
[  163.985397][T10902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.001336][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.006476][T10896] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.023905][T10902] ext4 filesystem being mounted at /415/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.060838][ T5888] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.067194][T10913] loop1: detected capacity change from 0 to 128
[  164.089795][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.104801][   T29] audit: type=1326 audit(1754839172.254:3850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.128446][   T29] audit: type=1326 audit(1754839172.254:3851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.152010][   T29] audit: type=1326 audit(1754839172.254:3852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.175549][   T29] audit: type=1326 audit(1754839172.254:3853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.199024][   T29] audit: type=1326 audit(1754839172.254:3854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.219444][T10921] loop3: detected capacity change from 0 to 512
[  164.222415][   T29] audit: type=1326 audit(1754839172.254:3855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.252088][   T29] audit: type=1326 audit(1754839172.254:3856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.275584][   T29] audit: type=1326 audit(1754839172.254:3857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10914 comm="syz.5.2548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fdaed4debe9 code=0x7ffc0000
[  164.299440][T10922] ==================================================================
[  164.307519][T10922] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  164.314805][T10922] 
[  164.317116][T10922] write to 0xffff8881197d4a00 of 8 bytes by task 10894 on cpu 0:
[  164.324810][T10922]  mas_wmb_replace+0xe45/0x14a0
[  164.329657][T10922]  mas_wr_store_entry+0x1773/0x2b50
[  164.334845][T10922]  mas_store_prealloc+0x74d/0x9e0
[  164.339912][T10922]  vma_iter_store_new+0x1c5/0x200
[  164.344924][T10922]  vma_complete+0x125/0x580
[  164.349409][T10922]  __split_vma+0x5d9/0x650
[  164.353813][T10922]  vma_modify+0x3f2/0xc80
[  164.358128][T10922]  vma_modify_flags+0x101/0x130
[  164.362963][T10922]  mprotect_fixup+0x2cc/0x570
[  164.367628][T10922]  do_mprotect_pkey+0x6d6/0x980
[  164.372468][T10922]  __x64_sys_mprotect+0x48/0x60
[  164.377306][T10922]  x64_sys_call+0x274e/0x2ff0
[  164.381969][T10922]  do_syscall_64+0xd2/0x200
[  164.386462][T10922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.392341][T10922] 
[  164.394649][T10922] read to 0xffff8881197d4a00 of 8 bytes by task 10922 on cpu 1:
[  164.402263][T10922]  mas_state_walk+0x485/0x650
[  164.406926][T10922]  mas_walk+0x60/0x150
[  164.410979][T10922]  lock_vma_under_rcu+0x8d/0x160
[  164.415908][T10922]  do_user_addr_fault+0x233/0x1090
[  164.421014][T10922]  exc_page_fault+0x62/0xa0
[  164.425504][T10922]  asm_exc_page_fault+0x26/0x30
[  164.430338][T10922] 
[  164.432641][T10922] value changed: 0xffff8881197d470e -> 0xffff8881197d4a00
[  164.439725][T10922] 
[  164.442027][T10922] Reported by Kernel Concurrency Sanitizer on:
[  164.448157][T10922] CPU: 1 UID: 0 PID: 10922 Comm: syz.0.2542 Not tainted 6.16.0-syzkaller-12288-g2b38afce25c4 #0 PREEMPT(voluntary) 
[  164.460292][T10922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  164.470329][T10922] ==================================================================
[  164.521543][T10921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.534238][T10921] ext4 filesystem being mounted at /416/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.565369][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.799464][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.