last executing test programs:

5m27.779143344s ago: executing program 2 (id=291):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xf, 0xb, &(0x7f0000000240)=ANY=[@ANYRESDEC=0x0, @ANYRES64], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_device=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioctl$SNAPSHOT_UNFREEZE(0xffffffffffffffff, 0x3302)

5m27.652666806s ago: executing program 2 (id=293):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
unshare(0x68040200)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r3, 0x2284, &(0x7f0000000080))

5m26.666244831s ago: executing program 2 (id=305):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x6, &(0x7f0000000480)=0x2, 0x2}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, &(0x7f0000000200)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x400, &(0x7f00000006c0)=0x5, 0x41}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1d, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x6, &(0x7f0000000ac0)=0x6, 0x6f56143aabde4a7a}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x69, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, &(0x7f0000000e00)=0x7fff, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, &(0x7f0000000e80)=0x800, 0x2}, {0x4, &(0x7f0000000ec0), 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}, {0xfffffffffffff455, &(0x7f0000001a80)=0xe, 0x2}], 0x2e, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r4, 0x0, r3, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x5, 0x1, 0x0, 0xf, 0x0, 0x10, [{0xb, 0x3, 0x9}]}]}, {0x0, [0x0, 0x0, 0x2e, 0x0, 0x61]}}, &(0x7f0000005bc0)=""/255, 0x37, 0xff, 0x9, 0x1000, 0x0, @void, @value}, 0x28)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$can_raw(0x1d, 0x3, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

5m25.485237859s ago: executing program 2 (id=314):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r4}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r4}, &(0x7f0000000880), &(0x7f00000008c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r8, 0x400, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file3\x00', 0x1)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==")
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='ext4_evict_inode\x00', r9}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r10}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r11 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_rr_get_interval(r11, &(0x7f0000000000))
sendmmsg$unix(r1, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18}}], 0x1, 0x0)
sendmmsg$unix(r1, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18}}], 0x1, 0x0)

5m25.322588552s ago: executing program 2 (id=315):
socket$rxrpc(0x21, 0x2, 0xa)
io_submit(0x0, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f00000001c0)={0x0, 0x1, 0x9, 0x4, 0x0, 0x0, 0x0})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)=@delchain={0x4b8, 0x65, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0x1a, 0xd}, {0xa, 0xfffa}}, [@filter_kind_options=@f_route={{0xa}, {0x488, 0x2, [@TCA_ROUTE4_POLICE={0x1c, 0x5, [@TCA_POLICE_RATE64={0xc, 0x8, 0x5}, @TCA_POLICE_RATE64={0xc, 0x8, 0x3}]}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_POLICE={0x10, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2}]}, @TCA_ROUTE4_POLICE={0x41c, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x4}, @TCA_POLICE_RESULT={0x8, 0x5, 0x1}, @TCA_POLICE_RATE={0x404, 0x2, [0x7f9f3d1e, 0x9, 0x200, 0x0, 0x0, 0x1ff, 0x7, 0x4bfcf931, 0x6, 0x6, 0x7da, 0x9, 0x9, 0x3, 0x4b73c7ce, 0xc13, 0x7fff, 0x750d, 0x0, 0x6, 0x5, 0xf, 0x5, 0x0, 0x0, 0xd, 0x7, 0x4, 0x7f, 0x7, 0x9, 0x8, 0x0, 0xfffffff5, 0xffffffff, 0x6, 0x9af, 0x20000, 0xfffffff5, 0x4d8, 0x6, 0x80000001, 0x9, 0x3ff, 0x0, 0x7, 0x80000000, 0x4, 0x7fff, 0x0, 0xaf, 0xc5, 0x7fffffff, 0x8, 0x10, 0xb7ff, 0x0, 0x1, 0x5, 0x7f8, 0xd0a, 0xcb6b, 0x401, 0x81, 0x8, 0x8, 0x1, 0xf, 0x3, 0x4, 0x10, 0x1, 0x7fff, 0x4, 0x12, 0xa9da, 0x5, 0x304, 0x70, 0x2, 0x0, 0x7, 0xc, 0x0, 0x9, 0x100, 0x800, 0x4, 0x81, 0x5, 0x2, 0x3, 0xe4, 0x6, 0x22, 0x7, 0xfff, 0x4, 0xab1a24e, 0x2, 0x2, 0x3, 0x9, 0x2, 0xffffffa6, 0x61, 0x49800000, 0x80000000, 0x0, 0x6, 0x2, 0x5, 0x5, 0x1, 0x9, 0x80, 0xd, 0x34b, 0x994, 0x6, 0x7, 0x2, 0x5, 0x8, 0x2, 0x8, 0x7, 0x9, 0xb0000000, 0x9, 0xffffdbea, 0x0, 0x9, 0x9, 0x82, 0x8, 0x9, 0x1bb7, 0x8, 0x6, 0x1, 0x1, 0x5c5d, 0xf, 0x1, 0x6, 0xfffffff9, 0xa0, 0x7, 0xa, 0x8, 0x5, 0xe38, 0x1, 0x4, 0x101, 0x5, 0x5, 0x81, 0x8000000, 0xffff90f1, 0x5, 0xc, 0x5, 0x6, 0x0, 0xb, 0xfffffff9, 0x6, 0x7fff, 0x7, 0x2, 0x8, 0xfffff76f, 0x1, 0x6, 0x6, 0x5, 0xffffff9a, 0xbee, 0x80000001, 0x7, 0x0, 0x8, 0xb226, 0x4, 0xfffffffc, 0x7ff, 0x5c5, 0x7, 0x3, 0x5, 0xcf53, 0x6, 0x80000001, 0xbd, 0x3, 0x8001, 0x9, 0x7cc, 0x9, 0x8, 0x10001, 0x2, 0x2, 0x5, 0x4, 0x4eb3, 0xffffff81, 0x3, 0x8, 0xfffffff8, 0x2, 0x2aa, 0x3, 0x3, 0x5, 0x5, 0xfffffff8, 0x14255208, 0x0, 0x401, 0x2, 0x10001, 0x7, 0x0, 0x10000, 0x4, 0x32f2, 0x80000001, 0x9, 0x9, 0x3, 0x0, 0x50, 0xfd, 0xfaf, 0x2, 0x8, 0x6, 0x7, 0x7f, 0xfffffffe, 0x3ff, 0x9, 0x3fc0000, 0x3, 0xb4fe, 0xc, 0x2619, 0x0, 0x5, 0x2, 0x1, 0xe1, 0x2]}]}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x9d}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0xe, 0x5}}, @TCA_ROUTE4_POLICE={0x1c, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1e6e}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8cdc}]}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0x9, 0x6}}]}}]}, 0x4b8}, 0x1, 0x0, 0x0, 0x40}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
gettid()
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4002}, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)="67d8901bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c14498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d3abc8a75ac1f30e53a0eff506f6e6b369ba6c5306e91acaa94e89d3bff4e52cd151235f3defff171c60b91c0c5aeb29736830a09b262dbe4c7ed149885a054de1d7ff5bcecd7a50061814ceefb", 0x9d}], 0x1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)

5m25.040447626s ago: executing program 2 (id=320):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
stat(0x0, 0x0)

5m25.040321056s ago: executing program 32 (id=320):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
stat(0x0, 0x0)

5.316967338s ago: executing program 4 (id=4479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)

5.23200526s ago: executing program 4 (id=4483):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000fdffffff00000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r3, 0x84, 0x7f, &(0x7f0000000080)=""/4041, &(0x7f0000000000)=0xfc9)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="01000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000003000000000000290ce6becd3df87effb759fcc43a0940331eab00df001700000040000006a3773e9b3076f049da4d8b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ffd8ffe9f5458a6ee8d722b365477773d200000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000c80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001140)={[{@errors_continue}, {@data_err_abort}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r6, &(0x7f0000000040)=@other={'unlock', ' ', 'none'}, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r8}, 0xc)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000380)={<r10=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000cc0)={0x3, 0x40, 0xfa00, {{0xa, 0xfffd, 0x7, @empty, 0x4}, {0xa, 0x4e23, 0x0, @loopback, 0xfffffffc}, r10, 0x400}}, 0x48)

5.032067113s ago: executing program 4 (id=4485):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r1 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r1, {0x1}}, './file0\x00'})
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000000c0)={0xf, 0x2, 0x8003, 0x5, 0x0, 0xffffffff, 0x48, 0x401}, 0x20)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0xffffffffffffffff}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
syz_open_dev$hiddev(0x0, 0x2, 0x440)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r7 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0xfc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)

3.660397574s ago: executing program 5 (id=4491):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r1, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)

3.628948084s ago: executing program 5 (id=4492):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000000bc0)=""/116, 0x74)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
ioctl$RTC_AIE_OFF(r2, 0x7002)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="eeaf2535209e8189"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x3c, 0xe}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4888}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1)
gettid()
r4 = socket(0x40000000015, 0x5, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed300444000f8ac89758d3a070000000000000096a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRESOCT], 0x3, 0x7dc, &(0x7f0000000d80)="$eJzs3U9sHGcVAPC3rt0EF0VVqdIQpekkLVIqpe563bpYPbTb9diedr1r7a6RI0Bt1DiVFaetWipoDoRcWkBFiBPHwrU3LgiEBBIH4IRED1y4VeoJFQQSAiEko5nddfxnbSfN37a/nxXP55k3871vPJm3Y3tmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIUm26XB4vRT1rLC4l2wxFRHJvL3Z+2+K1tbW1bqu/vd9smuzSb0Qp/xf798eh7qxD915efDD/dDyOdL86Evvzyf64cNfBu5/8wvBQf/3tCV+zY1cYV4r4Tp7UudOrq8uv3YBEbqLv/2q3pcODZv6n+L7Ppo2s3czmq7NpkrWbydTkZPnRuZl2MpPV0/apdiedT2qttNpptpITtYeT8ampiSQdO9VcbMxOV+tpf+YTj1TK5cnk2bGLEdFuNh59dqxdm8vq9awxW8RUyt+MPOaJpDbdei7rJJ20Op8kZ1dWlyf2Gl0eNL7L8iMP3f3hGx/8c2U5PyB3Cir1DszK+HilMj75+NTjT5TLw5VyZfOM8haxHhFDEXnEDTlouX0Up8zdXJ8TN1wHQ736H/XIohGLsRTJgI+RqMV0tKIZ8/nXfx7ZFtHTr/9fevRvf9yt3431v1/lD11efDiK+n+0+9XRner/wFyv58dQL5+dlr8eb8aFOBenYzVWYzleu+EZXePH0BVHHvv8FUTNRhqNyKIdzchiPqrFnKQ3J4mpmIzJKMfzMRcz0Y4kZiKLeqTRjlPRjk6kxRFVi1akUY1ONKMVSZyIWjwcSYzHVEzFRCSRxlicimYsRiNmYzqqxVbOxkqx3ye25HXw2y/88qU/ffhu3l4PGt9lIKX8xVwe9I9dgraV+yuv/2vRi1D/P+uu8xkcPr61fv0HAAAAPrVKxU/f8+v/kbi/aM1k9fSrtzotAAAA4DoqfvN/JJ+M5K37o5Rf/5cHRL5/03MDAAAAro9ScY9dKSJG44Fuq3+71KAfAgAAAACfQMXv/4/mk9GIi8UM1/8AAADwKfPdnZ6x/0H/GbvthX2lX/89Wq2R0qWFpYdK56t5XPX8Hd31epOvrG+xM3O4tD+6Gym2NTl84a5SRAzX0iOl/tMv/7evO/2o+Hx4eH31nZ71X9qSwPoad2wdUp7AgQtbEjhYdPxOHOvGHDvTnZ7pxfWeSDw6k9XTsVqz/mTxSMT8X+eNl1e+FcXwv9eYP1CKsyury2MvvrJ6psjlUr6VS+d7D1Dc9hzFwbkUPa719kDcP3jEI8WNGL1+R7v9ljd+A4aeLlYf2r3P0sY+34rj3Zjjo93p6Obx78/7HB97cjyq1QNDnXSp88bahtH3shi/xpG/FQ92Yx488WB3MiCLyqYsXt6eRWVjFr2dsMe+2DOLkd6B9e6xi0v/+l2zlE7slcXEliz2X2UWALfK2eKpP5er0OeKKvTfta68/l+uu0k3oKd3lrtvfVP5Wa5fBrac5c7G+pL++htq3XBsq+5bX17Ell52OKOf6Mac6L6eGD48oK6UB5zRX1159fe9M/pj7/34J18/+oefffzq9l483I3pTeKe3+5QY/Mx/6AxP9rf6NJTvcZPd+y3Xa+UYiTijm+cfzUOvv7mhUdWzp9+afml5ZcrlYnJ8mPl8uOVGCleKvQmag8AA+z9Hjt7RpQe2+Oq+p71PykYixfjlViNM3GyuNsgIh4YvNXRDX+GcDKOR3GxvMNV6+iGd3g5uce15eXYyvbY/uuKbbETG/bYfT8qJv++gd8UALjBju9Rh6+k/p/c47p7cy3fcnUcO9fyQb58Q/cGAHw2pK2PSqOdt0utVrbw/PjU1Hi1M5cmrWbtuaSVTc+mSdbopK3aXLUxmyYLrWanWev/4Hg6bSftxYWFZquTzDRbyUKznS0V7/ye9N76vZ3OVxudrNZeqKfVdprUmo1OtdZJprN2LVm485l61p5LW8XK7YW0ls1ktWonazaSdnOxVUvHkqSdpsnCYj8wm04bnWwmy5uNZKGVzVdblyKivjifJtNpu9bKFjrN1hfzDdaaUfSVNWaarflis2Pbh//Xm72/AeB28PqbF86dXl1dfm1z40BsnbOlMRxF4y+7xfQbt3qMAMBmqjQAAAAAAAAAAAAAANz+tt+ul8/d85a+QY19cfVr7Yur6uIaG/nQenPe+fnXXvzYI/1kNPLh3QZp3NrGC089dW6nmGcuHpq7su0M/p8y6FbXtw9E3PmLH3bnPH2zRvr+5QP7alZfK+0Sc2vPSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwyP8DAAD//82FVnI=")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000002c0)=ANY=[@ANYRES16], 0xc, 0x0, &(0x7f0000000000))
recvmmsg(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x21, 0x0, 0xffffff0f}, 0x80000000}], 0x1, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='btrfs_handle_em_exist\x00'}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil)
shmat(r5, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)

3.427442628s ago: executing program 5 (id=4496):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket(0x10, 0x803, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000bc0)=""/116, 0x74)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[], 0x3c}}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1)
gettid()
socket(0x40000000015, 0x5, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed300444000f8ac89758d3a070000000000000096a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRESOCT], 0x3, 0x7dc, &(0x7f0000000d80)="$eJzs3U9sHGcVAPC3rt0EF0VVqdIQpekkLVIqpe563bpYPbTb9diedr1r7a6RI0Bt1DiVFaetWipoDoRcWkBFiBPHwrU3LgiEBBIH4IRED1y4VeoJFQQSAiEko5nddfxnbSfN37a/nxXP55k3871vPJm3Y3tmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIUm26XB4vRT1rLC4l2wxFRHJvL3Z+2+K1tbW1bqu/vd9smuzSb0Qp/xf798eh7qxD915efDD/dDyOdL86Evvzyf64cNfBu5/8wvBQf/3tCV+zY1cYV4r4Tp7UudOrq8uv3YBEbqLv/2q3pcODZv6n+L7Ppo2s3czmq7NpkrWbydTkZPnRuZl2MpPV0/apdiedT2qttNpptpITtYeT8ampiSQdO9VcbMxOV+tpf+YTj1TK5cnk2bGLEdFuNh59dqxdm8vq9awxW8RUyt+MPOaJpDbdei7rJJ20Op8kZ1dWlyf2Gl0eNL7L8iMP3f3hGx/8c2U5PyB3Cir1DszK+HilMj75+NTjT5TLw5VyZfOM8haxHhFDEXnEDTlouX0Up8zdXJ8TN1wHQ736H/XIohGLsRTJgI+RqMV0tKIZ8/nXfx7ZFtHTr/9fevRvf9yt3431v1/lD11efDiK+n+0+9XRner/wFyv58dQL5+dlr8eb8aFOBenYzVWYzleu+EZXePH0BVHHvv8FUTNRhqNyKIdzchiPqrFnKQ3J4mpmIzJKMfzMRcz0Y4kZiKLeqTRjlPRjk6kxRFVi1akUY1ONKMVSZyIWjwcSYzHVEzFRCSRxlicimYsRiNmYzqqxVbOxkqx3ye25HXw2y/88qU/ffhu3l4PGt9lIKX8xVwe9I9dgraV+yuv/2vRi1D/P+uu8xkcPr61fv0HAAAAPrVKxU/f8+v/kbi/aM1k9fSrtzotAAAA4DoqfvN/JJ+M5K37o5Rf/5cHRL5/03MDAAAAro9ScY9dKSJG44Fuq3+71KAfAgAAAACfQMXv/4/mk9GIi8UM1/8AAADwKfPdnZ6x/0H/GbvthX2lX/89Wq2R0qWFpYdK56t5XPX8Hd31epOvrG+xM3O4tD+6Gym2NTl84a5SRAzX0iOl/tMv/7evO/2o+Hx4eH31nZ71X9qSwPoad2wdUp7AgQtbEjhYdPxOHOvGHDvTnZ7pxfWeSDw6k9XTsVqz/mTxSMT8X+eNl1e+FcXwv9eYP1CKsyury2MvvrJ6psjlUr6VS+d7D1Dc9hzFwbkUPa719kDcP3jEI8WNGL1+R7v9ljd+A4aeLlYf2r3P0sY+34rj3Zjjo93p6Obx78/7HB97cjyq1QNDnXSp88bahtH3shi/xpG/FQ92Yx488WB3MiCLyqYsXt6eRWVjFr2dsMe+2DOLkd6B9e6xi0v/+l2zlE7slcXEliz2X2UWALfK2eKpP5er0OeKKvTfta68/l+uu0k3oKd3lrtvfVP5Wa5fBrac5c7G+pL++htq3XBsq+5bX17Ell52OKOf6Mac6L6eGD48oK6UB5zRX1159fe9M/pj7/34J18/+oefffzq9l483I3pTeKe3+5QY/Mx/6AxP9rf6NJTvcZPd+y3Xa+UYiTijm+cfzUOvv7mhUdWzp9+afml5ZcrlYnJ8mPl8uOVGCleKvQmag8AA+z9Hjt7RpQe2+Oq+p71PykYixfjlViNM3GyuNsgIh4YvNXRDX+GcDKOR3GxvMNV6+iGd3g5uce15eXYyvbY/uuKbbETG/bYfT8qJv++gd8UALjBju9Rh6+k/p/c47p7cy3fcnUcO9fyQb58Q/cGAHw2pK2PSqOdt0utVrbw/PjU1Hi1M5cmrWbtuaSVTc+mSdbopK3aXLUxmyYLrWanWev/4Hg6bSftxYWFZquTzDRbyUKznS0V7/ye9N76vZ3OVxudrNZeqKfVdprUmo1OtdZJprN2LVm485l61p5LW8XK7YW0ls1ktWonazaSdnOxVUvHkqSdpsnCYj8wm04bnWwmy5uNZKGVzVdblyKivjifJtNpu9bKFjrN1hfzDdaaUfSVNWaarflis2Pbh//Xm72/AeB28PqbF86dXl1dfm1z40BsnbOlMRxF4y+7xfQbt3qMAMBmqjQAAAAAAAAAAAAAANz+tt+ul8/d85a+QY19cfVr7Yur6uIaG/nQenPe+fnXXvzYI/1kNPLh3QZp3NrGC089dW6nmGcuHpq7su0M/p8y6FbXtw9E3PmLH3bnPH2zRvr+5QP7alZfK+0Sc2vPSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwyP8DAAD//82FVnI=")
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='btrfs_handle_em_exist\x00'}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r1 = shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil)
shmat(r1, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)

3.25939438s ago: executing program 5 (id=4500):
r0 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061138b0000000000bf2000000000000015000200071b1700bd030100000000009500000000000000bc26080000000000bf67000000000000400300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r5 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x90000000, 0x0}, 0x0, 0x8, &(0x7f0000000200))
tkill(r5, 0x16)

3.162992682s ago: executing program 5 (id=4502):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r1 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r1, {0x1}}, './file0\x00'})
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000000c0)={0xf, 0x2, 0x8003, 0x5, 0x0, 0xffffffff, 0x48, 0x401}, 0x20)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0xffffffffffffffff}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$hiddev(0x0, 0x2, 0x440)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0xfc}}}}}]}}]}}, 0x0)

2.335131334s ago: executing program 3 (id=4505):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2041, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x49e2, 0x4, 0x0, 0x1ff, 0x7, "ec28a144f13d7607"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x44)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000004c0)={r4, 0x58, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f00000005c0)={@remote, r9}, 0x14)
rename(&(0x7f0000000040)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xdec7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r7, 0x4008941a, &(0x7f0000000580)=0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {}, {@errors_remount}, {@discard}, {@min_batch_time={'min_batch_time', 0x3d, 0x6}}, {@usrjquota}, {@nombcache}, {@noquota}, {@grpid}, {@norecovery}]}, 0x0, 0x45f, &(0x7f0000001940)="$eJzs3MtvVFUYAPDv3k7L21bEBwhaRSPx0dLykIUbjSaaaGKiC4yr2hZSKdTQmgghii5waUjcG5cm/gHGlW6MujJxq3tDQgwb0NWY+4KhnSkdOu0g8/sltz1n7pmc8917z8y55/Q2gJ41nP1IIrZGxB8RMVhkby4wXPy6duXc5D9Xzk0mUa+/9XeSl7t65dxkVbR635YiU6+X+Q1N6r3wbsTE7Oz06TI/unDyg9H5M2efmzk5cXz6+PSp8SNHDh7YM3B4/FBH4sziurrr47ndO1995+Ibk0cvvvfLt3l7a8X+xjg6Zbg4uk092enKumxbQzqpdbEhtKWv7AL9ef8fjL7YdH3fYLzyWVcbB6yper1eb/b9XDpfB+5iSXS7BUB3VF/02f1vta3T0OOOcPnF4gYoi/tauRV7apEWiUf7F93fdtJwRBw9/+9X2Rb5eRhYo5oAAAo/ZOOfZ5uN/9J4oEjkA5J7yjWUoYi4NyK2R8R9EbEjIu6PyMs+GBEPtVn/4hWSJePPJC7dfnS3lo3/XijXtm4e/6VVkaG+Mrctj78/OTYzO72/OCZpRP+GYzPJ9Ngydfz48u9ftNrXOP7Ltqz+aixYtuNSbdEE3dTEwsRqYm50+dOIXbVm8SfV0li+rrczInYtefemFdUx8/Q3u1vtu3X8y+jAOlP964inivN/PhbFX0lark+OPX94/NDoxpid3j9aXRVL/frbhTdb1b+q+DsgO/+bm17/1+MfSjZGzJ85eyJfr51vv44Lf37e8p7ydq//geTtPF3dLX00sbBweixiIHm9tuT18RvvrfJV+Sz+fXub9//tceNIPBwR2UW8JyIeyW4Ky7Y/FhGPR8TeZeL/+aUn3m8//mVm5Tsoi3/qVuc/Gs9/+4m+Ez993378lez8H8xT+8pXVvL5t9IGrubYAQAAwP9FGhFbI0lHrqfTdGSk+Bv+HbE5nZ2bX3jm2NyHp6aKZwSGoj+tZroGG+ZDx8q54So/vih/oJw3/rJvU54fmZybnep28NDjtrTo/5m/+rrdOmDNeV4Lepf+D71L/4fepf9D79L/oXc16/+ftCw98t2aNgZYV77/oXfp/9C79H/oXU37/2vr3w5gXbV8Nj5d1SP/End9ItI7ohlrk4jaHdGMPFFb8T+zaCNRHyz6f/bKhqZluv3JBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///X7OEm")

2.170463357s ago: executing program 3 (id=4508):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000ad2ca4cdfc12ffb90e2c157bc5806c2e9865bb5a46ab3e9ec90400000026ee784a87bf86041ad077f26bcc590a555e8f9fef9f017a30d4f056a562f82738fd277677c46d65b25a9bcc9350e7220996b2d4f2e735f4656c7dac3f204adcc44af94ecbca30e202f7397555475386206dd4249d32d909a24a5f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x38, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x200000f}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x14, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x4}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xa0}}, 0x0)
creat(0x0, 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x5, &(0x7f0000000300)={0x2, 0x4, 0x103ff, 0x56a})
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0)
syz_clone(0x40200, 0x0, 0x49, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000540), 0x84)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002880)=@newtaction={0xeb0, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x300}, [{0xe9c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe50, 0x2, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x5, 0xa, 0x4, 0x1, 0x2000000}, 0x5, 0x1}, [{0x9, 0x80000001, 0x1, 0x62d, 0x8, 0x7}, {0xdf, 0x4, 0x5, 0x5, 0x10, 0xe}, {0x1, 0x85a, 0x5, 0xe6db, 0x3, 0xfffffffc}, {0x6, 0x400, 0x9321, 0x9, 0xfffffffe, 0x7}, {0x5, 0x4, 0xffffffc4, 0x80, 0x40000003}, {0xe, 0xf5, 0x3, 0x9, 0xfffffff8, 0x3}, {0x0, 0x4, 0xfff, 0x2, 0x9163ef6c, 0x80003}, {0x3, 0x3, 0x80, 0x0, 0xacc4, 0x2}, {0x8, 0x9, 0x9, 0xffff, 0x1, 0x81}, {0x8, 0xfff, 0x6, 0x3ff, 0x8, 0x30c4}, {0x7, 0x9, 0xfffffffc, 0x100, 0x4}, {0x8004, 0x80000001, 0xfffffeff, 0xdf, 0x4, 0x5}, {0x7, 0x80000001, 0x9, 0x7, 0x1000, 0x7}, {0x5, 0x2, 0xfffffffd, 0x9, 0x474, 0x594}, {0x7fffffff, 0x1, 0x8, 0xfffffff9, 0x6, 0xffffffff}, {0x24, 0x5, 0xf, 0x6, 0x6, 0x8000003}, {0xbb, 0x5, 0x2, 0x310, 0xf}, {0x9b7d, 0x52fc, 0x3, 0x3, 0x48, 0x9}, {0x79, 0x8, 0x10, 0xe4d, 0x7f, 0x3}, {0x8, 0x8, 0x9, 0x27, 0xb, 0x5}, {0x4, 0x1000, 0x5, 0x6, 0x93e, 0x6}, {0x1, 0x7, 0x8, 0x0, 0xff, 0x2}, {0xb, 0x7f, 0x5, 0x1, 0x402, 0x9}, {0x4, 0x8, 0x7, 0xb, 0x8, 0x4d}, {0x34db, 0xffff, 0x0, 0x3ff, 0x1, 0x400}, {0xf, 0xcb1d, 0x8, 0x1, 0x0, 0x4}, {0x5, 0x200003, 0x7, 0x8, 0x3, 0x984}, {0x2, 0xffffffff, 0xfffff70f, 0x2, 0x8001, 0x40}, {0x7, 0x81, 0x7fffffff, 0x381, 0x3, 0x8}, {0x5, 0x1, 0x1, 0x8, 0x4, 0x2f}, {0x6, 0x81, 0x4, 0xd1a1, 0x9, 0x7}, {0x5, 0xf1, 0x8, 0x1, 0x16, 0x2}, {0x8001, 0x87, 0x6, 0x1, 0x3, 0x4}, {0x6, 0x9e4, 0x8b7f, 0x11, 0x3, 0x7}, {0x7, 0x1, 0x800, 0x70f, 0x8001, 0x3}, {0x4, 0x10, 0x6, 0x1, 0x4, 0x22ff}, {0x2, 0x10003, 0x3, 0x0, 0x10001, 0x7}, {0xf85, 0x2e, 0x100, 0x3, 0x100, 0xe60c}, {0x2, 0x5, 0x1, 0xe000000}, {0x4e2, 0x6b0, 0x2, 0x100, 0x4, 0xd}, {0x1, 0xcad, 0xa5, 0x8, 0x4d880, 0x33}, {0x20, 0x7f, 0x33, 0x2, 0x400, 0x4}, {0x4, 0x62e, 0xb, 0x219c, 0x0, 0x5}, {0x0, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x7f, 0x945a, 0x0, 0x0, 0x8, 0xe5a7}, {0xda1, 0x893, 0x2, 0x9, 0xfffffa2e, 0x6}, {0x1, 0xfffffff3, 0x7fffffff, 0x2, 0x0, 0x1}, {0x2, 0x8, 0x2, 0xe, 0x2, 0x2}, {0x6, 0x100, 0xe, 0x10000, 0x5, 0x7}, {0x0, 0x6, 0x7, 0x4, 0xc, 0x800}, {0x8, 0x10000, 0x1, 0x1, 0x7}, {0x7d5, 0x2, 0x4, 0x800, 0xf}, {0x1, 0x9, 0x6, 0x2, 0x8, 0xc}, {0x2, 0x1, 0x3, 0xc, 0x1, 0x2c3}, {0x1000, 0x3, 0xbc, 0x8001, 0xfa, 0x8}, {0x2, 0x3, 0x9, 0x50e, 0x55ac, 0xa5e2}, {0x0, 0x196680, 0xffffff91, 0x100, 0x3, 0x7}, {0x4, 0x4, 0x2, 0x1, 0x0, 0xe}, {0xfffffff5, 0x8, 0x7023, 0x8, 0x5, 0x5}, {0x3, 0x78, 0x7, 0xa, 0x5dec4cac, 0x6}, {0x4, 0x9, 0x3a, 0x2, 0x8, 0xd09f}, {0x4, 0x7fffffff, 0x0, 0x8, 0x5, 0xff}, {0x7, 0xfffffff1, 0x2f2c, 0x400, 0x6, 0x6}, {0x10001, 0x80, 0x40000040, 0x2, 0x89, 0x2}, {0x2, 0x6, 0xa, 0x3, 0xfffffffa, 0x736d}, {0x7f, 0x199, 0x5, 0x9, 0x7, 0x2}, {0x7, 0x1, 0x9, 0x7, 0x2, 0x1605}, {0x9, 0x3f1, 0x4, 0x5, 0x5, 0x8}, {0x100, 0x3ff, 0x4, 0x7f53, 0x7, 0x1}, {0x3ff, 0xc, 0x4, 0x1, 0x4, 0x4}, {0x9, 0x381, 0xfff, 0x5d7c, 0x0, 0x8001}, {0x8, 0x0, 0x7, 0x4, 0x3ee, 0x4}, {0xbfffffe, 0xfff, 0x101, 0x5, 0x400, 0x400}, {0x7fff, 0xb3, 0x2, 0x10000, 0x6, 0x14}, {0x0, 0x1, 0x4c90, 0x2, 0x7f, 0x8}, {0x5, 0x25c, 0xe9, 0x3, 0x9, 0x2}, {0x29dbdf0, 0xd, 0xfffffffd, 0x7, 0x6, 0x2}, {0x7, 0x1, 0xa, 0x8, 0x5, 0x5}, {0x477, 0x8, 0x2, 0x400, 0x4000000, 0x69b3d6e6}, {0x1, 0xb7bb, 0x22800000, 0x3, 0x10, 0x5}, {0x7f, 0x4, 0x6, 0xffffffff, 0x3, 0xb}, {0xfffffff7, 0x80000000, 0xa, 0x40, 0x863, 0x2}, {0xb, 0x9, 0xc, 0x3c1, 0x6e, 0x40}, {0x6, 0xd, 0x6, 0xfb0000, 0x1, 0x7}, {0xe0, 0x100, 0x1, 0x7, 0x8, 0x200}, {0xfff, 0x1, 0x0, 0x38, 0x9, 0x9}, {0x82, 0x10, 0x401, 0x0, 0x4, 0xef}, {0x7, 0x2, 0x200, 0x8, 0x9, 0x2}, {0x54, 0x5, 0xa33f, 0x101, 0x2, 0x10001}, {0x1, 0x0, 0x800004, 0x10001, 0x2, 0xce}, {0x4, 0x8, 0x8, 0x3, 0xf, 0x9}, {0x6, 0x5, 0x8, 0xffffffff, 0x405bd, 0x6}, {0x9, 0x0, 0x9, 0x0, 0x9}, {0x0, 0x2, 0xb, 0x7fffffff, 0xfc0, 0x7f1b4893}, {0x4, 0xd, 0xc, 0x4, 0x7, 0x2}, {0x4, 0x5, 0xe, 0x3, 0x3dcb, 0x9}, {0x200, 0x0, 0xe8, 0x1, 0x800000d4, 0x1}, {0xc651, 0x5f83, 0x2, 0x1, 0xd, 0x8}, {0xfff, 0x5, 0x1, 0x0, 0x49, 0x5}, {0x5, 0x3, 0x8000007, 0x97fd, 0xef, 0x2}, {0x2, 0x1, 0x1000, 0x1, 0x6, 0x7fffffff}, {0x800, 0x4c, 0x7, 0x0, 0xfffffff7, 0x9}, {0x6, 0x4, 0xffff8001, 0xa, 0xae36, 0x8}, {0xcfb7, 0x2, 0x101, 0x2, 0x1, 0x1aca}, {0x6, 0x800, 0x800ec3d, 0xffffffff, 0xea5, 0x3}, {0x6, 0x5, 0x2, 0x0, 0x0, 0xdd}, {0x6, 0x6, 0x0, 0x1e9, 0x6, 0x1}, {0x3, 0x7, 0x7, 0x3, 0x400, 0x81}, {0x970, 0x100, 0xb2eb, 0x2, 0x3, 0x9}, {0x3, 0x6, 0x8, 0x7, 0xd, 0x474c}, {0xf, 0x101, 0x96, 0x4, 0x2, 0xfffffffc}, {0x3, 0x98e, 0x1a5e666b, 0x10, 0x7, 0x8c5}, {0xfffffffb, 0x3, 0xb, 0x2ee8000, 0x8, 0x4}, {0x3, 0x2, 0x2, 0xc, 0x3, 0x2}, {0x7, 0x4, 0x1, 0x7, 0x101, 0xef}, {0x709e, 0x9, 0x425b597f, 0x1, 0x2, 0x7}, {0x6, 0x9, 0x3ff, 0x4, 0x8, 0x5}, {0x3, 0x6, 0x7, 0xfffffff9, 0x0, 0xffffffff}, {0x7, 0x9, 0x8, 0x0, 0x9, 0x4}, {0x24, 0x10001, 0x6, 0x1, 0x39d6}, {0xd, 0x7d4, 0x9, 0x8000, 0xffff, 0x7}, {0x6, 0x92e4, 0x130, 0x0, 0x4, 0x6}, {0x1, 0x7fff, 0x7, 0x8001, 0x8, 0x5}, {0x5, 0x3, 0xfffffff9, 0xa, 0x4b64, 0x80000001}, {0x2ad78a25, 0x2, 0x6, 0x6, 0x4, 0x8}, {0x2, 0x9, 0x0, 0x8a4, 0x129, 0xad}, {0x7, 0x9, 0x8, 0x3, 0xe02, 0xf933271}, {0x4a3, 0x0, 0x3, 0x514c, 0xf8b, 0x19}], [{0x5}, {0x4, 0x1}, {}, {0x1}, {0x3}, {0x0, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x2}, {0x5, 0x1}, {0x1}, {0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x4}, {}, {0x1, 0x1}, {0x5, 0x1}, {}, {0x3}, {0x5, 0x1}, {}, {0x4, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x4}, {0x5}, {0x3}, {0x3}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x0, 0x1}, {0x3, 0xe63adc4050d28be2}, {0x4}, {0x4, 0x1}, {0x2}, {0x3}, {0x5, 0x1}, {0x1}, {0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x5}, {0x1, 0x1}, {0x3}, {0x3}, {0x0, 0x1}, {0x5}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x5}, {0x9}, {0x2, 0x1}, {0x3, 0x1}, {0x2}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x1}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x3, 0x1}, {0x1}, {0x2}, {0x2}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x2, 0x1}, {0x3, 0x1}, {0x4}, {0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x1}, {0x4, 0x1}, {0x4}, {0x5, 0x1}, {0x3}, {0x5, 0x1}, {0x2}, {0x2}, {0x5, 0x1}, {0x3, 0x1}, {0x4}, {0x5, 0x1}, {0x4, 0x1}, {0x6, 0x1}, {0x5, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb0}}, 0x0)
gettid()
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

2.027670869s ago: executing program 0 (id=4513):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$sock_linger(r1, 0x1, 0xd, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000700)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@discard}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@stripe={'stripe', 0x3d, 0x8}}, {@orlov}]}, 0xfc, 0x58e, &(0x7f0000000cc0)="$eJzs3d1rU+cfAPDvSV98/f2sIPL77WIIXszhTG27FwcD3eXYZMJ270IbizQ10qRiO2H2Yt7sZshgjAljf8Dudyn7B/ZXCJsgQ8p2MQYZJz2p0SZNG6OJ5vOB0z7PeclzvnnO8+R5chISwNA6lv7JRfw/Ir5OIg41bRuNbOOxjf3WH96YTZckarVP/kgiydY19k+y/weyzP8i4pcvI07mtpZbWVldKJRKxaUsP1ldvDpZWVk9dXmxMF+cL16Znpk589bM9LvvvN2zWF+/8Nd3H9/94MxXx9e//en+4dtJnIuD2bbmOJ7CzebMscI/WWoszj2x41QPChskSb9PgK6MZO18LNI+4FCMZK0eePl9ERE1YEgl2j8MqcY4oDG379E8+IXx4P2NCVA99vHm+Ec33huJvfW50f715LGZUTrfnehB+WkZP/9+53a6xPbvQ+zrkAfYlZtrEXF6dHRr/59k/V/3TtffPN7ek2UM2+sP9NPddPzzRqvxX25z/BMtxj8HWrTdbnRu/7n7PSimrXT8917L8e9m1zUxkuX+Ux/zjSWXLpeKpyPivxFxImodb32cWb9Xa7etefyXLmn5jbFgdh73R/c8fsxcoVqIiPEuQ37Mg7WIV0ZbxZ9s1n/Sov7T5+PCDss4WrzzarttneN/tmo/RrzWsv4fVWuy/f3Jyfr1MNm4Krb689bRX9uV3+/40/rfv338E0nz/drK7sv4Ye/fxXbbur3+x5NP6+lGI7heqFaXpiLGk4+2rp9+dGwj39g/jf/E8e37v1bXfzr5+myH8d86cqvtroNQ/3O7qv/dJ+59+Pn37crfWf2/WU+dyNZk/V9r2bWy0xN82ucPAAAAAAAABkkuIg5GkstvpnO5fH7j8x1HYn+uVK5UT14qL1+Zi/p3ZSdiLNe4032o6fMQU9nnYRv56SfyMxFxOCK+GdlXz+dny6W5fgcPAAAAAAAAAAAAAAAAAAAAA+JAm+//p34b6ffZAc9c/YcN9vT7LIB+6PiT/734pSdgILVr/2vP+TyA56/j6z/w0tL+YXhp/zC8tH8YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9deH8+XSprT+8MZvm566tLC+Ur52aK1YW8ovLs/nZ8tLV/Hy5PF8q5mfLi50er1QuX52ajuXrk9VipTpZWVm9uFhevlK9eHmxMF+8WBx7LlEBAAAAAAAAAAAAAAAAAADAi6WysrpQKJWKS82JZMuabhK5iOjF4zx1Yl8Wa7ePczYGIYpnmDibPUFdHT46KFFItEmsbdTuWETs4qh+9UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNW/AQAA//8+lSte")
chdir(&(0x7f0000000240)='./file0\x00')
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x2}, 0x18)
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000003000000400001802c0004ad98a5f08a1d190b00ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73797a3200000000194cd68bbcd1b26d661b4b88a8bb03be04545f5a12b4516a617d3dd6469d788610849bcf9b7848d9dfb15c2ab2f0ba04477083050ef4b984fc304571f6ec5773cb583fe59dc9cab7ad08f9edaedd80f149d88016ef7bfa49a835d3630d473283c18e80f55dd8e0d2aaa8d2085c66b0e3637b44210a7e67cc4a72d964eb2ec8fc32d8353c67fbb7af4a5c456e9f23ba3f3d515f45bff4eb2cc617f5283ea4df418f0f39ddff2868d867daac9c1076f3f1928ede16b2c135127f325b9950d8bd6abc81406f5ff9bdc3133ddff02dec461d007348db9c7f5d08835ab4b817b7f2ced72ab8c5dca483e958745072cc34afec72e20c5554bb71aa"], 0x54}}, 0x0)

1.782976953s ago: executing program 4 (id=4514):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x6, &(0x7f0000000480)=0x2, 0x2}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, &(0x7f0000000200)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x400, &(0x7f00000006c0)=0x5, 0x41}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1d, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x6, &(0x7f0000000ac0)=0x6, 0x6f56143aabde4a7a}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x69, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, &(0x7f0000000e00)=0x7fff, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, &(0x7f0000000e80)=0x800, 0x2}, {0x4, &(0x7f0000000ec0), 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}, {0xfffffffffffff455, &(0x7f0000001a80)=0xe, 0x2}], 0x2e, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = getpid()
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0x0, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r3, 0x0, r2, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x5, 0x1, 0x0, 0xf, 0x0, 0x10, [{0xb, 0x3, 0x9}]}]}, {0x0, [0x0, 0x0, 0x2e, 0x0, 0x61]}}, &(0x7f0000005bc0)=""/255, 0x37, 0xff, 0x9, 0x1000, 0x0, @void, @value}, 0x28)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r5, &(0x7f0000000000), 0x2a979d)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

1.592090786s ago: executing program 0 (id=4515):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0xfffffffc, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, 0x0, 0x0)

1.524734427s ago: executing program 0 (id=4516):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000380)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r6}, 0x18)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x1, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0xb, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x9}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x15, 0x0, 0x48510}, {0x0, 0x8000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {}, {}, {0x5, 0x1000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0x7}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2, 0x0, 0x0, 0x1}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x200000, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x2, 0x0, 0x20000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
sendmsg$kcm(r4, 0x0, 0x20000040)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r8}, 0x10)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x400a1400, 0x0, 0x0, 0x0, 0x0, 0x0)

1.35039221s ago: executing program 3 (id=4517):
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000001c0)='mm_page_free\x00', r0, 0x0, 0x6}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)

690.522249ms ago: executing program 3 (id=4519):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000000, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1000000, {}, {}, @raw32={[0x0, 0xfffffffc]}}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9})
syz_open_dev$tty20(0xc, 0x4, 0x0)
mknod(0x0, 0x8001420, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x5c, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

587.050731ms ago: executing program 0 (id=4520):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
syz_io_uring_setup(0x100293f, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={0x0, 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xd, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r2, @ANYRESHEX=r1], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x20}, 0x18)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x3}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d6200100000000000000ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a0932f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c43ff010000000000000128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee99367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57d31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

538.136792ms ago: executing program 0 (id=4522):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="7bbd70fd661461d7850103025c8e788857329600ee5ecf2eacb893f985429f68d1e86655be89e586fc", 0x29, 0x3)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00')
getdents64(r1, 0x0, 0xffffffff00000018)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0)
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000000)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x3ea}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000)
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="a5", 0x1}], 0x1}}], 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000738000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000005380)=""/231, 0xe7, 0x0, 0x0}, &(0x7f00000064c0)=0x40)

485.450342ms ago: executing program 3 (id=4524):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000001580)=@raw={'raw\x00', 0xe501, 0x3, 0x538, 0x0, 0x6affffff, 0x3403000b, 0x3a0, 0x7, 0x4a0, 0x230, 0x230, 0x4a0, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0x358, 0x3a0, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {0x1}, {}, {0x0, 0xff}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x338}, {}, {}, {0x3}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {0x7, 0x0, 0x6}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0xa1}]}}, @common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@empty, [0xffffff, 0x1000100, 0xffffffff, 0xff], @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}, [0xff, 0xff000000, 0xffffffff, 0xff], @ipv6=@mcast1, [0xffffff00, 0xff000000, 0xffffff00, 0xff], @ipv4=@dev={0xac, 0x14, 0x14, 0x22}, [0xff, 0xffffffff, 0xff0000ff], 0x75, 0x10, 0x2f, 0x4e23, 0x4e20, 0x4e24, 0x4e20}, 0xc1, 0xd2}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x598)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2, 0x11}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES32=0x0, @ANYBLOB="0f0000000000000000000000000000000000000034a804981f7a2191c82773e36ae205c31c4d", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x20, 0xfffffffa, 0x1}, 0x14)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a1810031000000000f000000028002002d1f00"/46, 0x2e}], 0x1}, 0x0)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r8, r0, 0x0, 0xd, &(0x7f0000000080)='sched_switch\x00'}, 0x30)

483.783853ms ago: executing program 4 (id=4525):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000003e000701fcfffffffedbdf25017c"], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

456.322223ms ago: executing program 1 (id=4526):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r0}, 0x18)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

382.262834ms ago: executing program 1 (id=4527):
r0 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061138b0000000000bf2000000000000015000200071b1700bd030100000000009500000000000000bc26080000000000bf67000000000000400300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r5 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x90000000, 0x0}, 0x0, 0x8, &(0x7f0000000200))
tkill(r5, 0x16)

333.195775ms ago: executing program 1 (id=4528):
timer_create(0x3, 0x0, &(0x7f0000000300))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffff", @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x4, 0x2, 0x1c, {0x2, 0x4e24, @empty}}, 0x24)

302.249045ms ago: executing program 3 (id=4529):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex_waitv(&(0x7f0000001ac0)=[{0x287, &(0x7f0000000280)=0x8000, 0x82}, {0x10, &(0x7f00000002c0), 0x2}, {0x8000, &(0x7f0000000300)=0x7, 0x2}, {0x6, &(0x7f0000000340)=0xd075, 0x80}, {0xfff, &(0x7f0000000380)=0x7, 0x2}, {0x2a, &(0x7f00000003c0)=0x3, 0x82}, {0x8, &(0x7f0000000400)=0x1, 0x2}, {0x5, &(0x7f0000000440)=0x800, 0x82}, {0x6, &(0x7f0000000480)=0x2, 0x2}, {0x1, &(0x7f00000004c0)=0xfff, 0x82}, {0x8, &(0x7f0000000540)=0x81, 0x2}, {0x2, &(0x7f0000000580)=0x2c5, 0x82}, {0xfffffffffffffffa, &(0x7f0000000600)=0x8, 0x2}, {0x6, &(0x7f0000000200)=0xffffffffffffffff, 0x82}, {0x1, &(0x7f0000000680)=0x5, 0x82}, {0x400, &(0x7f00000006c0)=0x5, 0x41}, {0x8, &(0x7f0000000700)=0x10, 0x2}, {0x3, &(0x7f0000000740)=0xc2d100000000000, 0x82}, {0x1, &(0x7f0000000780)=0x5, 0x82}, {0x80000000, &(0x7f0000000800)=0x2, 0x82}, {0x5, &(0x7f0000000840)=0x6, 0x82}, {0x1d, &(0x7f0000000880)=0x40, 0x82}, {0xffffffff7fffffff, &(0x7f00000008c0)=0x5, 0x2}, {0xb, &(0x7f0000000900)=0xb, 0x82}, {0x1ff, &(0x7f0000000940)=0x6, 0x2}, {0xfcb, &(0x7f0000000980)=0x3, 0x2}, {0x4, &(0x7f00000009c0)=0x4, 0x2}, {0x81, &(0x7f0000000a00)=0x40, 0x82}, {0x3, &(0x7f0000000a40)=0x1, 0x80}, {0x1, &(0x7f0000000a80)=0x3, 0x2}, {0x6, &(0x7f0000000ac0)=0x6, 0x6f56143aabde4a7a}, {0x191fca1d, &(0x7f0000000b00)=0x1, 0x2}, {0x69, &(0x7f0000000b40), 0x82}, {0x9, &(0x7f0000000b80)=0xfffffffffffffc01, 0x82}, {0x5, &(0x7f0000000bc0)=0x4, 0x2}, {0x6, &(0x7f0000000c00)=0x4, 0x2}, {0xa, &(0x7f0000000c40)=0x100000001, 0x2}, {0x7, &(0x7f0000000c80)=0xfce, 0x82}, {0x2, &(0x7f0000000e00)=0x7fff, 0x2}, {0x50, &(0x7f0000000e40)=0x3ff, 0x2}, {0x8, 0x0, 0x2}, {0x4, &(0x7f0000000ec0), 0x82}, {0x401, &(0x7f0000000f00)=0x1, 0x82}, {0xbe6, &(0x7f0000001a00)=0x185, 0x2}, {0x7, &(0x7f0000001a40)=0xfac, 0x2}, {0xfffffffffffff455, &(0x7f0000001a80)=0xe, 0x2}], 0x2e, 0x0, &(0x7f0000001f40)={0x77359400}, 0x1)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r4, 0x0, r3, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2401, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@struct={0x5, 0x1, 0x0, 0xf, 0x0, 0x10, [{0xb, 0x3, 0x9}]}]}, {0x0, [0x0, 0x0, 0x2e, 0x0, 0x61]}}, &(0x7f0000005bc0)=""/255, 0x37, 0xff, 0x9, 0x1000, 0x0, @void, @value}, 0x28)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$can_raw(0x1d, 0x3, 0x1)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r6, &(0x7f0000000000), 0x2a979d)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002200)=@delchain={0x218, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x1c4, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x1a4, 0x1, [@m_simple={0x30, 0x3e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_skbmod={0x104, 0x1, 0x0, 0x0, {{0xb}, {0x54, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @broadcast}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x6, 0x8, 0xffffffffffffffff, 0x2, 0x6}, 0x7}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0xa39}, @TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}]}, {0x85, 0x6, "3931d6509a0b0c9768f7e06cb1f8dfd5cc656d4153e123f7a69ca11957ce86ccbaecc54e6268f6719901f11aad6e2f520ad4a07e3932cfa10299929099fcb72e038d0569256c0a957607bdf32ee1d87f66ce74f52d97eb07cf53ce480e55a615f5bf7696e22e54df06950835a7b1967f7599048b9a6dec6562c5dcb62b1e28dfa5"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_connmark={0x6c, 0x15, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x4, 0x1, 0xc, 0x8}, 0xff21}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x2, 0x20000000, 0x1, 0x6}, 0x8}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}]}}, @filter_kind_options=@f_flower={{0xb}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x20, 0x5}}]}, 0x218}, 0x1, 0x0, 0x0, 0x40000c1}, 0x20000080)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)

301.156945ms ago: executing program 4 (id=4530):
perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x20a0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x10875, 0x0, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './file0', [{0x20, 'kfree\x00'}, {0x20, '/dev/bus/usb/00#/00#\x00'}, {0x20, '/dev/sg#\x00'}, {0x20, '%^'}], 0xa, "05acd7e30634a4a852bab3fb9de93ccbff1319f1c8dd3ab4e084e24b611f9323d53511918de49b33c8d37c6ee3c55bf8db0d766913fd7d404f14b492f67c4ff1d18ab65f01c6fc149119741cc53623e1ce91b4c0dbd8926c028d02a37a39d89d91a799bb93540a4fce73a0116b3b002542a7cac2"}, 0xa9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="8b332cbd965623610000050000"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), r1)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000140))
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x2f, 0xd0, 0xd5, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @multicast1}, @remote, 0x8, 0x40, 0x1ff, 0xa}})
mount$bind(0x0, 0x0, 0x0, 0x2901090, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000040)=ANY=[])
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}, 0x122)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})

290.466376ms ago: executing program 1 (id=4531):
openat$autofs(0xffffffffffffff9c, &(0x7f0000000400), 0x141140, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x3)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000340)='cgroup.procs\x00', 0x2, 0x0)
r4 = openat$cgroup_subtree(r1, &(0x7f0000000200), 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x2007ffc)
sendfile(r3, r4, 0x0, 0x800000006)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = syz_open_procfs(0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
writev(0xffffffffffffffff, &(0x7f0000000280), 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4004000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB="0000ff0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180000004d170000000000000000000018120000", @ANYRES32=<r8=>r6, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000004c0)='pwc_handler_enter\x00', r7, 0x0, 0x3}, 0x18)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1e00000003001000080000000100000000000000", @ANYRES32=r6, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r8], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r9}, &(0x7f0000000500), &(0x7f0000000580)}, 0x20)
r11 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r11, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000580)="89", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="bc", 0x1}], 0x1}}], 0x2, 0x240008d9)
close(r11)

218.869327ms ago: executing program 1 (id=4532):
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")

103.589099ms ago: executing program 5 (id=4533):
perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x20a0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x10875, 0x0, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0', [{0x20, 'kfree\x00'}, {0x20, '/dev/bus/usb/00#/00#\x00'}, {0x20, '/dev/sg#\x00'}, {0x20, '%^'}], 0xa, "05acd7e30634a4a852bab3fb9de93ccbff1319f1c8dd3ab4e084e24b611f9323d53511918de49b33c8d37c6ee3c55bf8db0d766913fd7d404f14b492f67c4ff1d18ab65f01c6fc149119741cc53623e1ce91b4c0dbd8926c028d02a37a39d89d91a799bb93540a4fce73a0116b3b002542a7cac2"}, 0xa9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="8b332cbd96562361000005000000080003"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), r2)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000140))
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x2f, 0xd0, 0xd5, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @multicast1}, @remote, 0x8, 0x40, 0x1ff, 0xa}})
mount$bind(0x0, 0x0, 0x0, 0x2901090, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000040)=ANY=[])
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x122)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})

39.05672ms ago: executing program 0 (id=4534):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r1 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r1, {0x1}}, './file0\x00'})
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000000c0)={0xf, 0x2, 0x8003, 0x5, 0x0, 0xffffffff, 0x48, 0x401}, 0x20)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0xffffffffffffffff}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$hiddev(0x0, 0x2, 0x440)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x1)
r7 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0xfc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)

0s ago: executing program 1 (id=4535):
perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x20a0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x10875, 0x0, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0', [{0x20, 'kfree\x00'}, {0x20, '/dev/bus/usb/00#/00#\x00'}, {0x20, '/dev/sg#\x00'}, {0x20, '%^'}], 0xa, "05acd7e30634a4a852bab3fb9de93ccbff1319f1c8dd3ab4e084e24b611f9323d53511918de49b33c8d37c6ee3c55bf8db0d766913fd7d404f14b492f67c4ff1d18ab65f01c6fc149119741cc53623e1ce91b4c0dbd8926c028d02a37a39d89d91a799bb93540a4fce73a0116b3b002542a7cac2"}, 0xa9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="8b332cbd96562361000005000000080003"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), r2)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000140))
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x2f, 0xd0, 0xd5, 0x9, 0x8, @ipv4={'\x00', '\xff\xff', @multicast1}, @remote, 0x8, 0x40, 0x1ff, 0xa}})
mount$bind(0x0, 0x0, 0x0, 0x2901090, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000040)=ANY=[])
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x122)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})

kernel console output (not intermixed with test programs):

91][   T29] audit: type=1326 audit(335.043:25286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16271 comm="syz.5.4083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0169ace929 code=0x7ffc0000
[  335.240928][   T29] audit: type=1326 audit(335.043:25287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16271 comm="syz.5.4083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0169ace929 code=0x7ffc0000
[  335.264087][   T29] audit: type=1326 audit(335.043:25288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16271 comm="syz.5.4083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0169ace929 code=0x7ffc0000
[  335.474451][T16292] FAULT_INJECTION: forcing a failure.
[  335.474451][T16292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.487821][T16292] CPU: 0 UID: 0 PID: 16292 Comm: syz.5.4091 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  335.487920][T16292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  335.487937][T16292] Call Trace:
[  335.487944][T16292]  <TASK>
[  335.487951][T16292]  __dump_stack+0x1d/0x30
[  335.487976][T16292]  dump_stack_lvl+0xe8/0x140
[  335.488002][T16292]  dump_stack+0x15/0x1b
[  335.488024][T16292]  should_fail_ex+0x265/0x280
[  335.488066][T16292]  should_fail+0xb/0x20
[  335.488144][T16292]  should_fail_usercopy+0x1a/0x20
[  335.488186][T16292]  _copy_to_user+0x20/0xa0
[  335.488206][T16292]  simple_read_from_buffer+0xb5/0x130
[  335.488329][T16292]  proc_fail_nth_read+0x100/0x140
[  335.488356][T16292]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  335.488437][T16292]  vfs_read+0x1a0/0x6f0
[  335.488538][T16292]  ? sock_common_getsockopt+0x60/0x70
[  335.488563][T16292]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  335.488652][T16292]  ? do_sock_getsockopt+0x200/0x240
[  335.488691][T16292]  ksys_read+0xda/0x1a0
[  335.488736][T16292]  __x64_sys_read+0x40/0x50
[  335.488846][T16292]  x64_sys_call+0x2d77/0x2fb0
[  335.488869][T16292]  do_syscall_64+0xd2/0x200
[  335.488892][T16292]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  335.488926][T16292]  ? clear_bhb_loop+0x40/0x90
[  335.488954][T16292]  ? clear_bhb_loop+0x40/0x90
[  335.488975][T16292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.489005][T16292] RIP: 0033:0x7f0169acd33c
[  335.489024][T16292] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  335.489046][T16292] RSP: 002b:00007f0168137030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  335.489070][T16292] RAX: ffffffffffffffda RBX: 00007f0169cf5fa0 RCX: 00007f0169acd33c
[  335.489166][T16292] RDX: 000000000000000f RSI: 00007f01681370a0 RDI: 0000000000000004
[  335.489182][T16292] RBP: 00007f0168137090 R08: 0000000000000000 R09: 0000000000000000
[  335.489197][T16292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.489213][T16292] R13: 0000000000000000 R14: 00007f0169cf5fa0 R15: 00007ffd3c3faa68
[  335.489238][T16292]  </TASK>
[  335.714394][T16296] xt_hashlimit: size too large, truncated to 1048576
[  335.725821][T16297] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  335.755210][T16297] loop1: detected capacity change from 0 to 764
[  335.767157][T16297] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  335.881017][T16305] netlink: 'syz.5.4095': attribute type 6 has an invalid length.
[  335.927678][T16305] loop5: detected capacity change from 0 to 512
[  335.970312][T16307] loop3: detected capacity change from 0 to 512
[  335.993345][T16305] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  336.001880][T16307] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  336.029646][T16305] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.4095: corrupted in-inode xattr: e_value out of bounds
[  336.062428][T16307] EXT4-fs (loop3): 1 truncate cleaned up
[  336.072883][T16305] EXT4-fs (loop5): Remounting filesystem read-only
[  336.088253][T16307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.096772][T16307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.108218][T16318] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  336.124722][T16318] loop1: detected capacity change from 0 to 764
[  336.133259][T16318] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  336.357013][T16329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4105'.
[  336.370662][T16329] IPv6: sit1: Disabled Multicast RS
[  336.377002][T16329] sit1: entered allmulticast mode
[  336.378257][T16334] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4107'.
[  336.415121][T16337] xt_hashlimit: size too large, truncated to 1048576
[  336.709458][T16341] xt_hashlimit: size too large, truncated to 1048576
[  336.798134][T16348] netlink: 'syz.0.4111': attribute type 6 has an invalid length.
[  336.840119][T16348] loop0: detected capacity change from 0 to 512
[  336.864086][T16348] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  336.892259][T16348] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4111: corrupted in-inode xattr: e_value out of bounds
[  336.920926][T16348] EXT4-fs (loop0): Remounting filesystem read-only
[  337.050604][T16356] loop3: detected capacity change from 0 to 764
[  337.089828][T16356] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  337.275665][T16360] loop3: detected capacity change from 0 to 764
[  337.288912][T16360] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  337.429523][T16374] ALSA: seq fatal error: cannot create timer (-19)
[  337.658237][T16382] netlink: 'syz.5.4125': attribute type 10 has an invalid length.
[  337.666354][T16382] veth0_vlan: entered allmulticast mode
[  337.693055][T16382] veth0_vlan: left promiscuous mode
[  337.706519][T16382] veth0_vlan: entered promiscuous mode
[  337.726447][T16382] team0: Device veth0_vlan failed to register rx_handler
[  337.816618][T16398] netlink: 'syz.1.4129': attribute type 6 has an invalid length.
[  337.828834][T16398] loop1: detected capacity change from 0 to 512
[  337.877947][T16398] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  337.903175][T16398] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.4129: corrupted in-inode xattr: e_value out of bounds
[  337.939845][T16398] EXT4-fs (loop1): Remounting filesystem read-only
[  337.980202][T16409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.988875][T16409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.842409][T16413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.851126][T16413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.880159][T16411] netlink: 'syz.0.4134': attribute type 10 has an invalid length.
[  338.909880][T16405] loop3: detected capacity change from 0 to 764
[  338.916869][T16411] __nla_validate_parse: 2 callbacks suppressed
[  338.916883][T16411] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4134'.
[  338.941679][T16405] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  339.023669][T16420] loop0: detected capacity change from 0 to 512
[  339.037506][T16420] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  339.053226][T16420] EXT4-fs (loop0): orphan cleanup on readonly fs
[  339.060605][T16420] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.4137: Block bitmap for bg 0 marked uninitialized
[  339.070996][T16423] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  339.075935][T16420] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  339.092976][T16420] EXT4-fs (loop0): 1 orphan inode deleted
[  339.102446][T16420] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  339.113829][T16420] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  339.130019][T16423] loop3: detected capacity change from 0 to 764
[  339.134544][T16420] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4137'.
[  339.146902][T16423] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  339.149464][T16420] program syz.0.4137 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  339.167220][T16420] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.4137: Block bitmap for bg 0 marked uninitialized
[  339.222133][T16429] loop1: detected capacity change from 0 to 512
[  339.229997][T16429] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  339.242581][T16429] EXT4-fs (loop1): orphan cleanup on readonly fs
[  339.249766][T16429] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4141: Block bitmap for bg 0 marked uninitialized
[  339.256498][T16433] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  339.264773][T16429] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  339.281202][T16429] EXT4-fs (loop1): 1 orphan inode deleted
[  339.283624][T16433] loop3: detected capacity change from 0 to 764
[  339.293731][T16429] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  339.304540][T16433] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  339.305043][T16429] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  339.328394][T16429] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4141: Block bitmap for bg 0 marked uninitialized
[  339.421886][T16438] ALSA: seq fatal error: cannot create timer (-19)
[  339.609317][T16442] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  339.627208][T16442] loop3: detected capacity change from 0 to 764
[  339.634945][T16442] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  339.715266][T16444] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4146'.
[  339.729121][T16444] loop3: detected capacity change from 0 to 1024
[  339.736260][T16444] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  339.744812][T16444] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  339.755857][T16444] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  339.766003][T16444] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  339.777157][T16444] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: inode #17: comm syz.3.4146: iget: bad i_size value: 4398046511204
[  339.790684][T16444] EXT4-fs (loop3): no journal found
[  339.842455][T16448] loop3: detected capacity change from 0 to 764
[  339.850051][T16448] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  339.954302][T16456] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  339.969665][T16458] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  339.978625][T16456] loop3: detected capacity change from 0 to 764
[  339.986185][T16456] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  339.994551][T16458] loop0: detected capacity change from 0 to 764
[  340.006020][T16458] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  340.082962][T16465] xt_hashlimit: size too large, truncated to 1048576
[  340.086448][T16460] ALSA: seq fatal error: cannot create timer (-19)
[  340.231720][   T29] kauditd_printk_skb: 952 callbacks suppressed
[  340.231738][   T29] audit: type=1326 audit(340.193:26241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.261155][   T29] audit: type=1326 audit(340.203:26242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.284612][   T29] audit: type=1326 audit(340.203:26243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.307831][   T29] audit: type=1326 audit(340.203:26244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.331473][   T29] audit: type=1326 audit(340.203:26245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.354748][   T29] audit: type=1326 audit(340.203:26246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.377985][   T29] audit: type=1326 audit(340.203:26247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.401044][   T29] audit: type=1326 audit(340.203:26248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.424279][   T29] audit: type=1326 audit(340.203:26249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.447397][   T29] audit: type=1326 audit(340.203:26250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16469 comm="syz.3.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  340.687467][T16475] loop1: detected capacity change from 0 to 2048
[  340.887710][T16482] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  340.910639][T16482] loop4: detected capacity change from 0 to 764
[  340.918433][T16482] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  340.935866][T16487] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  340.954551][T16487] loop0: detected capacity change from 0 to 764
[  340.990889][T16487] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  341.021223][T16483] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4158: bg 0: block 345: padding at end of block bitmap is not set
[  341.054217][ T3731] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1352 with error 117
[  341.067096][ T3731] EXT4-fs (loop1): This should not happen!! Data will be lost
[  341.067096][ T3731] 
[  341.117509][T16492] siw: device registration error -23
[  341.251621][T16509] xt_hashlimit: size too large, truncated to 1048576
[  341.265245][   T87] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1368 with max blocks 1 with error 28
[  341.278252][   T87] EXT4-fs (loop1): This should not happen!! Data will be lost
[  341.278252][   T87] 
[  341.287935][   T87] EXT4-fs (loop1): Total free blocks count 0
[  341.294090][   T87] EXT4-fs (loop1): Free/Dirty block details
[  341.300058][   T87] EXT4-fs (loop1): free_blocks=0
[  341.305086][   T87] EXT4-fs (loop1): dirty_blocks=16
[  341.310452][   T87] EXT4-fs (loop1): Block reservation details
[  341.316457][   T87] EXT4-fs (loop1): i_reserved_data_blocks=1
[  341.358912][T16510] netlink: 'syz.3.4170': attribute type 6 has an invalid length.
[  341.381356][T16510] loop3: detected capacity change from 0 to 512
[  341.412532][T16510] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  341.418178][T12143] EXT4-fs unmount: 61 callbacks suppressed
[  341.466055][T16510] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.4170: corrupted in-inode xattr: e_value out of bounds
[  341.499075][T16510] EXT4-fs (loop3): Remounting filesystem read-only
[  341.506212][T16510] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.783409][T16523] loop1: detected capacity change from 0 to 512
[  341.818711][T16523] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  341.907635][T16523] EXT4-fs (loop1): 1 truncate cleaned up
[  341.926152][T16523] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.965661][T16523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.974362][T16523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.052330][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.184891][T16533] siw: device registration error -23
[  342.205823][T16532] xt_hashlimit: size too large, truncated to 1048576
[  342.543931][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.726874][T16544] netlink: 'syz.1.4181': attribute type 10 has an invalid length.
[  342.743574][T16544] veth0_vlan: entered allmulticast mode
[  342.758607][T16544] veth0_vlan: left promiscuous mode
[  342.765060][T16544] veth0_vlan: entered promiscuous mode
[  342.770981][T16548] loop0: detected capacity change from 0 to 512
[  342.773424][T16544] team0: Device veth0_vlan failed to register rx_handler
[  342.783853][T16548] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  342.804099][T16548] EXT4-fs: error: could not find journal device path
[  342.843208][T16550] loop1: detected capacity change from 0 to 764
[  342.878842][T16550] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  343.155679][T16565] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.166446][T16565] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.180591][T16565] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  343.195999][T16566] netlink: 'syz.0.4188': attribute type 6 has an invalid length.
[  343.256105][T16564] loop0: detected capacity change from 0 to 512
[  343.500017][T16564] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  343.527011][T16563] SELinux: syz.1.4190 (16563) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  343.559868][T16564] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4188: corrupted in-inode xattr: e_value out of bounds
[  343.619066][T16564] EXT4-fs (loop0): Remounting filesystem read-only
[  343.624361][T16568] SELinux: syz.3.4191 (16568) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  343.626052][T16564] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.701250][T16571] loop1: detected capacity change from 0 to 2048
[  343.722301][T16571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.773701][T16579] futex_wake_op: syz.4.4193 tries to shift op by -1; fix this program
[  343.840376][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.036308][T16592] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4192: bg 0: block 345: padding at end of block bitmap is not set
[  344.177106][   T87] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[  344.189965][   T87] EXT4-fs (loop1): This should not happen!! Data will be lost
[  344.189965][   T87] 
[  344.343986][T16599] sd 0:0:1:0: device reset
[  344.384117][T16579] lo speed is unknown, defaulting to 1000
[  344.397328][T16598] loop3: detected capacity change from 0 to 512
[  344.457368][T16598] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  344.488958][T16598] EXT4-fs (loop3): orphan cleanup on readonly fs
[  344.498123][T16598] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4201: Block bitmap for bg 0 marked uninitialized
[  344.519043][T16598] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  344.536826][T16598] EXT4-fs (loop3): 1 orphan inode deleted
[  344.549006][T16598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  344.564866][T16598] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  344.575201][T16598] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  344.588546][T16598] __nla_validate_parse: 4 callbacks suppressed
[  344.588576][T16598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4201'.
[  344.613240][ T3731] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 1024 with error 117
[  344.626245][ T3731] EXT4-fs (loop1): This should not happen!! Data will be lost
[  344.626245][ T3731] 
[  344.650174][T16598] program syz.3.4201 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  344.667129][ T3731] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2056 with max blocks 276 with error 28
[  344.680185][ T3731] EXT4-fs (loop1): This should not happen!! Data will be lost
[  344.680185][ T3731] 
[  344.690147][ T3731] EXT4-fs (loop1): Total free blocks count 0
[  344.696294][ T3731] EXT4-fs (loop1): Free/Dirty block details
[  344.702599][ T3731] EXT4-fs (loop1): free_blocks=0
[  344.709218][T16601] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4201: Block bitmap for bg 0 marked uninitialized
[  344.745882][T16605] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  344.841684][T16605] loop4: detected capacity change from 0 to 764
[  344.871311][T16605] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  344.883535][T16609] loop0: detected capacity change from 0 to 2048
[  344.904985][T16609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.986491][T16614] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4205: bg 0: block 345: padding at end of block bitmap is not set
[  345.018031][T16615] netlink: 'syz.4.4206': attribute type 6 has an invalid length.
[  345.042489][T16615] loop4: detected capacity change from 0 to 512
[  345.049906][T16615] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  345.061721][T16615] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.4206: corrupted in-inode xattr: e_value out of bounds
[  345.076377][T16615] EXT4-fs (loop4): Remounting filesystem read-only
[  345.083663][T16615] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.110145][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.159646][T16620] netlink: 'syz.1.4207': attribute type 10 has an invalid length.
[  345.174232][T16620] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4207'.
[  345.312617][T16624] SELinux: syz.3.4210 (16624) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  345.466214][T16632] loop3: detected capacity change from 0 to 2048
[  345.499919][T16632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.807299][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.849823][   T29] kauditd_printk_skb: 389 callbacks suppressed
[  345.849841][   T29] audit: type=1326 audit(345.824:26640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.027701][   T29] audit: type=1326 audit(345.824:26641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.051008][   T29] audit: type=1326 audit(345.824:26642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.074439][   T29] audit: type=1326 audit(345.824:26643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.097523][   T29] audit: type=1326 audit(345.824:26644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.121547][   T29] audit: type=1326 audit(345.824:26645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.144909][   T29] audit: type=1326 audit(345.884:26646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.168419][   T29] audit: type=1326 audit(345.894:26647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.191735][   T29] audit: type=1326 audit(345.894:26648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.202946][T16638] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4213: bg 0: block 345: padding at end of block bitmap is not set
[  346.214994][   T29] audit: type=1326 audit(345.894:26649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16636 comm="syz.4.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  346.273680][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.335066][T16649] netlink: 'syz.0.4216': attribute type 10 has an invalid length.
[  346.376021][ T3698] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1483 with error 117
[  346.388798][ T3698] EXT4-fs (loop3): This should not happen!! Data will be lost
[  346.388798][ T3698] 
[  346.444068][T16650] loop1: detected capacity change from 0 to 764
[  346.459090][T16649] veth0_vlan: left promiscuous mode
[  346.480969][T16650] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  346.496799][T16649] veth0_vlan: entered promiscuous mode
[  346.529361][T16649] team0: Device veth0_vlan failed to register rx_handler
[  346.568859][T16652] netlink: 'syz.5.4218': attribute type 10 has an invalid length.
[  346.586349][T16652] netlink: 14 bytes leftover after parsing attributes in process `syz.5.4218'.
[  346.731622][T16655] loop1: detected capacity change from 0 to 2048
[  346.782000][T16663] netlink: 'syz.5.4223': attribute type 10 has an invalid length.
[  346.830649][T16655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.917550][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1499 with max blocks 1 with error 28
[  346.930191][   T12] EXT4-fs (loop3): This should not happen!! Data will be lost
[  346.930191][   T12] 
[  346.939898][   T12] EXT4-fs (loop3): Total free blocks count 0
[  346.945943][   T12] EXT4-fs (loop3): Free/Dirty block details
[  346.951915][   T12] EXT4-fs (loop3): free_blocks=0
[  346.956986][   T12] EXT4-fs (loop3): dirty_blocks=16
[  346.962157][   T12] EXT4-fs (loop3): Block reservation details
[  347.025093][T16667] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4220: bg 0: block 345: padding at end of block bitmap is not set
[  347.371145][T16663] veth0_vlan: left promiscuous mode
[  347.389288][T16663] veth0_vlan: entered promiscuous mode
[  347.396172][T16663] team0: Device veth0_vlan failed to register rx_handler
[  347.534936][T16689] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  347.599212][T16690] loop3: detected capacity change from 0 to 764
[  347.616464][T16693] loop0: detected capacity change from 0 to 2048
[  347.632115][T16689] loop5: detected capacity change from 0 to 764
[  347.640970][T16689] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  347.660196][T16690] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  347.729821][T16693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.745503][T16697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.754128][T16697] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.126964][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.155440][T16703] loop5: detected capacity change from 0 to 512
[  348.166787][T16699] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4234: bg 0: block 345: padding at end of block bitmap is not set
[  348.186758][T16703] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  348.213778][T16703] EXT4-fs (loop5): orphan cleanup on readonly fs
[  348.231591][T16707] ALSA: seq fatal error: cannot create timer (-19)
[  348.280038][T16703] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.4235: Block bitmap for bg 0 marked uninitialized
[  348.307824][T16715] loop3: detected capacity change from 0 to 512
[  348.315218][T16715] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  348.358602][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  348.358640][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  348.358640][   T12] 
[  348.381755][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 1849 with error 28
[  348.381790][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  348.381790][   T12] 
[  348.381808][   T12] EXT4-fs (loop0): Total free blocks count 0
[  348.381824][   T12] EXT4-fs (loop0): Free/Dirty block details
[  348.381839][   T12] EXT4-fs (loop0): free_blocks=0
[  348.381865][   T12] EXT4-fs (loop0): dirty_blocks=1856
[  348.381923][   T12] EXT4-fs (loop0): Block reservation details
[  348.498025][T16703] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  348.550216][T16715] EXT4-fs (loop3): 1 truncate cleaned up
[  348.556741][T16715] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.590639][T16703] EXT4-fs (loop5): 1 orphan inode deleted
[  348.609777][T16703] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  348.628554][T16715] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.637145][T16715] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.648360][T16720] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  348.658770][T16703] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  348.671655][T16703] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  348.687832][T16720] loop1: detected capacity change from 0 to 764
[  348.698704][T16703] program syz.5.4235 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  348.710927][T16720] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  348.731287][T16703] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.4235: Block bitmap for bg 0 marked uninitialized
[  348.820970][T16729] netlink: 'syz.1.4245': attribute type 10 has an invalid length.
[  348.829207][T16729] veth0_vlan: left promiscuous mode
[  348.834948][T16729] veth0_vlan: entered promiscuous mode
[  348.843961][T16729] team0: Device veth0_vlan failed to register rx_handler
[  348.866029][T16731] loop0: detected capacity change from 0 to 512
[  348.873655][T16731] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  348.886596][T16731] EXT4-fs (loop0): 1 truncate cleaned up
[  348.892909][T16731] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.916138][T16734] loop1: detected capacity change from 0 to 2048
[  348.924375][T16731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.929143][T16734] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.933093][T16731] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.990876][T13721] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.062908][T16738] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4247: bg 0: block 345: padding at end of block bitmap is not set
[  349.111726][T16745] xt_hashlimit: size too large, truncated to 1048576
[  349.182825][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.280964][T16749] netlink: 'syz.3.4251': attribute type 10 has an invalid length.
[  349.309875][T16749] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4251'.
[  349.403068][T16751] netlink: 'syz.5.4252': attribute type 10 has an invalid length.
[  349.412793][T16751] veth0_vlan: left promiscuous mode
[  349.420898][T16751] veth0_vlan: entered promiscuous mode
[  349.429248][T16751] team0: Device veth0_vlan failed to register rx_handler
[  349.446568][T16753] loop3: detected capacity change from 0 to 2048
[  349.459807][T16753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.485541][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.528175][T16757] loop0: detected capacity change from 0 to 2048
[  349.553774][T16757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.569413][T16759] loop5: detected capacity change from 0 to 512
[  349.577759][T16759] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  349.597287][T16759] EXT4-fs: error: could not find journal device path
[  349.647585][T16763] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4253: bg 0: block 345: padding at end of block bitmap is not set
[  349.679707][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 692 with error 117
[  349.693037][   T12] EXT4-fs (loop3): This should not happen!! Data will be lost
[  349.693037][   T12] 
[  349.771793][T16768] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4254: bg 0: block 345: padding at end of block bitmap is not set
[  349.847524][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 718 with error 117
[  349.860330][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  349.860330][   T12] 
[  349.904531][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 734 with max blocks 1 with error 28
[  349.917381][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  349.917381][   T12] 
[  349.927406][   T12] EXT4-fs (loop0): Total free blocks count 0
[  349.933784][   T12] EXT4-fs (loop0): Free/Dirty block details
[  349.939850][   T12] EXT4-fs (loop0): free_blocks=0
[  349.944953][   T12] EXT4-fs (loop0): dirty_blocks=16
[  349.950279][   T12] EXT4-fs (loop0): Block reservation details
[  350.021813][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.158976][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 708 with max blocks 1 with error 28
[  350.171801][   T12] EXT4-fs (loop3): This should not happen!! Data will be lost
[  350.171801][   T12] 
[  350.181591][   T12] EXT4-fs (loop3): Total free blocks count 0
[  350.187640][   T12] EXT4-fs (loop3): Free/Dirty block details
[  350.193647][   T12] EXT4-fs (loop3): free_blocks=0
[  350.198764][   T12] EXT4-fs (loop3): dirty_blocks=16
[  350.203931][   T12] EXT4-fs (loop3): Block reservation details
[  350.213020][T16775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.221673][T16775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.336655][T16780] netlink: 'syz.1.4260': attribute type 6 has an invalid length.
[  350.348664][T16780] loop1: detected capacity change from 0 to 512
[  350.359007][T16780] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  350.369276][T16780] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.4260: corrupted in-inode xattr: e_value out of bounds
[  350.388405][T16780] EXT4-fs (loop1): Remounting filesystem read-only
[  350.407051][T16780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.575612][T16783] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  350.615682][T16787] netlink: 'syz.4.4263': attribute type 10 has an invalid length.
[  350.632994][T16783] loop3: detected capacity change from 0 to 764
[  350.641432][T16783] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  350.659620][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.675793][T16789] netlink: 14 bytes leftover after parsing attributes in process `syz.4.4263'.
[  350.808262][T16797] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4265'.
[  350.817362][T16797] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4265'.
[  350.841791][T16799] loop3: detected capacity change from 0 to 512
[  350.848772][T16799] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  350.868233][T16799] EXT4-fs: error: could not find journal device path
[  350.883194][T16801] loop4: detected capacity change from 0 to 2048
[  350.931656][T16801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.974466][T16813] loop1: detected capacity change from 0 to 2048
[  350.978606][T16811] loop3: detected capacity change from 0 to 2048
[  351.010018][T16813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.066514][T16811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.089968][T16816] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4268: bg 0: block 345: padding at end of block bitmap is not set
[  351.106292][   T29] kauditd_printk_skb: 288 callbacks suppressed
[  351.106307][   T29] audit: type=1107 audit(351.064:26938): pid=16802 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  351.251946][T16823] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4272: bg 0: block 345: padding at end of block bitmap is not set
[  351.271504][T16822] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4273: bg 0: block 345: padding at end of block bitmap is not set
[  351.365213][   T29] audit: type=1326 audit(351.334:26939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.388586][   T29] audit: type=1326 audit(351.334:26940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.412274][   T29] audit: type=1326 audit(351.334:26941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.435678][   T29] audit: type=1326 audit(351.334:26942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.459528][   T29] audit: type=1326 audit(351.334:26943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.483257][   T29] audit: type=1326 audit(351.334:26944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.506393][   T29] audit: type=1326 audit(351.334:26945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.529601][   T29] audit: type=1326 audit(351.334:26946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.552717][   T29] audit: type=1326 audit(351.334:26947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.0.4274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa7ab3e929 code=0x7ffc0000
[  351.682033][T16831] netlink: 'syz.0.4275': attribute type 6 has an invalid length.
[  351.694299][T16831] loop0: detected capacity change from 0 to 512
[  351.701526][T16831] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  351.711584][T16831] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4275: corrupted in-inode xattr: e_value out of bounds
[  351.726323][T16831] EXT4-fs (loop0): Remounting filesystem read-only
[  351.734583][T16831] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.862419][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.883325][   T12] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 609 with error 117
[  351.896024][   T12] EXT4-fs (loop1): This should not happen!! Data will be lost
[  351.896024][   T12] 
[  351.913988][ T3716] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 442 with error 117
[  351.926782][ T3716] EXT4-fs (loop3): This should not happen!! Data will be lost
[  351.926782][ T3716] 
[  351.941927][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.965516][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.019088][T16842] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  352.019808][T16840] netlink: 'syz.4.4280': attribute type 10 has an invalid length.
[  352.038180][T16842] loop3: detected capacity change from 0 to 764
[  352.045959][T16842] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  352.054654][T16840] netlink: 14 bytes leftover after parsing attributes in process `syz.4.4280'.
[  352.070993][T16844] loop1: detected capacity change from 0 to 512
[  352.077799][T16844] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  352.097233][T16844] EXT4-fs: error: could not find journal device path
[  352.435032][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.680865][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  357.680887][   T29] audit: type=1326 audit(357.654:27067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.724125][T16858] netlink: 'syz.4.4287': attribute type 4 has an invalid length.
[  357.746616][   T29] audit: type=1326 audit(357.684:27068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.770164][   T29] audit: type=1326 audit(357.684:27069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.794059][   T29] audit: type=1326 audit(357.684:27070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.797012][T16854] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4283'.
[  357.817326][   T29] audit: type=1326 audit(357.684:27071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.851505][   T29] audit: type=1326 audit(357.684:27072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.874646][   T29] audit: type=1326 audit(357.684:27073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.897916][   T29] audit: type=1326 audit(357.684:27074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.921156][   T29] audit: type=1326 audit(357.684:27075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.923956][T16858] loop4: detected capacity change from 0 to 512
[  357.944162][   T29] audit: type=1326 audit(357.684:27076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16853 comm="syz.3.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  357.977172][T16864] FAULT_INJECTION: forcing a failure.
[  357.977172][T16864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.990769][T16864] CPU: 1 UID: 0 PID: 16864 Comm: syz.1.4288 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  357.990841][T16864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  357.990880][T16864] Call Trace:
[  357.990889][T16864]  <TASK>
[  357.990899][T16864]  __dump_stack+0x1d/0x30
[  357.990928][T16864]  dump_stack_lvl+0xe8/0x140
[  357.990951][T16864]  dump_stack+0x15/0x1b
[  357.990972][T16864]  should_fail_ex+0x265/0x280
[  357.991032][T16864]  should_fail+0xb/0x20
[  357.991061][T16864]  should_fail_usercopy+0x1a/0x20
[  357.991101][T16864]  _copy_to_user+0x20/0xa0
[  357.991197][T16864]  simple_read_from_buffer+0xb5/0x130
[  357.991304][T16864]  proc_fail_nth_read+0x100/0x140
[  357.991329][T16864]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  357.991402][T16864]  vfs_read+0x1a0/0x6f0
[  357.991437][T16864]  ? __rcu_read_unlock+0x4f/0x70
[  357.991459][T16864]  ? __fget_files+0x184/0x1c0
[  357.991530][T16864]  ksys_read+0xda/0x1a0
[  357.991570][T16864]  __x64_sys_read+0x40/0x50
[  357.991593][T16858] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  357.991657][T16864]  x64_sys_call+0x2d77/0x2fb0
[  357.991688][T16864]  do_syscall_64+0xd2/0x200
[  357.991717][T16864]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  357.991756][T16864]  ? clear_bhb_loop+0x40/0x90
[  357.991788][T16864]  ? clear_bhb_loop+0x40/0x90
[  357.991894][T16864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.991924][T16864] RIP: 0033:0x7fe1152cd33c
[  357.991945][T16864] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  357.991971][T16864] RSP: 002b:00007fe113916030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  357.991998][T16864] RAX: ffffffffffffffda RBX: 00007fe1154f6080 RCX: 00007fe1152cd33c
[  357.992017][T16864] RDX: 000000000000000f RSI: 00007fe1139160a0 RDI: 0000000000000004
[  357.992057][T16864] RBP: 00007fe113916090 R08: 0000000000000000 R09: 0000000000000000
[  357.992074][T16864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.992091][T16864] R13: 0000000000000000 R14: 00007fe1154f6080 R15: 00007ffde1c1d568
[  357.992118][T16864]  </TASK>
[  358.123066][T16868] loop1: detected capacity change from 0 to 256
[  358.131766][T16858] EXT4-fs (loop4): 1 truncate cleaned up
[  358.235141][T16858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.249558][T16858] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.305534][T16897] FAULT_INJECTION: forcing a failure.
[  358.305534][T16897] name failslab, interval 1, probability 0, space 0, times 0
[  358.318613][T16897] CPU: 1 UID: 0 PID: 16897 Comm: syz.0.4296 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  358.318644][T16897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.318657][T16897] Call Trace:
[  358.318669][T16897]  <TASK>
[  358.318681][T16897]  __dump_stack+0x1d/0x30
[  358.318709][T16897]  dump_stack_lvl+0xe8/0x140
[  358.318735][T16897]  dump_stack+0x15/0x1b
[  358.318843][T16897]  should_fail_ex+0x265/0x280
[  358.318882][T16897]  ? _request_firmware+0x1a3/0xbb0
[  358.318934][T16897]  should_failslab+0x8c/0xb0
[  358.318965][T16897]  __kmalloc_cache_noprof+0x4c/0x320
[  358.319009][T16897]  _request_firmware+0x1a3/0xbb0
[  358.319043][T16897]  ? should_fail_ex+0xdb/0x280
[  358.319081][T16897]  ? __rtnl_unlock+0x95/0xb0
[  358.319118][T16897]  ? netdev_run_todo+0x7cc/0x820
[  358.319194][T16897]  request_firmware+0x36/0x50
[  358.319227][T16897]  reg_reload_regdb+0x57/0x250
[  358.319275][T16897]  nl80211_reload_regdb+0xe/0x20
[  358.319348][T16897]  genl_family_rcv_msg_doit+0x140/0x1b0
[  358.319394][T16897]  genl_rcv_msg+0x422/0x460
[  358.319440][T16897]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  358.319469][T16897]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  358.319502][T16897]  ? __pfx_nl80211_post_doit+0x10/0x10
[  358.319533][T16897]  netlink_rcv_skb+0x123/0x220
[  358.319579][T16897]  ? __pfx_genl_rcv_msg+0x10/0x10
[  358.319613][T16897]  genl_rcv+0x28/0x40
[  358.319639][T16897]  netlink_unicast+0x59e/0x670
[  358.319681][T16897]  netlink_sendmsg+0x58b/0x6b0
[  358.319709][T16897]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.319815][T16897]  __sock_sendmsg+0x142/0x180
[  358.319847][T16897]  ____sys_sendmsg+0x31e/0x4e0
[  358.319917][T16897]  ___sys_sendmsg+0x17b/0x1d0
[  358.319972][T16897]  __x64_sys_sendmsg+0xd4/0x160
[  358.320017][T16897]  x64_sys_call+0x2999/0x2fb0
[  358.320097][T16897]  do_syscall_64+0xd2/0x200
[  358.320115][T16897]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  358.320140][T16897]  ? clear_bhb_loop+0x40/0x90
[  358.320160][T16897]  ? clear_bhb_loop+0x40/0x90
[  358.320222][T16897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.320241][T16897] RIP: 0033:0x7ffa7ab3e929
[  358.320256][T16897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.320345][T16897] RSP: 002b:00007ffa791a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  358.320363][T16897] RAX: ffffffffffffffda RBX: 00007ffa7ad65fa0 RCX: 00007ffa7ab3e929
[  358.320381][T16897] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000008
[  358.320392][T16897] RBP: 00007ffa791a7090 R08: 0000000000000000 R09: 0000000000000000
[  358.320403][T16897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.320415][T16897] R13: 0000000000000000 R14: 00007ffa7ad65fa0 R15: 00007ffff6405888
[  358.320434][T16897]  </TASK>
[  358.320446][T16897] platform regulatory.0: _request_firmware_prepare: kmalloc(struct firmware) failed
[  358.349030][T16898] netlink: 2088 bytes leftover after parsing attributes in process `syz.3.4295'.
[  358.396525][T16901] loop4: detected capacity change from 0 to 1024
[  358.562720][T16905] netlink: 'syz.0.4298': attribute type 6 has an invalid length.
[  358.575260][T16901] EXT4-fs: Ignoring removed nobh option
[  358.612383][T16905] loop0: detected capacity change from 0 to 512
[  358.628775][T16901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.636711][T16905] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  358.671348][T16905] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4298: corrupted in-inode xattr: e_value out of bounds
[  358.671457][T16901] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4297'.
[  358.687921][T16905] EXT4-fs (loop0): Remounting filesystem read-only
[  358.703698][T16905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.748386][T16911] loop3: detected capacity change from 0 to 2048
[  358.772282][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.782748][T16913] loop5: detected capacity change from 0 to 2048
[  358.791867][T16911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.808487][T16913] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.947596][T16920] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4299: bg 0: block 345: padding at end of block bitmap is not set
[  358.977548][T16921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  358.986165][T16921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.130936][T16923] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4300: bg 0: block 345: padding at end of block bitmap is not set
[  359.172636][   T31] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 946 with error 117
[  359.185320][   T31] EXT4-fs (loop5): This should not happen!! Data will be lost
[  359.185320][   T31] 
[  359.258907][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.530755][T16931] netlink: 'syz.0.4303': attribute type 10 has an invalid length.
[  359.541551][T16931] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4303'.
[  359.612461][T16935] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  359.651119][T16935] loop0: detected capacity change from 0 to 764
[  359.665943][T16935] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  359.670566][T16910] syz.3.4299 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  359.685388][T16910] CPU: 0 UID: 0 PID: 16910 Comm: syz.3.4299 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  359.685421][T16910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  359.685434][T16910] Call Trace:
[  359.685441][T16910]  <TASK>
[  359.685450][T16910]  __dump_stack+0x1d/0x30
[  359.685505][T16910]  dump_stack_lvl+0xe8/0x140
[  359.685531][T16910]  dump_stack+0x15/0x1b
[  359.685549][T16910]  dump_header+0x81/0x220
[  359.685587][T16910]  oom_kill_process+0x334/0x3f0
[  359.685694][T16910]  out_of_memory+0x979/0xb80
[  359.685730][T16910]  try_charge_memcg+0x5e6/0x9e0
[  359.685760][T16910]  charge_memcg+0x51/0xc0
[  359.685802][T16910]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  359.685856][T16910]  __read_swap_cache_async+0x1df/0x350
[  359.685958][T16910]  swap_cluster_readahead+0x277/0x3e0
[  359.686000][T16910]  swapin_readahead+0xde/0x6f0
[  359.686042][T16910]  ? __filemap_get_folio+0x4f7/0x6b0
[  359.686178][T16910]  ? swap_cache_get_folio+0x77/0x200
[  359.686220][T16910]  do_swap_page+0x301/0x2430
[  359.686249][T16910]  ? css_rstat_updated+0xcd/0x5b0
[  359.686350][T16910]  ? __pfx_default_wake_function+0x10/0x10
[  359.686427][T16910]  handle_mm_fault+0x9a5/0x2be0
[  359.686455][T16910]  ? mas_walk+0xf2/0x120
[  359.686491][T16910]  do_user_addr_fault+0x636/0x1090
[  359.686603][T16910]  ? fpregs_restore_userregs+0xe2/0x1d0
[  359.686698][T16910]  ? switch_fpu_return+0xe/0x20
[  359.686783][T16910]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  359.686818][T16910]  exc_page_fault+0x62/0xa0
[  359.686891][T16910]  asm_exc_page_fault+0x26/0x30
[  359.686913][T16910] RIP: 0033:0x7f482595538c
[  359.686930][T16910] Code: 66 0f 1f 44 00 00 69 3d 26 03 e8 00 e8 03 00 00 48 8d 1d 27 0c 35 00 e8 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[  359.686955][T16910] RSP: 002b:00007ffd9f1150b0 EFLAGS: 00010202
[  359.686975][T16910] RAX: 0000000000000000 RBX: 00007f4825ca5fa0 RCX: 0000000000000000
[  359.687025][T16910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557398b808
[  359.687042][T16910] RBP: 00007f4825ca7ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  359.687118][T16910] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000057c77
[  359.687133][T16910] R13: 00007f4825ca6080 R14: ffffffffffffffff R15: 00007ffd9f1151c0
[  359.687154][T16910]  </TASK>
[  359.915681][T16910] memory: usage 307200kB, limit 307200kB, failcnt 2418
[  359.922701][T16910] memory+swap: usage 308412kB, limit 9007199254740988kB, failcnt 0
[  359.930906][T16910] kmem: usage 307088kB, limit 9007199254740988kB, failcnt 0
[  359.938251][T16910] Memory cgroup stats for /syz3:
[  359.938433][T16910] cache 12288
[  359.946734][T16910] rss 4096
[  359.949844][T16910] shmem 0
[  359.952787][T16910] mapped_file 0
[  359.956248][T16910] dirty 0
[  359.959324][T16910] writeback 8192
[  359.963037][T16910] workingset_refault_anon 2329
[  359.967952][T16910] workingset_refault_file 4820
[  359.972735][T16910] swap 1241088
[  359.976194][T16910] swapcached 32768
[  359.980025][T16910] pgpgin 327303
[  359.983687][T16910] pgpgout 327275
[  359.987487][T16910] pgfault 342678
[  359.991043][T16910] pgmajfault 1376
[  359.994693][T16910] inactive_anon 32768
[  359.998800][T16910] active_anon 0
[  360.002416][T16910] inactive_file 81920
[  360.006427][T16910] active_file 0
[  360.010080][T16910] unevictable 0
[  360.013566][T16910] hierarchical_memory_limit 314572800
[  360.019009][T16910] hierarchical_memsw_limit 9223372036854771712
[  360.025173][T16910] total_cache 12288
[  360.029018][T16910] total_rss 4096
[  360.032730][T16910] total_shmem 0
[  360.036205][T16910] total_mapped_file 0
[  360.040238][T16910] total_dirty 0
[  360.043730][T16910] total_writeback 8192
[  360.047951][T16910] total_workingset_refault_anon 2329
[  360.053367][T16910] total_workingset_refault_file 4820
[  360.058839][T16910] total_swap 1241088
[  360.062750][T16910] total_swapcached 32768
[  360.067025][T16910] total_pgpgin 327303
[  360.071015][T16910] total_pgpgout 327275
[  360.075184][T16910] total_pgfault 342678
[  360.079311][T16910] total_pgmajfault 1376
[  360.083654][T16910] total_inactive_anon 32768
[  360.088242][T16910] total_active_anon 0
[  360.092247][T16910] total_inactive_file 81920
[  360.096787][T16910] total_active_file 0
[  360.100829][T16910] total_unevictable 0
[  360.104926][T16910] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.4299,pid=16910,uid=0
[  360.119660][T16910] Memory cgroup out of memory: Killed process 16910 (syz.3.4299) total-vm:93884kB, anon-rss:1064kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  360.205657][T16937] loop0: detected capacity change from 0 to 2048
[  360.219412][T16937] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.329220][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.351832][T13721] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.432152][   T12] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set
[  360.433437][T16941] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4306: bg 0: block 345: padding at end of block bitmap is not set
[  360.448238][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1015 with error 117
[  360.475396][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  360.475396][   T12] 
[  360.906418][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1031 with max blocks 1 with error 28
[  360.919283][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  360.919283][   T12] 
[  360.929105][   T12] EXT4-fs (loop0): Total free blocks count 0
[  360.935110][   T12] EXT4-fs (loop0): Free/Dirty block details
[  360.941076][   T12] EXT4-fs (loop0): free_blocks=0
[  360.946111][   T12] EXT4-fs (loop0): dirty_blocks=16
[  360.948366][T16937] syz.0.4306 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  360.951283][   T12] EXT4-fs (loop0): Block reservation details
[  360.965480][T16937] CPU: 0 UID: 0 PID: 16937 Comm: syz.0.4306 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  360.965525][T16937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.965572][T16937] Call Trace:
[  360.965583][T16937]  <TASK>
[  360.965625][T16937]  __dump_stack+0x1d/0x30
[  360.965657][T16937]  dump_stack_lvl+0xe8/0x140
[  360.965685][T16937]  dump_stack+0x15/0x1b
[  360.965737][T16937]  dump_header+0x81/0x220
[  360.965784][T16937]  oom_kill_process+0x334/0x3f0
[  360.965831][T16937]  out_of_memory+0x979/0xb80
[  360.965935][T16937]  try_charge_memcg+0x5e6/0x9e0
[  360.965977][T16937]  obj_cgroup_charge_pages+0xa6/0x150
[  360.966021][T16937]  __memcg_kmem_charge_page+0x9f/0x170
[  360.966122][T16937]  __alloc_frozen_pages_noprof+0x188/0x360
[  360.966199][T16937]  alloc_pages_mpol+0xb3/0x250
[  360.966246][T16937]  alloc_pages_noprof+0x90/0x130
[  360.966292][T16937]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  360.966415][T16937]  __kvmalloc_node_noprof+0x30f/0x4e0
[  360.966468][T16937]  ? ip_set_alloc+0x1f/0x30
[  360.966510][T16937]  ? ip_set_alloc+0x1f/0x30
[  360.966569][T16937]  ? __kmalloc_cache_noprof+0x189/0x320
[  360.966617][T16937]  ip_set_alloc+0x1f/0x30
[  360.966659][T16937]  hash_netiface_create+0x282/0x740
[  360.966715][T16937]  ? __pfx_hash_netiface_create+0x10/0x10
[  360.966762][T16937]  ip_set_create+0x3cc/0x960
[  360.966885][T16937]  nfnetlink_rcv_msg+0x4c3/0x590
[  360.966920][T16937]  ? put_dec+0xd3/0xe0
[  360.966980][T16937]  ? selinux_capable+0x1f9/0x270
[  360.967078][T16937]  netlink_rcv_skb+0x123/0x220
[  360.967190][T16937]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  360.967235][T16937]  nfnetlink_rcv+0x16b/0x1690
[  360.967320][T16937]  ? __kfree_skb+0x109/0x150
[  360.967363][T16937]  ? nlmon_xmit+0x4f/0x60
[  360.967393][T16937]  ? consume_skb+0x49/0x150
[  360.967464][T16937]  ? nlmon_xmit+0x4f/0x60
[  360.967494][T16937]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  360.967580][T16937]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  360.967627][T16937]  ? __dev_queue_xmit+0x182/0x1fb0
[  360.967748][T16937]  ? ref_tracker_free+0x37d/0x3e0
[  360.967841][T16937]  ? __netlink_deliver_tap+0x4dc/0x500
[  360.967896][T16937]  netlink_unicast+0x59e/0x670
[  360.967944][T16937]  netlink_sendmsg+0x58b/0x6b0
[  360.967975][T16937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.968072][T16937]  __sock_sendmsg+0x142/0x180
[  360.968109][T16937]  ____sys_sendmsg+0x31e/0x4e0
[  360.968196][T16937]  ___sys_sendmsg+0x17b/0x1d0
[  360.968276][T16937]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  360.968332][T16937]  __x64_sys_sendmsg+0xd4/0x160
[  360.968388][T16937]  x64_sys_call+0x2999/0x2fb0
[  360.968499][T16937]  do_syscall_64+0xd2/0x200
[  360.968561][T16937]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  360.968600][T16937]  ? clear_bhb_loop+0x40/0x90
[  360.968633][T16937]  ? clear_bhb_loop+0x40/0x90
[  360.968664][T16937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.968721][T16937] RIP: 0033:0x7ffa7ab3e929
[  360.968744][T16937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.968886][T16937] RSP: 002b:00007ffa791a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.968967][T16937] RAX: ffffffffffffffda RBX: 00007ffa7ad65fa0 RCX: 00007ffa7ab3e929
[  360.968986][T16937] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004
[  360.969006][T16937] RBP: 00007ffa7abc0b39 R08: 0000000000000000 R09: 0000000000000000
[  360.969024][T16937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.969043][T16937] R13: 0000000000000000 R14: 00007ffa7ad65fa0 R15: 00007ffff6405888
[  360.969089][T16937]  </TASK>
[  360.969129][T16937] memory: usage 307200kB, limit 307200kB, failcnt 3537
[  361.336313][T16937] memory+swap: usage 308420kB, limit 9007199254740988kB, failcnt 0
[  361.344866][T16937] kmem: usage 307112kB, limit 9007199254740988kB, failcnt 0
[  361.352207][T16937] Memory cgroup stats for /syz0:
[  361.361303][T16937] cache 28672
[  361.370051][T16937] rss 0
[  361.373001][T16937] shmem 0
[  361.376051][T16937] mapped_file 4096
[  361.379931][T16937] dirty 0
[  361.382884][T16937] writeback 0
[  361.386177][T16937] workingset_refault_anon 2293
[  361.391029][T16937] workingset_refault_file 13280
[  361.395995][T16937] swap 1269760
[  361.399454][T16937] swapcached 12288
[  361.403390][T16937] pgpgin 398069
[  361.406946][T16937] pgpgout 398052
[  361.410601][T16937] pgfault 340936
[  361.414239][T16937] pgmajfault 1240
[  361.417968][T16937] inactive_anon 4096
[  361.421899][T16937] active_anon 4096
[  361.425646][T16937] inactive_file 0
[  361.429365][T16937] active_file 57344
[  361.433289][T16937] unevictable 0
[  361.436904][T16937] hierarchical_memory_limit 314572800
[  361.442752][T16937] hierarchical_memsw_limit 9223372036854771712
[  361.449443][T16937] total_cache 28672
[  361.453559][T16937] total_rss 0
[  361.456944][T16937] total_shmem 0
[  361.460580][T16937] total_mapped_file 4096
[  361.465026][T16937] total_dirty 0
[  361.468654][T16937] total_writeback 0
[  361.472800][T16937] total_workingset_refault_anon 2293
[  361.478159][T16937] total_workingset_refault_file 13280
[  361.483693][T16937] total_swap 1269760
[  361.487885][T16937] total_swapcached 12288
[  361.492225][T16937] total_pgpgin 398069
[  361.496336][T16937] total_pgpgout 398052
[  361.500522][T16937] total_pgfault 340936
[  361.504989][T16937] total_pgmajfault 1240
[  361.509276][T16937] total_inactive_anon 4096
[  361.513773][T16937] total_active_anon 4096
[  361.518066][T16937] total_inactive_file 0
[  361.522370][T16937] total_active_file 57344
[  361.526784][T16937] total_unevictable 0
[  361.530902][T16937] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4306,pid=16936,uid=0
[  361.546155][T16937] Memory cgroup out of memory: Killed process 16936 (syz.0.4306) total-vm:98120kB, anon-rss:1064kB, file-rss:26404kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  364.471715][   T29] kauditd_printk_skb: 1000 callbacks suppressed
[  364.471736][   T29] audit: type=1326 audit(364.445:28077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.1.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.474239][T16946] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  364.478736][   T29] audit: type=1326 audit(364.445:28078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.1.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.514276][T16946] loop1: detected capacity change from 0 to 764
[  364.533187][   T29] audit: type=1326 audit(364.445:28079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.1.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.563274][   T29] audit: type=1326 audit(364.445:28080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.1.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.586601][   T29] audit: type=1326 audit(364.445:28081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.1.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.609589][   T29] audit: type=1326 audit(364.445:28082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.632201][   T29] audit: type=1326 audit(364.445:28083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.632248][   T29] audit: type=1326 audit(364.445:28084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.677305][   T29] audit: type=1326 audit(364.445:28085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.679356][T16946] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  364.700098][   T29] audit: type=1326 audit(364.445:28086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  364.731697][T16951] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4311'.
[  364.752024][T16951] siw: device registration error -23
[  364.761569][T16949] loop5: detected capacity change from 0 to 764
[  364.782095][T16949] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  364.853489][T16960] loop0: detected capacity change from 0 to 512
[  364.863896][T16960] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  364.952360][T16960] EXT4-fs (loop0): 1 truncate cleaned up
[  364.959748][T16960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.984694][T16960] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  364.995570][T16969] netlink: 'syz.3.4317': attribute type 10 has an invalid length.
[  365.005516][T16960] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.008140][T16970] xt_hashlimit: size too large, truncated to 1048576
[  365.015810][T16969] veth0_vlan: entered allmulticast mode
[  365.066259][T16969] veth0_vlan: left promiscuous mode
[  365.119588][T16969] veth0_vlan: entered promiscuous mode
[  365.120036][T16974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  365.132696][T16975] xt_hashlimit: size too large, truncated to 1048576
[  365.141338][T16974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.153837][T16969] team0: Device veth0_vlan failed to register rx_handler
[  365.161782][T16971] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  365.351611][T16983] futex_wake_op: syz.3.4320 tries to shift op by -1; fix this program
[  365.581356][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.649272][T16986] lo speed is unknown, defaulting to 1000
[  365.650732][T16994] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4325'.
[  365.686169][T16996] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  365.709991][T16986] sd 0:0:1:0: device reset
[  365.714846][T16996] loop5: detected capacity change from 0 to 764
[  365.722819][T16996] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  365.956557][T17006] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  365.970773][T17006] loop0: detected capacity change from 0 to 764
[  365.978617][T17006] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  366.047407][T17007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  366.057621][T17007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  366.627798][T17021] xt_hashlimit: size too large, truncated to 1048576
[  367.004737][T17026] loop3: detected capacity change from 0 to 2048
[  367.029259][T17026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.132236][T17030] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4336: bg 0: block 345: padding at end of block bitmap is not set
[  367.177177][ T3698] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1188 with error 117
[  367.190034][ T3698] EXT4-fs (loop3): This should not happen!! Data will be lost
[  367.190034][ T3698] 
[  367.257987][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.344641][T17041] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4341'.
[  367.357738][T17041] siw: device registration error -23
[  367.405656][T17045] xt_hashlimit: size too large, truncated to 1048576
[  367.725353][T17058] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4347'.
[  367.737907][T17058] siw: device registration error -23
[  367.754335][T17060] loop3: detected capacity change from 0 to 2048
[  367.768275][T17060] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.835749][T17066] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4350'.
[  367.850738][T17066] loop0: detected capacity change from 0 to 1024
[  367.880787][T17067] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4348: bg 0: block 345: padding at end of block bitmap is not set
[  367.898351][T17066] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  367.915295][T17066] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  367.926398][T17066] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  367.936461][T17066] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  367.941966][ T3731] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 964 with error 117
[  367.951079][T17066] EXT4-fs error (device loop0): ext4_get_journal_inode:5796: inode #17: comm syz.0.4350: iget: bad i_size value: 4398046511204
[  367.959379][ T3731] EXT4-fs (loop3): This should not happen!! Data will be lost
[  367.959379][ T3731] 
[  367.975552][T17070] xt_hashlimit: size too large, truncated to 1048576
[  367.989905][T17066] EXT4-fs (loop0): no journal found
[  368.023048][T17072] netlink: 'syz.0.4352': attribute type 10 has an invalid length.
[  368.034969][T17072] veth0_vlan: left promiscuous mode
[  368.041368][T17072] veth0_vlan: entered promiscuous mode
[  368.048465][T17072] team0: Device veth0_vlan failed to register rx_handler
[  368.090745][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.124364][T17077] futex_wake_op: syz.0.4354 tries to shift op by -1; fix this program
[  368.151202][T17079] loop3: detected capacity change from 0 to 512
[  368.158792][T17079] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  368.190304][T17079] EXT4-fs (loop3): 1 truncate cleaned up
[  368.191720][T17083] netlink: 'syz.1.4356': attribute type 10 has an invalid length.
[  368.196656][T17079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.215265][T17083] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4356'.
[  368.232315][T17079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.240962][T17079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.297538][T17088] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  368.313045][T17088] loop1: detected capacity change from 0 to 764
[  368.320963][T17088] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  368.347793][T17086] lo speed is unknown, defaulting to 1000
[  368.374477][T17086] sd 0:0:1:0: device reset
[  368.594568][T17102] loop1: detected capacity change from 0 to 764
[  368.602378][T17102] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  368.710162][T17105] loop1: detected capacity change from 0 to 764
[  368.718051][T17105] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  368.766739][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.787134][T17107] xt_hashlimit: size too large, truncated to 1048576
[  369.020158][T17111] loop1: detected capacity change from 0 to 2048
[  369.057661][T17111] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.163782][T17127] loop3: detected capacity change from 0 to 512
[  369.175717][T17128] siw: device registration error -23
[  369.202834][ T3716] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:14: bg 0: block 345: padding at end of block bitmap is not set
[  369.225024][T17130] loop0: detected capacity change from 0 to 764
[  369.232190][T17127] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  369.251877][T17127] EXT4-fs: error: could not find journal device path
[  369.274009][T17130] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  369.282283][ T3716] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 159 with error 117
[  369.294909][ T3716] EXT4-fs (loop1): This should not happen!! Data will be lost
[  369.294909][ T3716] 
[  369.437816][T17142] loop0: detected capacity change from 0 to 512
[  369.456501][T17142] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  369.702999][T17148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  369.713206][T17148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  369.908521][T17142] EXT4-fs (loop0): orphan cleanup on readonly fs
[  369.928073][T17151] futex_wake_op: syz.5.4379 tries to shift op by -1; fix this program
[  369.937285][T17142] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.4378: Block bitmap for bg 0 marked uninitialized
[  369.952543][T17142] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  369.962378][T17142] EXT4-fs (loop0): 1 orphan inode deleted
[  369.971406][T17142] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  369.973226][T17152] __nla_validate_parse: 4 callbacks suppressed
[  369.973247][T17152] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  369.981679][T17142] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  370.010792][T17142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4378'.
[  370.022543][T17142] program syz.0.4378 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  370.033405][T17142] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.4378: Block bitmap for bg 0 marked uninitialized
[  370.049310][T17152] loop4: detected capacity change from 0 to 764
[  370.056588][T17152] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  370.173037][   T29] kauditd_printk_skb: 650 callbacks suppressed
[  370.173055][   T29] audit: type=1326 audit(370.145:28737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.214715][T17156] lo speed is unknown, defaulting to 1000
[  370.226061][   T29] audit: type=1326 audit(370.175:28738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.249456][   T29] audit: type=1326 audit(370.175:28739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.256785][T17160] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  370.272656][   T29] audit: type=1326 audit(370.175:28740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.287728][T17156] sd 0:0:1:0: device reset
[  370.304064][   T29] audit: type=1326 audit(370.195:28741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="syz.4.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.304116][   T29] audit: type=1326 audit(370.195:28742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.354645][   T29] audit: type=1326 audit(370.195:28743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.377557][   T29] audit: type=1326 audit(370.225:28744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.400262][   T29] audit: type=1326 audit(370.225:28745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.422942][   T29] audit: type=1326 audit(370.225:28746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17159 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  370.517171][T17163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.528712][T17163] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.545413][T17163] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  371.267331][T17170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  371.277599][T17170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  371.501164][T17173] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4386'.
[  371.513073][T17173] siw: device registration error -23
[  371.552230][T17175] ALSA: seq fatal error: cannot create timer (-19)
[  371.676653][T17179] loop0: detected capacity change from 0 to 764
[  371.684530][T17179] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  371.787434][T17183] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4390'.
[  371.804267][T17183] loop5: detected capacity change from 0 to 1024
[  371.812400][T17183] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  371.821447][T17183] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  371.832597][T17183] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  371.835279][T17185] loop0: detected capacity change from 0 to 2048
[  371.846589][T17183] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  371.860258][T17183] EXT4-fs error (device loop5): ext4_get_journal_inode:5796: inode #17: comm syz.5.4390: iget: bad i_size value: 4398046511204
[  371.873855][T17183] EXT4-fs (loop5): no journal found
[  371.889946][T17185] EXT4-fs mount: 3 callbacks suppressed
[  371.889962][T17185] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.118886][T17191] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4391: bg 0: block 345: padding at end of block bitmap is not set
[  372.154185][T17195] loop5: detected capacity change from 0 to 512
[  372.165125][T17195] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  372.180721][T17195] EXT4-fs (loop5): orphan cleanup on readonly fs
[  372.189090][T17195] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.4394: Block bitmap for bg 0 marked uninitialized
[  372.205571][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 551 with error 117
[  372.218348][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  372.218348][   T12] 
[  372.388040][T17195] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  372.399916][T17195] EXT4-fs (loop5): 1 orphan inode deleted
[  372.420296][T17195] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  372.440296][T17199] xt_hashlimit: size too large, truncated to 1048576
[  372.537311][T17195] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  372.547750][T17195] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  372.607594][T17195] program syz.5.4394 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  372.914840][T17205] futex_wake_op: syz.3.4396 tries to shift op by -1; fix this program
[  372.991009][T13721] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.223534][T17205] lo speed is unknown, defaulting to 1000
[  373.242508][T17213] xt_hashlimit: size too large, truncated to 1048576
[  373.287358][T17214] sd 0:0:1:0: device reset
[  373.360132][T17185] syz.0.4391 (17185) used greatest stack depth: 5880 bytes left
[  373.386534][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.499319][T17221] loop1: detected capacity change from 0 to 256
[  373.524075][T17221] vfat: Unknown parameter 'xœìÝOhÕ'
[  373.740572][T17231] netlink: 'syz.0.4405': attribute type 10 has an invalid length.
[  373.803868][T17231] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4405'.
[  373.890583][T17237] loop4: detected capacity change from 0 to 512
[  373.906786][T17237] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  373.912840][T17241] loop3: detected capacity change from 0 to 512
[  373.926214][T17237] EXT4-fs: error: could not find journal device path
[  373.932997][T17239] loop0: detected capacity change from 0 to 2048
[  373.969947][T17241] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  373.981933][T17241] EXT4-fs (loop3): orphan cleanup on readonly fs
[  373.990637][T17241] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4408: Block bitmap for bg 0 marked uninitialized
[  374.005216][T17241] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  374.016495][T17241] EXT4-fs (loop3): 1 orphan inode deleted
[  374.023504][T17241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  374.039589][T17241] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  374.039692][T17243] loop5: detected capacity change from 0 to 512
[  374.057657][T17241] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  374.082967][T17239] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.093995][T17252] xt_hashlimit: size too large, truncated to 1048576
[  374.104979][T17250] futex_wake_op: syz.4.4413 tries to shift op by -1; fix this program
[  374.158857][T17241] program syz.3.4408 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  374.176339][T17243] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  374.208837][T17254] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4409: bg 0: block 345: padding at end of block bitmap is not set
[  374.228578][T17243] EXT4-fs (loop5): 1 truncate cleaned up
[  374.235976][T17243] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.290970][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 735 with error 117
[  374.303701][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  374.303701][   T12] 
[  374.379149][T17243] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  374.438252][   T31] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 751 with max blocks 1 with error 28
[  374.446939][T17243] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  374.451251][   T31] EXT4-fs (loop0): This should not happen!! Data will be lost
[  374.451251][   T31] 
[  374.469458][   T31] EXT4-fs (loop0): Total free blocks count 0
[  374.475578][   T31] EXT4-fs (loop0): Free/Dirty block details
[  374.481687][   T31] EXT4-fs (loop0): free_blocks=0
[  374.486824][   T31] EXT4-fs (loop0): dirty_blocks=16
[  374.492033][   T31] EXT4-fs (loop0): Block reservation details
[  374.600646][T17266] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4417'.
[  374.639599][T17268] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  374.656599][T17268] loop0: detected capacity change from 0 to 764
[  374.665910][T17268] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  374.684030][T17250] lo speed is unknown, defaulting to 1000
[  374.703778][T17271] sd 0:0:1:0: device reset
[  374.733973][T17273] netlink: 'syz.1.4420': attribute type 10 has an invalid length.
[  374.754394][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.778037][T17273] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4420'.
[  374.809223][T17277] netlink: 'syz.3.4422': attribute type 10 has an invalid length.
[  374.819630][T17277] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4422'.
[  374.845541][T17279] loop1: detected capacity change from 0 to 256
[  374.873217][T17279] vfat: Unknown parameter 'xœìÝOhÕ'
[  374.878986][T17281] loop0: detected capacity change from 0 to 512
[  374.896877][T17281] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  374.916508][T17281] EXT4-fs: error: could not find journal device path
[  375.028434][T17283] SELinux: syz.3.4425 (17283) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  375.055006][T13721] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.069554][T17285] xt_hashlimit: size too large, truncated to 1048576
[  375.071763][T17287] loop4: detected capacity change from 0 to 512
[  375.094598][T17287] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  375.122601][T17287] EXT4-fs (loop4): 1 truncate cleaned up
[  375.130134][T17287] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.143833][T17287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.154071][T17287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.176036][T17291] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4428'.
[  375.242438][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  375.242529][   T29] audit: type=1326 audit(375.215:29006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17278 comm="syz.1.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  375.272104][   T29] audit: type=1326 audit(375.215:29007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17278 comm="syz.1.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1152ce929 code=0x7ffc0000
[  375.295424][T17294] loop5: detected capacity change from 0 to 2048
[  375.329081][T17294] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.437563][T17303] loop1: detected capacity change from 0 to 512
[  375.476015][T17303] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  375.508041][T17303] EXT4-fs (loop1): orphan cleanup on readonly fs
[  375.528626][T17303] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4432: Block bitmap for bg 0 marked uninitialized
[  375.578498][T17303] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  375.596127][T17310] netlink: 'syz.0.4434': attribute type 10 has an invalid length.
[  375.624819][T17303] EXT4-fs (loop1): 1 orphan inode deleted
[  375.633782][T17310] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4434'.
[  375.646694][T17303] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  375.693977][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.704540][ T3731] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:16: bg 0: block 345: padding at end of block bitmap is not set
[  375.723860][ T3731] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 380 with error 117
[  375.724665][   T29] audit: type=1107 audit(375.695:29008): pid=17298 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  375.736769][ T3731] EXT4-fs (loop5): This should not happen!! Data will be lost
[  375.736769][ T3731] 
[  375.760256][T17303] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  375.773524][T17303] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  375.784325][T17313] program syz.1.4432 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  375.805799][   T29] audit: type=1326 audit(375.775:29009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  375.829032][   T29] audit: type=1326 audit(375.775:29010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  375.981976][   T29] audit: type=1326 audit(375.835:29011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  376.005705][   T29] audit: type=1326 audit(375.835:29012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff1316ee963 code=0x7ffc0000
[  376.028824][   T29] audit: type=1326 audit(375.835:29013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff1316ee963 code=0x7ffc0000
[  376.051966][   T29] audit: type=1326 audit(375.835:29014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  376.075130][   T29] audit: type=1326 audit(375.835:29015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17314 comm="syz.4.4435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1316ee929 code=0x7ffc0000
[  376.148178][T17317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  376.157690][T17317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.343160][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.365685][T17326] loop4: detected capacity change from 0 to 1024
[  376.386944][T17328] xt_hashlimit: size too large, truncated to 1048576
[  376.395167][T17326] EXT4-fs: Ignoring removed nobh option
[  376.493395][T17326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.553535][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.568749][T17335] loop1: detected capacity change from 0 to 256
[  376.578057][T13721] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.586951][T17335] vfat: Unknown parameter 'xœìÝOhÕ'
[  376.619785][T17339] netlink: '+}[@': attribute type 27 has an invalid length.
[  376.665260][T17343] loop4: detected capacity change from 0 to 512
[  376.686595][T17343] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  376.702165][T17343] EXT4-fs (loop4): 1 truncate cleaned up
[  376.708692][T17343] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.720329][T17349] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  376.739743][T17343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  376.765296][T17343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.791122][T17349] loop3: detected capacity change from 0 to 764
[  376.814369][T17349] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  376.912890][T17359] loop3: detected capacity change from 0 to 512
[  376.945211][T17359] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  376.988275][T17359] EXT4-fs (loop3): orphan cleanup on readonly fs
[  376.995657][T17359] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4451: Block bitmap for bg 0 marked uninitialized
[  377.011172][T17359] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  377.020552][T17359] EXT4-fs (loop3): 1 orphan inode deleted
[  377.030533][T17359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  377.044349][T17359] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  377.055423][T17359] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  377.070006][T17359] program syz.3.4451 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  377.428287][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.682485][T17371] loop5: detected capacity change from 0 to 1024
[  377.718848][T17371] EXT4-fs: Ignoring removed nobh option
[  377.739388][T17371] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.756312][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.768188][T17373] xt_hashlimit: size too large, truncated to 1048576
[  377.917818][T17377] loop3: detected capacity change from 0 to 2048
[  377.935728][T13721] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.988976][T17377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.018390][T17384] netlink: 'syz.5.4457': attribute type 10 has an invalid length.
[  378.079858][T17384] veth0_vlan: left promiscuous mode
[  378.085718][T17384] veth0_vlan: entered promiscuous mode
[  378.100485][T17387] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57307 sclass=netlink_route_socket pid=17387 comm=syz.4.4459
[  378.139532][T17384] team0: Device veth0_vlan failed to register rx_handler
[  378.335999][T17396] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4456: bg 0: block 345: padding at end of block bitmap is not set
[  378.451805][T17401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  378.460523][T17401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.664154][ T3698] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 470 with error 117
[  378.677035][ T3698] EXT4-fs (loop3): This should not happen!! Data will be lost
[  378.677035][ T3698] 
[  378.694534][T17407] loop1: detected capacity change from 0 to 512
[  378.703113][T17407] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  378.719291][T17407] EXT4-fs (loop1): orphan cleanup on readonly fs
[  378.728741][T17407] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4466: Block bitmap for bg 0 marked uninitialized
[  378.753227][T17407] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  378.763021][T17407] EXT4-fs (loop1): 1 orphan inode deleted
[  378.772598][T17407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  378.791394][T17407] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  378.801908][T17407] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  378.818965][T17407] program syz.1.4466 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  378.830413][T17407] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4466: Block bitmap for bg 0 marked uninitialized
[  378.858613][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.960472][T17412] loop1: detected capacity change from 0 to 1024
[  378.976722][T17412] EXT4-fs: Ignoring removed nobh option
[  379.009789][T17412] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.044969][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.088725][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.151842][T17428] netlink: 'syz.3.4473': attribute type 4 has an invalid length.
[  379.174306][T17428] loop3: detected capacity change from 0 to 512
[  379.189279][T17428] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  379.212191][T17428] EXT4-fs (loop3): 1 truncate cleaned up
[  379.219577][T17428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.234554][T17428] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.350995][T17436] loop3: detected capacity change from 0 to 512
[  379.360647][T17436] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  379.382082][T17437] netlink: 'syz.4.4476': attribute type 6 has an invalid length.
[  379.397946][T17436] EXT4-fs (loop3): orphan cleanup on readonly fs
[  379.415252][T17436] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4477: Block bitmap for bg 0 marked uninitialized
[  379.431230][T17437] loop4: detected capacity change from 0 to 512
[  379.446307][T17436] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  379.454175][T17437] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  379.471607][T17436] EXT4-fs (loop3): 1 orphan inode deleted
[  379.494559][T17436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  379.523683][T17441] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  379.540495][T17441] loop1: detected capacity change from 0 to 764
[  379.549999][T17441] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  379.558521][T17436] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  379.558683][T17437] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.4476: corrupted in-inode xattr: e_value out of bounds
[  379.585168][T17436] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  379.607035][T17436] program syz.3.4477 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  379.623650][T17436] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4477: Block bitmap for bg 0 marked uninitialized
[  379.636010][T17437] EXT4-fs (loop4): Remounting filesystem read-only
[  379.644799][T17437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.698733][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.724407][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.797022][T17448] loop3: detected capacity change from 0 to 2048
[  379.812037][T17452] netlink: 'syz.1.4482': attribute type 4 has an invalid length.
[  379.829510][T17451] loop4: detected capacity change from 0 to 1024
[  379.839673][ T1035] lo speed is unknown, defaulting to 1000
[  379.845708][ T1035] swz0: Port: 1 Link DOWN
[  379.854717][T17452] loop1: detected capacity change from 0 to 512
[  379.856294][T17451] EXT4-fs: Ignoring removed nobh option
[  379.867293][T17452] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  379.879238][T17452] EXT4-fs (loop1): 1 truncate cleaned up
[  379.885723][T17452] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.888018][T17448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.899300][T17452] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.920983][T17456] loop0: detected capacity change from 0 to 2048
[  379.930369][T17451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.973411][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.033378][ T3731] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:16: bg 0: block 345: padding at end of block bitmap is not set
[  380.054653][T17456] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.070374][ T3731] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 276 with error 117
[  380.083017][ T3731] EXT4-fs (loop3): This should not happen!! Data will be lost
[  380.083017][ T3731] 
[  380.187694][ T3716] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 292 with max blocks 2 with error 117
[  380.200314][ T3716] EXT4-fs (loop3): This should not happen!! Data will be lost
[  380.200314][ T3716] 
[  380.294440][T17472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  380.304146][T17472] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  380.547431][T17471] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4484: bg 0: block 345: padding at end of block bitmap is not set
[  380.764315][ T3716] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  380.777491][ T3716] EXT4-fs (loop0): This should not happen!! Data will be lost
[  380.777491][ T3716] 
[  380.921054][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.959724][ T3716] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 205 with error 28
[  380.972565][ T3716] EXT4-fs (loop0): This should not happen!! Data will be lost
[  380.972565][ T3716] 
[  380.982655][ T3716] EXT4-fs (loop0): Total free blocks count 0
[  380.989035][ T3716] EXT4-fs (loop0): Free/Dirty block details
[  380.995287][ T3716] EXT4-fs (loop0): free_blocks=0
[  381.000377][ T3716] EXT4-fs (loop0): dirty_blocks=208
[  381.005985][ T3716] EXT4-fs (loop0): Block reservation details
[  381.029659][   T29] kauditd_printk_skb: 197 callbacks suppressed
[  381.029679][   T29] audit: type=1326 audit(381.006:29213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="syz.3.4489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.059755][   T29] audit: type=1326 audit(381.006:29214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="syz.3.4489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.083713][   T29] audit: type=1326 audit(381.006:29215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="syz.3.4489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.102601][T17481] loop1: detected capacity change from 0 to 512
[  381.106908][   T29] audit: type=1326 audit(381.006:29216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="syz.3.4489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.122035][T17479] loop3: detected capacity change from 0 to 764
[  381.139290][T17481] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  381.144616][   T29] audit: type=1326 audit(381.086:29217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="syz.3.4489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.176203][   T29] audit: type=1326 audit(381.086:29218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.176242][   T29] audit: type=1326 audit(381.086:29219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.176329][   T29] audit: type=1326 audit(381.086:29220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.222912][T17479] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  381.243800][   T29] audit: type=1326 audit(381.086:29221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.243837][   T29] audit: type=1326 audit(381.086:29222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17478 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4825a7e929 code=0x7ffc0000
[  381.247122][T17481] EXT4-fs (loop1): orphan cleanup on readonly fs
[  381.326948][T17481] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4490: Block bitmap for bg 0 marked uninitialized
[  381.363162][T17481] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  381.375880][T17481] EXT4-fs (loop1): 1 orphan inode deleted
[  381.387242][T17481] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  381.409168][T17481] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  381.409976][T17488] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  381.442448][T17488] loop5: detected capacity change from 0 to 764
[  381.450092][T17481] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  381.461405][T17488] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  381.466645][T17481] program syz.1.4490 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  381.482550][T17481] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4490: Block bitmap for bg 0 marked uninitialized
[  381.519448][T12143] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.539989][T17494] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4494'.
[  381.554948][T17494] loop1: detected capacity change from 0 to 1024
[  381.570957][T17494] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  381.576537][T17496] netlink: 'syz.0.4495': attribute type 10 has an invalid length.
[  381.589277][T17496] veth0_vlan: left promiscuous mode
[  381.590531][T17494] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  381.597644][T17496] veth0_vlan: entered promiscuous mode
[  381.605676][T17494] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  381.613877][T17496] team0: Device veth0_vlan failed to register rx_handler
[  381.628298][T17494] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  381.640430][T17494] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: inode #17: comm syz.1.4494: iget: bad i_size value: 4398046511204
[  381.651298][T17498] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  381.657120][T17494] EXT4-fs (loop1): no journal found
[  381.670781][T17500] loop5: detected capacity change from 0 to 764
[  381.678722][T17500] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  381.703591][T17498] loop3: detected capacity change from 0 to 764
[  381.712498][T17498] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  381.720938][T17504] loop0: detected capacity change from 0 to 2048
[  381.738693][T17505] loop1: detected capacity change from 0 to 2048
[  381.758686][T17505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.772635][T17504] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.818373][T17513] loop3: detected capacity change from 0 to 2048
[  381.962564][T17513] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.964950][T17517] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4498: bg 0: block 345: padding at end of block bitmap is not set
[  382.045665][T17522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  382.054421][T17522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  382.185158][T17526] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4501: bg 0: block 345: padding at end of block bitmap is not set
[  382.257790][T17524] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4499: bg 0: block 345: padding at end of block bitmap is not set
[  382.283527][ T3716] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 609 with error 117
[  382.296279][ T3716] EXT4-fs (loop3): This should not happen!! Data will be lost
[  382.296279][ T3716] 
[  382.338567][ T3698] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 746 with error 117
[  382.351383][ T3698] EXT4-fs (loop1): This should not happen!! Data will be lost
[  382.351383][ T3698] 
[  382.384140][ T3716] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 625 with max blocks 1 with error 28
[  382.396681][ T3716] EXT4-fs (loop3): This should not happen!! Data will be lost
[  382.396681][ T3716] 
[  382.406446][ T3716] EXT4-fs (loop3): Total free blocks count 0
[  382.412589][ T3716] EXT4-fs (loop3): Free/Dirty block details
[  382.418556][ T3716] EXT4-fs (loop3): free_blocks=0
[  382.423706][ T3716] EXT4-fs (loop3): dirty_blocks=16
[  382.428923][ T3716] EXT4-fs (loop3): Block reservation details
[  382.442103][ T3698] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 762 with max blocks 1 with error 28
[  382.454564][ T3698] EXT4-fs (loop1): This should not happen!! Data will be lost
[  382.454564][ T3698] 
[  382.464386][ T3698] EXT4-fs (loop1): Total free blocks count 0
[  382.470520][ T3698] EXT4-fs (loop1): Free/Dirty block details
[  382.476500][ T3698] EXT4-fs (loop1): free_blocks=0
[  382.481508][ T3698] EXT4-fs (loop1): dirty_blocks=16
[  382.486727][ T3698] EXT4-fs (loop1): Block reservation details
[  382.664483][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.701927][T17532] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4503'.
[  382.703205][T17534] netlink: 'syz.3.4505': attribute type 6 has an invalid length.
[  382.725827][T17534] loop3: detected capacity change from 0 to 512
[  382.734968][T17534] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  382.747720][T17534] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.4505: corrupted in-inode xattr: e_value out of bounds
[  382.764964][T17534] EXT4-fs (loop3): Remounting filesystem read-only
[  382.772047][T17534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.799924][T13545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.009121][T17552] loop1: detected capacity change from 0 to 2048
[  383.019069][T17554] loop0: detected capacity change from 0 to 1024
[  383.027408][T17554] EXT4-fs: Ignoring removed orlov option
[  383.033935][T17554] EXT4-fs (loop0): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  383.046817][T17552] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.062129][T17552] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4512'.
[  383.187075][T17554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.211973][T17559] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4512: bg 0: block 345: padding at end of block bitmap is not set
[  383.317186][T17554] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  383.346539][T17563] loop4: detected capacity change from 0 to 2048
[  383.355683][T12899] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.377531][T17563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.395147][ T3698] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  383.408208][ T3698] EXT4-fs (loop1): This should not happen!! Data will be lost
[  383.408208][ T3698] 
[  383.573548][ T3698] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 671 with error 28
[  383.587043][ T3698] EXT4-fs (loop1): This should not happen!! Data will be lost
[  383.587043][ T3698] 
[  383.596856][ T3698] EXT4-fs (loop1): Total free blocks count 0
[  383.602951][ T3698] EXT4-fs (loop1): Free/Dirty block details
[  383.608953][ T3698] EXT4-fs (loop1): free_blocks=0
[  383.614409][ T3698] EXT4-fs (loop1): dirty_blocks=672
[  383.619758][ T3698] EXT4-fs (loop1): Block reservation details
[  383.760579][T17575] lo speed is unknown, defaulting to 1000
[  384.002299][T17573] bond0: entered promiscuous mode
[  384.007643][T17573] bond0: entered allmulticast mode
[  384.044633][T17569] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4514: bg 0: block 345: padding at end of block bitmap is not set
[  384.094765][T17573] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.143391][T17573] bond0 (unregistering): Released all slaves
[  384.342015][T17579] loop1: detected capacity change from 0 to 512
[  384.355566][T17579] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  384.380413][T17579] EXT4-fs (loop1): 1 truncate cleaned up
[  384.390710][T17579] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.416600][T17579] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.466579][T17586] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4521'.
[  384.535771][T13092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.566782][T17590] xt_CT: You must specify a L4 protocol and not use inversions on it
[  384.577512][T17590] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4524'.
[  384.589474][T17590] hsr_slave_0: left promiscuous mode
[  384.596199][T17590] hsr_slave_1: left promiscuous mode
[  384.646071][T17599] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4525'.
[  384.704313][T17602] loop3: detected capacity change from 0 to 2048
[  384.734077][T17606] loop4: detected capacity change from 0 to 512
[  384.745177][T17602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.749607][T17606] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  384.817393][T17606] EXT4-fs (loop4): orphan cleanup on readonly fs
[  384.825647][T17613] loop1: detected capacity change from 0 to 512
[  384.895799][T17613] journal_path: Non-blockdev passed as './bus'
[  384.902439][T17613] EXT4-fs: error: could not find journal device path
[  384.915016][T17606] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.4530: Block bitmap for bg 0 marked uninitialized
[  384.925083][T17617] loop5: detected capacity change from 0 to 512
[  384.946540][T17606] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  384.953661][T17617] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  385.019506][T17617] EXT4-fs (loop5): orphan cleanup on readonly fs
[  385.027878][T17617] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.4533: Block bitmap for bg 0 marked uninitialized
[  385.044122][T17606] EXT4-fs (loop4): 1 orphan inode deleted
[  385.051117][T17606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  385.069401][ T3698] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:9: bg 0: block 345: padding at end of block bitmap is not set
[  385.076448][T17606] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  385.088639][T17617] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  385.103824][T17606] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  385.115463][ T3698] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 238 with error 117
[  385.117699][T17606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4530'.
[  385.128140][ T3698] EXT4-fs (loop3): This should not happen!! Data will be lost
[  385.128140][ T3698] 
[  385.151296][T17622] loop1: detected capacity change from 0 to 512
[  385.204577][T17625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  385.214813][T17625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  385.287790][T17606] program syz.4.4530 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  385.369156][T17617] EXT4-fs (loop5): 1 orphan inode deleted
[  385.376132][T17622] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  385.507189][T17606] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.4530: Block bitmap for bg 0 marked uninitialized
[  385.524686][T17622] EXT4-fs (loop1): orphan cleanup on readonly fs
[  385.531809][T17622] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4535: Block bitmap for bg 0 marked uninitialized
[  385.533423][T17617] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  385.546911][T17622] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  385.609324][T17602] ==================================================================
[  385.617493][T17602] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  385.625334][T17602] 
[  385.627667][T17602] write to 0xffffea00067e7758 of 8 bytes by task 17542 on cpu 1:
[  385.635387][T17602]  __filemap_remove_folio+0x1a5/0x2a0
[  385.640795][T17602]  filemap_remove_folio+0x6d/0x1d0
[  385.646022][T17602]  truncate_inode_folio+0x42/0x50
[  385.651070][T17602]  shmem_undo_range+0x244/0xa80
[  385.655939][T17602]  shmem_evict_inode+0x134/0x520
[  385.660901][T17602]  evict+0x2e0/0x550
[  385.664843][T17602]  iput+0x447/0x5b0
[  385.668674][T17602]  dentry_unlink_inode+0x24f/0x260
[  385.673978][T17602]  __dentry_kill+0x18d/0x4b0
[  385.678679][T17602]  dput+0x5e/0xd0
[  385.682344][T17602]  __fput+0x444/0x650
[  385.686358][T17602]  ____fput+0x1c/0x30
[  385.690387][T17602]  task_work_run+0x12e/0x1a0
[  385.695082][T17602]  do_exit+0x47f/0x1590
[  385.699255][T17602]  do_group_exit+0xff/0x140
[  385.704212][T17602]  get_signal+0xe59/0xf70
[  385.708586][T17602]  arch_do_signal_or_restart+0x96/0x480
[  385.714138][T17602]  irqentry_exit_to_user_mode+0x5e/0xa0
[  385.719789][T17602]  irqentry_exit+0x12/0x50
[  385.724250][T17602]  asm_exc_page_fault+0x26/0x30
[  385.729123][T17602] 
[  385.731452][T17602] read to 0xffffea00067e7758 of 8 bytes by task 17602 on cpu 0:
[  385.739090][T17602]  folio_mapping+0xa1/0x120
[  385.743727][T17602]  evict_folios+0xdb9/0x33d0
[  385.748354][T17602]  try_to_shrink_lruvec+0x45a/0x7e0
[  385.753580][T17602]  shrink_lruvec+0x22e/0x1b40
[  385.758351][T17602]  shrink_node+0x686/0x2120
[  385.762867][T17602]  do_try_to_free_pages+0x3f6/0xcd0
[  385.768088][T17602]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  385.774059][T17602]  try_charge_memcg+0x358/0x9e0
[  385.778927][T17602]  obj_cgroup_charge_pages+0xa6/0x150
[  385.784343][T17602]  __memcg_kmem_charge_page+0x9f/0x170
[  385.789820][T17602]  __alloc_frozen_pages_noprof+0x188/0x360
[  385.795648][T17602]  alloc_pages_mpol+0xb3/0x250
[  385.800441][T17602]  alloc_pages_noprof+0x90/0x130
[  385.805402][T17602]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  385.811229][T17602]  __kvmalloc_node_noprof+0x30f/0x4e0
[  385.816621][T17602]  ip_set_alloc+0x1f/0x30
[  385.821590][T17602]  hash_netiface_create+0x282/0x740
[  385.826807][T17602]  ip_set_create+0x3cc/0x960
[  385.831437][T17602]  nfnetlink_rcv_msg+0x4c3/0x590
[  385.836411][T17602]  netlink_rcv_skb+0x123/0x220
[  385.841197][T17602]  nfnetlink_rcv+0x16b/0x1690
[  385.845883][T17602]  netlink_unicast+0x59e/0x670
[  385.850673][T17602]  netlink_sendmsg+0x58b/0x6b0
[  385.855446][T17602]  __sock_sendmsg+0x142/0x180
[  385.860137][T17602]  ____sys_sendmsg+0x31e/0x4e0
[  385.864971][T17602]  ___sys_sendmsg+0x17b/0x1d0
[  385.869691][T17602]  __x64_sys_sendmsg+0xd4/0x160
[  385.874587][T17602]  x64_sys_call+0x2999/0x2fb0
[  385.879296][T17602]  do_syscall_64+0xd2/0x200
[  385.883827][T17602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.889901][T17602] 
[  385.892247][T17602] value changed: 0xffff888135fbb070 -> 0x0000000000000000
[  385.899375][T17602] 
[  385.901700][T17602] Reported by Kernel Concurrency Sanitizer on:
[  385.907867][T17602] CPU: 0 UID: 0 PID: 17602 Comm: syz.3.4529 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  385.920394][T17602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  385.930476][T17602] ==================================================================
[  385.943197][T17617] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  385.952168][T17622] EXT4-fs (loop1): 1 orphan inode deleted
[  385.967088][T17622] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  385.977024][T17622] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  386.003602][T17622] program syz.1.4535 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  386.015105][T17617] program syz.5.4533 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  386.025476][T17617] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.4533: Block bitmap for bg 0 marked uninitialized
[  386.041018][T17622] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.4535: Block bitmap for bg 0 marked uninitialized