last executing test programs:

5.361639184s ago: executing program 0 (id=4584):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8)
lsm_get_self_attr(0x0, 0x0, &(0x7f0000000300), 0x1)
fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x100000000000, 0x0, 0xffffffffffffffff})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
fspick(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f0000000100)={[{@block_validity}, {@user_xattr}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}]}, 0xfe, 0x4e5, &(0x7f0000000980)="$eJzs3UFrHG0dAPD/THZ9mzavm6qHWrAttpIU7SZpbBs8VAXRU0Gt9xqTbQjZZEuyaZtQNMUPIIio4EVPXgQ/gCD9CCIU9C4qimirBw/Vkd2djWm6m6R0s8ub/f3gycwzOzv/559lnp1nZtgJYGhdiojJiMiyLLsaEaV8eZqX2GmVxnovXzxZaJQksuzu35NI8mXtbb2XT8/kbzsVEV//SsS3kjfjbmxtr8xXq5X1vD5VX01eZdn2teXV+aXKUmVtdnbm5tytuRtz0z3Jczwibn/pzz/83s+/fPvXn3n0h3t/nfx2K8GWvXn0Uiv1YvN/0VaIiPXjCDYghWaGLTcG3BYAAA7WON7/SER8MiKuRilGmkdzAAAAwEmSfX4sXiWt638AAADAyZRGxFgkaTm/33cs0rRcbt3D+7E4nVZrG/VPZ6Xd8wXjUUzvL1cr0/m9A+NRTBr1mfwe23b9+r76bEScjYgflEab9fJCrbo40DMfAAAAMDzO7Bv//6vUGv8DAAAAJ8z4oBsAAAAAHDvjfwAAADj5jP8BAADgRPvqnTuNkrWff734cGtzpfbw2mJlY6W8urlQXqitPygv1WpLzd/sWz1se9Va7cFnY23z8VS9slGf2tjavrda21yr31t+7RHYAAAAQB+dvfjs90lE7HxuNI2ILNnzWjEiG9m7cqH/7QOOT/o2K//p+NoB9N/IoBsADIxDehhexUE3ABi4w/qBrjfv/Kb3bQEAAI7HxMd3r/83CzA88uv/STLohgB95/o/DC/X/2F4FQ86AjAogBMvPcKu/u7X/7PsrRoFAAD03FizJGk5HweMRZqWyxHvNx8LUEzuL1cr0xHx4Yj4Xan4XqM+03xn4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxRliWRdTG6uw4AAADwQRaR/iXJn/81Uboytv/8wIeSf5ea04h49JO7P3o8X6+vzzSW/2N3ef3H+fLr/T57AQAAAHTSHqe3x/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EsvXzxZaJd+xv3bFyNivFP8QpxqTk9FMSJO/zOJwp73JREx0oP4O08j4lyn+EmjWTGet2J//DQiRgcc/0wP4sMwe9bof77Qaf9L41Jz2nn/K+TlXXXv/9Ld/m+kS//3fqcNpm8uOv/8l1Nd4z+NOF/o3P+04ydd4l8+Yo7f/Mb2drfXsp9FTHT8/kleizWVFB5MbWxtX1tenV+qLFXWZmdnbs7dmrsxNz11f7layf92jPH9T/zqvwflf7pL/PFD8r9yxPz/8/zxi4+2Zov7XirGT7Ns8nLnz/9cl/jt775P5R93oz7Rnt9pze914Re/vXDxgPwXu+R/2Oc/ecT8r37tu3884qoAQB9sbG2vzFerlXUzZo5tZjT6GHQ+DlqnfRDbh/Z8Jw/1rtvJSoPYTwfYKQEAAMfi/wf9g24JAAAAAAAAAAAAAAAAAAAADK/DfgYsevBzYvtj7gwmVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA/0vAAD//+XXyps=")
sendmsg$key(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)
fcntl$lock(r6, 0x24, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x1})
sendmsg$nl_route(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=@dellink={0x34, 0x11, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x442, 0x1080}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x64000850)

5.093886735s ago: executing program 0 (id=4588):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f0000000140), &(0x7f0000000200)={'fscrypt:', @desc4}, &(0x7f0000000300)={0x0, "d1ddbe17f36539c9653070792cc4f1c0207aa4d36e0ae764313f66701ee3265a15f3ef9159991751beecd685df35a666457316b94b521d75ee49ab6c6c33dfef", 0x33}, 0x48, 0xfffffffffffffffe)
request_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000100)='/dev/vhost-vsock\x00', r1)
listen(r0, 0x0)
io_setup(0x2007, &(0x7f0000000980)=<r2=>0x0)
io_pgetevents(r2, 0x4, 0x4, &(0x7f00000023c0)=[{}, {}, {}, {}], 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x40, 0x0, @perf_config_ext={0xb10, 0x2}, 0x8, 0x2, 0x7, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timerfd_settime(0xffffffffffffffff, 0x6, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r4}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r5, 0x5608)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r6}, 0x10)
r7 = eventfd2(0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r7}])

2.776474541s ago: executing program 4 (id=4614):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x22, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa2180c20000000800450000140000000000739078ac1414bbac141435"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000042000000000000000000000000000000000000000000000000feffffff00000000"]}, 0x108)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='kfree\x00', r4, 0x0, 0x2}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[], 0x119)
syz_usb_connect$hid(0x5, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000106a0529000000000000010902"], 0x0)
pipe(&(0x7f0000000040))
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'ip_vti0\x00', <r7=>0x0})
bind$packet(r6, &(0x7f0000000080)={0x11, 0xf7, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r8}, 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r9, 0xffffffffffffffff, 0x0)

2.194526585s ago: executing program 4 (id=4622):
r0 = openat$selinux_mls(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$sock(r0, &(0x7f0000001240)={&(0x7f0000000100)=@l2={0x1f, 0x3, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x8, 0x1}, 0x80, &(0x7f0000001180)=[{&(0x7f0000000180)="03983e56be1e0b1a6c77ea1e7744901546fed02906abda7bd43813dce5ba1cc4f6c2b72534dbd4651de4a3dcf7c0fa3106fd2e46529cca396dec2f71568affadadf08ea6d0fe06f31a7c864b0370060a88e8c45cfd8e2eb69e29618ab257ebc73dd589cbb7594ec08ff4c6a7bcaacb0e9987e17fdf65841564afa6dd7771eb4d6650e4656638a17665ec56fbeee99145658306c1e67734d453a51cc8a4722961f5129401f7229fd6fd471ff2ba0fad3ea30f5517865e07a19f8c0695b29924f105bf822823884d38d2755f827a93560bb9b545b959c2048fab4c06e829bf7d8ef240f4befd30b8c4de1440ec3fb391566a5faa95a0a4341321ff4c8b5ec79ade4d3af43d8d540ea748a9ada4eff126d0fc5433550ef8e4b1b57e1f4849e227cc04aa63328b7f5cdb9a6c6bee6cf602aab217c43c992c7d4521d9a1db1fc215954b3a6a9eaeee7d5a62552f4757e2f14d6777da45504dcdeacee1a25ceafe3aa0f07adcc94936760d132d41e2e3be28728ae8815761ad3a40cce253b85cecdc546cbf24401ae8339864770159123abdefb47ab94c662ef9c1dad64b4b5745ad6a5a49b35ba8be1d70df3171d2704304f698266a27342418b7676f0175b0dbcdb7143da66907c6e57679018797d832ed48abe42ee83c65b86f779ca619308e992be4c0013e71008a0013ab8f6d958c8e61418005f850852b3196af58773ea641fc76c6c6dc5cb25eaf97d0754bba7fb011ff4d239385e6e08d04b60cea9b71631ef847f493069175fc25081c70de130a888c9bde830578b2865d0210f612b4b4c9be8c8105723dfedbc043393ef2eaf0173c3e935daaae8726a2169308df4aacf5e6a5ce99645b683961b8001aa17a14819fc0a4e27524b14a462609279cff831e34410eb533361258256fbf4a78561ee3529b0677dce522a18493e858e412e76adf4320894b6d22143d61214ebc5d4f36531ea6b0e9d674bc9a41bb24295c0b41cb21f1218183e4a7ab2e16bd207ce9673ff6bd86ce8cdc4a2520defe08c37f5499904a9421dedb1d5cce989503c1d4ffaeea82e7b5a5d5dda62f7434e0bfed8474d682fd1bef5b2978b5a11387ece4e50ccbdd4c3a6353fd3c9e6527e4df71b5d08175461cd21eb3036438867ef17d1dd43e004d550b2120482cf046305ca1fcc88159dbb3bd3c909b9eef4faaa30b1e28692121a9a75120da0cce98068cc93d52307b20b1b955cfcf50bb83fa051aa84a1afbdc91490d1db8810149fcc846182b03f32f62d2ff4cb7b115761e9fa93635f87da8e2b17b3331c64bde0c8deb6a1ebc39b5655a3f84f7b4db403ad55f4ee2ba8871d71957f0f5dfbd0b4df6fe3fb02fe8f0e760e487e9db239ee252ce952a4d7953cfbcc3b089ffe672aafdd056276437d86f022441c2277af138c6b334cf52dcb0c31a9fb6f4a719efdab12c2e4961452ba6d216b40e1802e577e4b586aadefeb62133a6c2987a2b52ef54a4f922b335e51320d9cdfec3363e5ad2281c9aff6ab2abd442964faa7e6915171c61ddd67c714ee00c34ccd89a86d2bfbde37dce7aa960dfefd23ff3152df6eba081e4ee457ed40856e9f14f578918b69ec98b75c4000792475985dc3a56f55d2413f03ead026d07453226d4f2e05c0751d3b30986f8a714595d4fc7a7272ad26868c2b6fef0e5e08c3b766b043dc9fda527a8b11ae463ed80e29b8bbcba8ae7ca46f4b053edcd3f52b9a9f5fa5f8661779d0055115d1598ab2aaef303c09d667002d63902ac89e114e82049495fc9c8e022f12ddb14bd91a4a9d5ab7f5e031f319377f0dc271de52edc1715f6d54d29e77f4def122f021a8fb0f5c93c2b41822681a79b007f3906da52f0af374bced8bce3f0df390471ef6affeeddc13f01da27c1ace4938c9087f29f64e73f812bea16cb4c60bd311723bdb264410c7a45c04332baffcb9599bb086788e1079c19dbd0ac4dc23a80e12805938856773c69896b6f4b01bbe0d325454abdbe62b948727af852f08b030e8f278e5e161a223cfe0319550de43ab5e4a4f4fb3e1752cb35f090d2e4d8a7973701664845030aca923bf75824d2cc9db9bd5032560eb7c0a5901460f08de536da5d0b3baa3ef727cd79a2a0f384743014e563dcc369215f479ca6fb54e1e45d051546af6b2756edb433ffdf2be2416efd169c5db0ebba33636e134e0061b44075d624bcd52143cb4b6998ae36e0f990e6a2788c19681e7e101750cf20eecf3bfcb76452d722e1499f2fe34727b7a90695302c2768cff905b50ef614899457a6303de6467ed71a3257195f2d918b64042dd7cbca6726845efb46ed10b8b5edc8407ea1e1b433f6f1bdd4f35f82a74da0bbf50456be94d20e91a5056eb5b467b516bc95f53b2777d165d458cece62d9e31ac4f366f89dede2fae180e8cfb74519a4b6e4e7116b0e3d6bb7d57e1862adb0ed20f2b69fcf1cc1685bc76d1d25d95ee412422c6dad0414e4b880520ef2faec7c0d83df2d8b9bfe79a02dab27eb2c888972342a84eb94f4c7b05e5df944c7c5ea408cb2b4a9f05492dcdcb1fa0f462feedfb1271a6b76a2feaa62c4a1ed2ff3932e7f19b634a7a542e869edc094f5913b11506c8fd90685ee12ee8ad2cd78b150e5d7ad9c36ebaa29c22111233b753aab3e05d8a6c7d219364985e7f0b1b23cd50c54fc3d53244419d7674f3fc18d7f93decd9506926806847dee891137eef4a3936e50190001cfada1c4d39986183d0bbae4e217fd96ac365252e9024144efa8b5217c35bd5361e83020b88c007afda0cc29347373e3ad252c9c7fb4655101210c3fc5efae85e90d180497b99844d5b681a8492edc38a52cd7a6c829fdf8ffa32fd0018f26f6768fdd0a71de11018a140a6c9afa50c7990193f63b9061a1102d7d6d7342d6b6c9e557824336a1dbfec75188d1b5bf7383908a340083c6adffec3f110836d12b1c32120b535187240a519f6a2a57ad5c741fe5895c7235c409779fed14d6b1384d21950d436bb62b7dc6979443d4f323a0de28a24cf365a97251479cb6c461fb368749978649a4f12712fac9291d801f6fadb2869d2f385274210c6ae6fd2510781ed54c0e78e073ebab07e54673fb49a1ff91e9eb8b438dae6e38e14cb111024cbb2c66db7e59e8752c8efb9f544fefaa7b485eb244f005a8d46c97905bf7d1def4133d5435a12e917fc3eef3f9e69f43be0178873e0739ffcabad766de00eac94b32465c7c90b30ebc38240c2906f75b4be7abd9d3b8f41b4e07716537e732c27b827bc6f3d67a46c612657fdf51132280bad69ba6e351c91eb90728a1d180dcde57f751255d2491122e6c7eb63ae510d5b36519464c73a018d57e97b5f3abd5154d90b0489ebd4d7cacca72ff6aa6fffe80f20787327c15be524948ecc548b67cbad99c5c3a949852026fb6213a03f9e0ea0d3973789885569213805ec5266258179f463224ca8e867279fac003aaff8a0d5f1edcf192c4d083b4827c5fa5736320a20c27007d39ed73108814842b38954114578c3095be81808b39f278930982e2979d74d1709986a2029e22c3fe565ce29c4f8c2496d125ee1407f4fbb54de583d4120d574444b9ae9def6475ad211c9d1c489dc17f5bc3ddb55aca7c68df8b6ba038da4eb595e8773ce4d81b9557ef17012f2c44d79c5306d7552d653a213a85519034eab8074ac7023604d977adb48520204f1e5dc7c1e330fba5acb175ede024432a47d687aa847079e77d8cad680c882112eaaeebcbea1f0c48b5348b5781c429a8633143664724ff076048d841b0ba5d62093980d7630ba5874d57360beb3e5fc09882ea24c0bc6b2eba3a4547e274117bf62e422d73864fabf851cc949850cbd5076e585b64c78975a0ff849b056c9671d073cf80892ad4e90fbbb3822dc75dfc7e58a8b84baaa9b912e841bc087fc7d6c64692a6f088ffc3333b1c2ba9f11530ff0f42d90b3487033d9cb4dfce6e5f559b06b27d9bfb4f0166c1684e82789aa28636aceabf7c09a9ba27e327e91de429e0f68a027f0798dcaaf98a6a2d6b37d15ad6565f42fad13bcda8f822b30c8f976de983c2222de037efa2c2dffae19db1022c1900e6ef59029c07fc5c99b9f8fc1f63248f1ceaa8611940082fe4d37bf78c3175fd3169ff5d5bd8b4452e1c6a0cf92c50fd6e70c5d1873c27303802e0bb869b4bae44e2c2df6d5d2ce9700584ab33389abfa358725eda8f5092d892bcb03944abeef7e585b952f84f4c879fd7fe521c2daba5adb44fbd567b3e75a2c8d00668c5d1ef404b0fed089c9e90663bd59504ae3acccc086fe07440585b4fb1eba154cc041fea48036e33c6298bc8cd06c2c4e0c58e8db1e6a8b0ffd481db965fd3d4f3268e240fd42c9f57a962da04cb3845b82d75f86f813dc3a9c6bf8792b6997a7c2c041e2a5cda00566d077cf85b672bfb45734aeeccf11a8d7bf6c51ae7dcb2a33260129256e410be5ffc437f5e315ef0f7b540bad56b7c9367fcd19446b1b54b9bcc01c3c3f7712f1f3113ffc0ce28847bd5869664987d133a96be5054c501771700a4749e4834f0ad505951fe184e5c2fde3f876e90e24a0c0db42fcc81bbe31f2f1c3ff0eb87f85d1bf9a5a75e2510950d042e3beedd50d110b1483b2f968374d0a4b4149896972cf9d204d109864029dd95c89866231488dcef26d3587f296ff737fac3a925bb22cc6dcba81ae381408b6f9641543ac85f7a569ed5741b1f458d170251e62d4c0541184c66d3a2557d50620d1f90df228470bfd68323e0fd04d71fb2816a7f80b245865d58fc2b206cb403e15d97f62cff5e1cacf86ba9050679fb4d2c68a5f95cea551ab5ed8f2f3f2eaf13f9174d5e41d896e50695de48b073bfe974fc4fa47d85e1fa743c3bb7cba264dd6ebd81db5c8b68e459962588c676a6c1630c919fc6462656be3e48c39a44e1db64410b14ea8fee0b542b324f421f384224768d3fe3c505b04e2fa54bff0ad77d5930f3b7dc3097f131d8d32341fe0d628a13a2227eed7bbd42687f93f1e496763c50c0c6d02eda8d8b6d5535850b9f7435f6920c848d609a5a0bf33fccc76996d553f9b893b5891d05ecc5d179261128e83aa48750ff5254f0f2a2c6c4f24167c0a8626bc1a709e853cf987444bd9c72fb272c7db3ebac946b87d21bc9d0e08e92f6aad7dc01f772ffadc9304057fd0750915e20b7c82c226fbc4c6f93942ae1f6dd687a7b3780b5ed8ae1b6bd633d843f996ff6c01cdd621d4b4d0bbea9e3412737a5156305179794efb867bbe9ccc1b76e13efe3d983c44b85926bfb106572b27e9a0c968b600e3270e17a24acd737c075006b102e0f4c3db31c290582d90dada009f43cb55a4c62037b401700ce9b74ca5f12e8ef2f57c05a5d4ff8c79571fa0726ddb93d3ed08343df9693955935bf71406d172a80d8a6dac98414c5930e0518409e1a39bd2c1b16ee136ee90659815c4b56d38d5a307c2afd5adf7d544c16c58a759801478d848775169669a755ff56408e6594acdbf2d910c151da8635d81e3bb55aa3117fecebb0421201cba337b8b1cda449cd9f8ce22f09bbafed3f5b8b59be9a0d6602978adb91fcab977cc823296ebc9384e7888fdf5f0720715d141fbbf4677ff26086fe4952e3de5c64aba6b7575bea637094bf0f251cbfcb2a59ae9a134eff867b30f58a98e4f75d91db5878f6f7eca516fbc2a020a8d4bfd04e0dd34143a71315e21bfccd9dc46c4d09fd45877a1db0cf889dbb46e37cdd3c58f6a6bc9d51d489ede6e323c69f89f97e8ba7ec23df93", 0x1000}], 0x1, &(0x7f00000011c0)=[@timestamping={{0x14, 0x1, 0x25, 0xc38}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @timestamping={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}], 0x60}, 0x4080)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800"/16], 0x0, 0x2d, 0x0, 0x1, 0x10, 0x0, @void, @value}, 0x28)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
r4 = creat(&(0x7f0000002640)='./file0\x00', 0x18a)
process_madvise(r4, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x21c7, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r5}, 0x18)
link(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001040)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r6}, 0x20)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x35, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
setsockopt$inet6_IPV6_DSTOPTS(r7, 0x29, 0x3b, 0x0, 0x8)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x800400, &(0x7f0000000040)={[{@dioread_nolock}, {@noquota}]}, 0xfe, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==")

2.040586146s ago: executing program 4 (id=4623):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x4}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000440)=@newtaction={0xb8, 0x30, 0x9, 0x0, 0x0, {}, [{0xa4, 0x1, [@m_bpf={0xa0, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {0x0, 0x0, 0x0, 0xffffffff}, {0x3, 0x4, 0x20, 0x1000000}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x2}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x7}}]}, {0x1b, 0x6, "792ac9039dfd1456f92ad1edf0d767ef737dde033e1000"}, {0xc}, {0xc}}}]}]}, 0xb8}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
listen(r2, 0x0)
accept4$unix(r2, 0x0, &(0x7f0000000040), 0x80000)
ppoll(&(0x7f0000000000)=[{r2, 0xa001}], 0x1, 0x0, 0x0, 0x0)
unshare(0x2a020480)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000001, 0x12, r8, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f0000000340)={0xab, 0x7, 0x4, "4bbec2b8bc06ff0d43aaf525ee3ba0558b3b4f56629097f144fcb2c7c811643b66502c7d0a1c6e73f494f14a48438b8fabfac5b77aeb91c0ab0b51e08b98f5244a7b5d7ce034947a5f1aea2ed6f3e9b33dd47ff0eddc23acd7002847dcc778acbd12c110e61ba422bdb678803e765191ae00cbf0404ed0cf1fd49f906467d4aea93f84ee3c3e7678c7d162f77af7d4bfbbea15f5c2267e08f78c9a019a44b674e5bb5017170d47c0004aa2"})
sendto$inet6(r7, 0x0, 0x0, 0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RTOINFO(r7, 0x84, 0x0, &(0x7f0000000280)={0x0, 0x9, 0x0, 0x7}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)
unshare(0x2040400)

1.981543936s ago: executing program 1 (id=4627):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
close(0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)=r0}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000680))

1.962424037s ago: executing program 1 (id=4628):
socket$inet_sctp(0x2, 0x1, 0x84)
io_uring_setup(0x4f01, &(0x7f0000000180)={0x0, 0x3, 0x10000, 0x1, 0x237})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
getpeername$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0xc000000)
socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'sit0\x00'})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r5, 0x0, 0x6}, 0x18)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r6, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}}}}, 0x32)
writev(r6, &(0x7f0000000580)=[{&(0x7f0000000380)="0a98bae3fb6520730413cf1f1328966066a5b606209e9b42cd35a6d4ef213f", 0x1f}, {&(0x7f0000000400)="22ec95c2b8b49b0946a779b4f6d072ec7620ef5c2310890e466a3fb2628a6f0ed035c87b", 0x24}, {&(0x7f0000000440)="9e211e3879994732768fad6000336a366c", 0x11}, {&(0x7f0000000500)="a3358904da306d6b4984afbeabfc1ce13e070280c8ba7423554620c78c5ef3e57e1ebf182b95454698745557c3cac78154dae703f3da3525f92251b84df0277917af9bfd3b634c25e44719935d691d2a33fd90208407217f7f60b9c237f2e344e24432d023a0f3fb60876ea796f1acf13bc0cbb17b2712706ebdf7497443", 0x7e}, {&(0x7f0000001040)="e38e9ddb7b573bc7200d4271f06a7015c263a778a05c9aea486cb17e8197e4a45686310889992b5f4df5a9d1432763bce33fc34a564be2cfd243d888ba25556d32cafefe9f7523dd1682d972364723174e765e5e9d22aa2fcfcc857a7c2938e7c72739aaf9a3befb442c4ab9e2c57230d5200b8df1a6680b0748fd1ffa881dba7888649c6e203b431dac9734cf2293eefb4e4588a2cb5a8bb024da3a59326f5a370c50b4cb964a9dba93c6e2decfbc81b8e51793e36283fe8b61170f0b8edd467f0c42443abd1ccc0f43020447e1b8ef4b441b94c99f85f17cd680b5187266f3671ad5a03c16a94ebb6b178b5ac99b34b81ca248a934d4bf2366ccc3805e0197ae472a8a55100f0c5cb68520f3573e423608e0f8d7e04edc45cd290ed63c21c179b20236e0c009a709f0cf03ec306254cf9fd880dfb654cb12ee211c3d2c2bd9eb0f8af9a735588220f71b07690d996e25604748b864fbc6fcca0ddecee38cdd352cfb4bb3a7ba6535f06a21bddfb0ee7f7e89ce440ca3edde3f916a2de7d94150e849a2ee574b1e24879086a0c8bdc48e68aaa4b66409159daa63594aea55f6f295726874388d13404b2e21e1d3e7652aa9f9c6d5baf26ead44a20c4d1e811f0c27f3e7c824dd4bda9cff382e4407768eb182d1f1fd2733840e321eddc684ee79501f4c0134e80aa13a827cd1fab06df6e7e39015606bef6e83f8757e4047b9f3d048388df0cc48147b2a968a01b2db7fb23b05c07b0a325d150375486c6feddd33444345fdc496f6d92a922c00701e529a370958603f6a61cc27c1e73113a7879fc37974da17db3ab98513c82f67eba49c8bb20b18a3157a696b5e24f8fa7dfcc23bc39ff32c1cd43e3cfd493ef94f41dda59ba74e9103d2e76febb8a2840675b18612686f6cf1e38711d59290a3bc801333a0edd0271d62fd104babf535ef8e8c67491ad9421f97761d9aa16d01a36c50f30f8a1f685ddfc5c6aa4a19baae8d6453f36a94b5379bf8fd85d2bf4e563f17b5e48d302fe493d8bcfac04bfe80fff24df0f12d4144e01b42014071b4803cbed8c1175cc0982f7c74dbaf4154e879479cae265ffd26823566d6443bc1ff9e0a632b9a10ee58a92c8b3624674832e8c1f675c3dc471975601a4b56015cbb32f9c80de2cbef416c768e430592f4d738273a742001aefad57857818a8265cbc329e86cad48993b42067d0572cac61632cf27e1c21b24ffccff8a5fb6623a3186ddbb13a3eed072e9fe4d123a6a0072024314855bb1f69bf3a1ea5b1b1af654a54d3165c9bd3b7edf04a34f01bd6a8fcc0b0cdbd5465347157d047a5945645a50d6d41fae15a03eeaa455eb7d2e4b37d0689ca7b745859e4e4ae7838afa083a2c163398ff0e8194772d622b6cab019e3f88baa43cd94f546c245f5cc27e0f8ce8a9970355fb42dfee43758ceb9667a715af264dfaa56f00e45d9d56af97a77f92720e726819ceab6a2542b3f5c55acd2792f12c50775cc9f5a964b97a2bded7e36a92e873ea10cc27a77ef711dbefd50c5145c942cbd5907beff3603eb500eabf1cb850d48bf01d7dcdeed6c1d23b589b0c61755c7a90aeb66c9c070725a546c86ed5e75ccc4e8215d074d2cb25501865ca2001106884c74b14917913aa88520d3a4d6ce69a1b57671a62d18c2fc27ef368c7a53fe199753865186c7e", 0x4ad}], 0x5)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x8200, &(0x7f0000000000)=ANY=[])
open(0x0, 0x4000, 0x1)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')

1.883851797s ago: executing program 2 (id=4629):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x4}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000440)=@newtaction={0xb4, 0x30, 0x9, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_bpf={0x9c, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {0x0, 0x0, 0x0, 0xffffffff}, {0x3, 0x4, 0x20, 0x1000000}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x2}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x7}}]}, {0x16, 0x6, "792ac9039dfd1456f92ad1edf0d767ef737d"}, {0xc}, {0xc}}}]}]}, 0xb4}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket(0x28, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

1.804096228s ago: executing program 2 (id=4630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0xa, 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="660a00000000000061114c000000000085000000d200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)

1.770223198s ago: executing program 2 (id=4632):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x22, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa2180c20000000800450000140000000000739078ac1414bbac141435"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000042000000000000000000000000000000000000000000000000feffffff00000000"]}, 0x108)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='kfree\x00', r4, 0x0, 0x2}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[], 0x119)
syz_usb_connect$hid(0x5, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000106a0529000000000000010902"], 0x0)
pipe(&(0x7f0000000040))
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'ip_vti0\x00', <r7=>0x0})
bind$packet(r6, &(0x7f0000000080)={0x11, 0xf7, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r8}, 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r9, 0xffffffffffffffff, 0x0)

1.712917488s ago: executing program 0 (id=4634):
syz_read_part_table(0x4078, &(0x7f0000000000)="$eJzs079KwlEUB/CjQ0EtFj3A3SKQ+vknySkqGhrMwamxwkIQg7RwaelteqQeoOcwMIP4lYMFBfH5TOfe7z2Xs5zVl6eDiCjs3A1648gpRsRkWu0XIwoRUZ8lhfzT4XWvf37R7b91FfMxCyvNuX94nBVLi/+5uRZxmiJiZfS8cfST6fgnlrfOPh4nU5/3+3tODlupfdxKWaNR7VSq6V0t1bKvO7Ism5P8tvVS52qc7ru3w97NIO1u18qpfTlKlb1yqjSb9b8eDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGUHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WSXRuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqAAAAP//CaUg2w==")
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0)
unshare(0x22020400)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, 0x0, 0x3, {0x2, 0x1}, 0xff}, 0x18)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000580))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x50, 0x8, 0x8, 0x6}, {0x6, 0x0, 0x0, 0x2000000}]})
write$ppp(r0, &(0x7f0000000300)="4daf8a728e", 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000004180)=0xffffffffffffffff, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r2)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="59bb22bd7000000020001100000008002b01"], 0x28}}, 0x0)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000004140)={&(0x7f0000004080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000004100)={&(0x7f00000040c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fcdb0000000000000c009900900000007b0000001600800071070100ffffff006071070100ffff0004690000"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x80)

1.328720441s ago: executing program 0 (id=4638):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
close(0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)=r0}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000680))

1.274224791s ago: executing program 3 (id=4639):
r0 = socket(0x1e, 0x4, 0x0)
sendmmsg$unix(r0, 0x0, 0x0, 0x101d0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fdatasync(r2)
r4 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000000)='asymmetric\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', r4})

1.250610811s ago: executing program 0 (id=4640):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000600)=<r1=>0x0, &(0x7f0000000640)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x20)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000500)=ANY=[@ANYBLOB="5300000007000046009d40edce82cd28e1e1edab5168510449b8"], 0x53)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r5}, 0x10)
r6 = syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_BUFFERS2(r6, 0xf, &(0x7f0000000bc0)={0x1, 0x1, 0x0, &(0x7f0000000ac0)=[{0x0}], 0x0}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="2c7766646e6f3dcc9e7592b0fee5cac3dcc9aa1f9c0ba07a36f73ba3fbce658ede7fbc1caa6bf359e7d1455eebf809802a585aac9ad66199830622d06acd31b7c102f71143de700b17ad0ee10fb87894807a146c4acc32e0606250a498a03787b297e515a2ec9f53bfe9c4ce94f2e95914e5fff1ae9a25a60f41472165e366ec1ff1da73d75cf6", @ANYRESHEX=r4, @ANYBLOB=',k'])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(r7)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r9}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0, 0x2044}, 0x60)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x110e22fff6)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r10}, 0x10)
write(0xffffffffffffffff, 0x0, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

1.201388622s ago: executing program 3 (id=4641):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x4}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000440)=@newtaction={0xb4, 0x30, 0x9, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_bpf={0x9c, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {0x0, 0x0, 0x0, 0xffffffff}, {0x3, 0x4, 0x20, 0x1000000}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x2}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x7}}]}, {0x16, 0x6, "792ac9039dfd1456f92ad1edf0d767ef737d"}, {0xc}, {0xc}}}]}]}, 0xb4}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket(0x28, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

1.126329252s ago: executing program 2 (id=4642):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f74"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x3c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
fsopen(&(0x7f00000000c0)='proc\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000001000000000000000000008500000036000000c500000008000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000006"], 0x50)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0xb, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780", 0x0, 0x739d, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000280)='./file0\x00', 0x402, &(0x7f0000000380)=ANY=[], 0x1, 0x285, &(0x7f0000000d80)="$eJzs3M9qE2sYx/Ff05w2TWmTxTkHzgHxQTe6Gdp4ARKkBTGg1EbUhTC1Ew0ZMyUTKhGx3blx4XUUl+4E9Qa6cefeXTeCm4J/IklTO21SitJ0ovl+oDNP+86veSczhGcGMls3nz+olEKn5NaVSJkS0rq2pWyr6hjprBPtekxR6zo/+en9qeu3bl/JFwpzC2bz+cULOTObPv364eMXZ97WJ2+8nH41rs3sna2PuQ+b/27+t/Vt8X45tHJo1aBuri0FQd1d8j1bLocVx+ya77mhZ+Vq6NX2jZf8YGWlYW51eSq9UvPC0Nxqwypew+qB1WsNc++55ao5jmNTaeEoxY2FBTcf9yzQN8nWolbLu6OSJrqGixtxTAoAAMQr2v9r4Pr/VtcSHf/a1f+v0/8fLnHUBvT/w6DV/6d7ng70/wAAAAAAAAAAAAAAAAAAAAAA/A62m81Ms9nM7K53f8YlpSTt/h73PNEf3cc/KY7/8Ih8cS8l+U9Xi6tFyR9pLVvyJZXly9OMMvrSPh86dur5y4W5GWvL6o2/1smvrRZH9+dnlVG2d352J2/7838pHc3nlNHfvfO5nvkxnTsbyTvK6N1dBfK13D6v9/JPZs0uXS0cyE+0twMAAAAA4E/g2A89r98d57DxnfxP3B84cH2d1P/JePcdAAAAAIBhETYeVVzf92rxFJ87NwtinsaAF/9I+qX4xchTX/eGkl1/Oe7iWTAob90AFilJx/oPJ9SPqcb4oQQAAACgL/aa/rhnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8DqJB54d8tKJE95VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHbfAwAA//8PxyVc")
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r7}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f040000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x20008801}, 0x0)

1.093147172s ago: executing program 3 (id=4643):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x33, 0x1)

1.040297143s ago: executing program 4 (id=4644):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_OSF_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000002100090100000000000000000a00000000000000000000000c001400", @ANYRES32], 0x28}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x9f, 0xb, 0x4200, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r7 = syz_io_uring_setup(0x110, &(0x7f0000001240)={0x0, 0xfad6, 0x0, 0xfffffffe, 0xfffffffc}, &(0x7f0000000240), &(0x7f0000000280))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r7, 0x18, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x1, {0x6, 0x6d4}, 0xf0}, 0x1)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x6}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8a, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x82, &(0x7f0000000280)={@link_local, @random="1704b45adbde", @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @dev={0xac, 0x14, 0x14, 0x13}, {[@lsrr={0x83, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010600, 0x1000000}, {@private}, {@broadcast}, {@dev={0xac, 0x14, 0x14, 0x2}}, {@private}, {@local}, {@private}]}]}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)

1.035504723s ago: executing program 3 (id=4645):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x34, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x12, 0x0, @opaque='\x00'/10}}}}}, 0x0)
recvfrom(r0, &(0x7f00000000c0)=""/10, 0xa, 0x200000000000000, 0x0, 0x0)

1.019026173s ago: executing program 1 (id=4646):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x1400e, &(0x7f00000000c0)={[{@quota}]}, 0x1, 0x439, &(0x7f0000000580)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3G8exncY4ccGfj7TtzO5EM1/PTjyzkw1gaI1l/yQRuyPi14gYbWRXFxhr/Hdr+crMn8tXZpKo1d74I6mXu7l8ZaYoWvzcriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPPDB/KH9r7x17bWZU9fe/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0YpVjpvNF7+eKCNAzZVrVar3df58lIN+A9LYtAtAAaj+KLP1r/FsUVTj7vCjRcaC6As7lv50bhSjjQvM9Kyvu2nsYg4tfTXF9kRm/McAgBglW+z+c/T7eZ/aTQ/F/p/vodSiYh7ImJvRJyIiH0RcW9Evez9EfHAButv3SRZO/9Jr/cU2B3K5n/P53tbq+d/xewvKqU8t6ce/0hy+mx17mj+mRyJke1ZfrJLHd+99Mtnna41z/+yI6u/mAvm7bhe3t6nYNu48VHEgXK7+JPbOwFJROyPiAM91nH2ya8Odbq2fvxd9GGfqfZlxBON/l+KlvgLSff9yYn/RXXu6ERxV6z1089XX+9U/z+Kvw+y/t/Z9v4v4t9TSZr3axc2XsfV3z7tuKbp5f6fnV6c3pa8uerc+9OLixcnI7Ylr9bzlebzUy3lplbKZ/EfOdx+/O+NlU/iYERkN/GDEfFQRDyct/2RiHg0Ig53if+HFx97p/f4N1cW/2zX/o+W/l9JbIvWM+0TpXPff7Oq0spG4s/6/3g9dSQ/k/X/enHdSbt6u5sBAADg3yeNiN2RpOO302k6Pt74G/59sTOtzi8sPnV6/r0Ls413BCoxkhZPukabnodO5sv6Ij/Vkj+WPzf+vLSjnh+fma/ODjp4GHK7Ooz/zO+lQbcO2HTe14LhZfzD8DL+YXgZ/zC82oz/HYNoB7D12n3/fziAdgBbr2X82/aDIWL9D8OrbL0PQ8v3PwylhR2x/kvyEhJrEpHeFc2Q6DGRRkS3MoP+zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAffwcAAP//KvHjlA==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000006000000180100006020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000035000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x324)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDqigHpAIRaIPEwWjGTtZNbNbUjs3Gn480O/Pmzcz3PWdn3suz4xfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/JXl+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar94/8vrr37j17/65Hu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9OGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/HMhTYvFgU7t8a4eAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P533uw/OPeyAABj0ZqZdAkAgLEz/g8A00f7DwBT5WuvvZYt7x51vv969c3dnY36m7dWK42NYm1npbhS394qrtXra/l39tQedb1qvb619HzsvFVqVhrNUmN3716tvrPZvJd/r/e9ytxYagUA/DdXr73z+yQiDl56Il+iay4HbTVcbOkIjwIeL0N99E8HAR5rZvuC6TVQE553En577mUBJqPnl3kXem5+0E/+hyA+ZwT/V258fPDxf3M8w8ViZB+m14cb/3955OUAxs/4P0yvVis5Pef//EkWAHAhDfERvtYPRtUJASbqUZN5j+T9fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhgLkfEdyJJi/lc4Gn2b1osRjwVEVdiLrm/Xq3cjoin41pEzC1k6aVJFxoAGFL6l6Qz/9eNxecun86dT/61kK8j4ns/ff3Hby03m9tL2f6/n+xfOJ4+rPzwvCHmFQQABvenQQ7K2+9yZ931i/yDw/2V4+Ucy3jG+186mXx05ehwP1/aObPRarVaEYW8L3HpH0nMds4pRMSzETEzgvgHb0fEx3rVP8nHRq50Zj7tjh+d2E+NNX76gfhpntdeZy/fR0dQFpg272TPn1d63X9pXM/Xve//Qv6EGl7+/CtEHD/7jrriz3YizfSIn93z1weN8fxvvnpmZ2uxnfd2xLOzveInJ/GTPvGfGzD+Hz/xqR++3Cev9bOIG9E7fnesUrO2VWrs7t1ary2vVdYqm+Xy3aW7t1+880K5lI9Rl45Hqs/660s3n+5Xtqz+l/rEL/Ss//zJuZ8bsP4///cb3/r0w+TC6fhf+Gzvn/8zPeO3ZW3i5weMv3zpl32n787ir/ap/6N+/jcHjP/en/dWBzwUABiDxu7exnK1WtkeaiP7LXQU1zmzkRVxsIOPu4vDBX038o0RvSx9NrLO2CAHz53Xq3ruG7MnfcXRXvmb2RXHXJ105LUYauPBuGJN7pkEjMfDm37SJQEAAAAAAAAAAAAAAPoZx58uTbqOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXFz/CQAA///7VMSp")
r4 = inotify_init()
fallocate(r4, 0x10, 0x2, 0x7c27)

980.252183ms ago: executing program 3 (id=4647):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8)
lsm_get_self_attr(0x0, &(0x7f0000000180)={0x0, 0x0, 0x3f, 0x1f, ""/31}, &(0x7f0000000300)=0x3f, 0x1)
fcntl$lock(r1, 0x7, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
fspick(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f0000000100)={[{@block_validity}, {@user_xattr}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}]}, 0xfe, 0x4e5, &(0x7f0000000980)="$eJzs3UFrHG0dAPD/THZ9mzavm6qHWrAttpIU7SZpbBs8VAXRU0Gt9xqTbQjZZEuyaZtQNMUPIIio4EVPXgQ/gCD9CCIU9C4qimirBw/Vkd2djWm6m6R0s8ub/f3gycwzOzv/559lnp1nZtgJYGhdiojJiMiyLLsaEaV8eZqX2GmVxnovXzxZaJQksuzu35NI8mXtbb2XT8/kbzsVEV//SsS3kjfjbmxtr8xXq5X1vD5VX01eZdn2teXV+aXKUmVtdnbm5tytuRtz0z3Jczwibn/pzz/83s+/fPvXn3n0h3t/nfx2K8GWvXn0Uiv1YvN/0VaIiPXjCDYghWaGLTcG3BYAAA7WON7/SER8MiKuRilGmkdzAAAAwEmSfX4sXiWt638AAADAyZRGxFgkaTm/33cs0rRcbt3D+7E4nVZrG/VPZ6Xd8wXjUUzvL1cr0/m9A+NRTBr1mfwe23b9+r76bEScjYgflEab9fJCrbo40DMfAAAAMDzO7Bv//6vUGv8DAAAAJ8z4oBsAAAAAHDvjfwAAADj5jP8BAADgRPvqnTuNkrWff734cGtzpfbw2mJlY6W8urlQXqitPygv1WpLzd/sWz1se9Va7cFnY23z8VS9slGf2tjavrda21yr31t+7RHYAAAAQB+dvfjs90lE7HxuNI2ILNnzWjEiG9m7cqH/7QOOT/o2K//p+NoB9N/IoBsADIxDehhexUE3ABi4w/qBrjfv/Kb3bQEAAI7HxMd3r/83CzA88uv/STLohgB95/o/DC/X/2F4FQ86AjAogBMvPcKu/u7X/7PsrRoFAAD03FizJGk5HweMRZqWyxHvNx8LUEzuL1cr0xHx4Yj4Xan4XqM+03xn4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxRliWRdTG6uw4AAADwQRaR/iXJn/81Uboytv/8wIeSf5ea04h49JO7P3o8X6+vzzSW/2N3ef3H+fLr/T57AQAAAHTSHqe3x/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EsvXzxZaJd+xv3bFyNivFP8QpxqTk9FMSJO/zOJwp73JREx0oP4O08j4lyn+EmjWTGet2J//DQiRgcc/0wP4sMwe9bof77Qaf9L41Jz2nn/K+TlXXXv/9Ld/m+kS//3fqcNpm8uOv/8l1Nd4z+NOF/o3P+04ydd4l8+Yo7f/Mb2drfXsp9FTHT8/kleizWVFB5MbWxtX1tenV+qLFXWZmdnbs7dmrsxNz11f7layf92jPH9T/zqvwflf7pL/PFD8r9yxPz/8/zxi4+2Zov7XirGT7Ns8nLnz/9cl/jt775P5R93oz7Rnt9pze914Re/vXDxgPwXu+R/2Oc/ecT8r37tu3884qoAQB9sbG2vzFerlXUzZo5tZjT6GHQ+DlqnfRDbh/Z8Jw/1rtvJSoPYTwfYKQEAAMfi/wf9g24JAAAAAAAAAAAAAAAAAAAADK/DfgYsevBzYvtj7gwmVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA/0vAAD//+XXyps=")
sendmsg$key(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0)
fcntl$lock(r6, 0x24, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x1})
sendmsg$nl_route(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=@dellink={0x34, 0x11, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x442, 0x1080}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x64000850)

813.435664ms ago: executing program 4 (id=4648):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ftruncate(0xffffffffffffffff, 0xc17a)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, 0x0, 0x0, 0x4008804)

738.901895ms ago: executing program 4 (id=4649):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='clear_refs\x00')
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@broadcast, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@empty}}}, &(0x7f00000003c0)=0xe8)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='transo=\x00\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,posixacl,privport,afid=0x0000000000000001,cache=mmap,dfltuid=', @ANYRESHEX=r2, @ANYBLOB=',cache=none,msize=0x0000000000000fff,\x00'])
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r1, 0x0, 0xf3a, 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFBR(r6, 0x8940, &(0x7f0000000040)=@get={0x1, &(0x7f0000000140)=""/241, 0x2})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x12, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000580)='statm\x00')
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000c9c7db7745000000ccfb00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x3ff)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000540)='mm_vmscan_throttled\x00', r0, 0x0, 0x6}, 0x18)
getgroups(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000050000000000170000", @ANYRES32=r8], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000081}, 0x4000c00)
exit(0x0)
r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r12 = syz_pidfd_open(r11, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r12, 0xff08, 0x0)
tee(r0, r5, 0xf3a, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000380)=ANY=[], 0x18c6)

699.907305ms ago: executing program 2 (id=4650):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, 0x0, 0x0, 0x4008804)

639.293105ms ago: executing program 2 (id=4651):
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x4, 0x8, 0xa, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x60480, 0x0)
close(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x0, 0x5000}, 0x18)
r4 = epoll_create1(0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000180)=0x1)
r6 = epoll_create1(0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000400)={0xa})
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYRES8=r2, @ANYRES8=0x0, @ANYBLOB="0af9a184b4777f8d0b45090a6d0cc48faef78a223719d73faedabde04d3f04b335f37481b396a32eb68124b4373bd25a2cd2562cc339fda6c009a51f0709f3e05b315a55c038f31ba7cf60b0c33b3fbcc591c81a41c055b54341c552c3b9cd549726f3ec9f04", @ANYRES32=r3], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x253426aeae2d95f, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000ffffff7f0000000029760000181200007e2a40865040621f1c445c2b76ed5f0d5590a04f27b38e1e3f84034d0587a16a68dbae214fa1fb74131d694e217715ec8ae2d06cdd0fa0c4a1f230762d33f4b1b4d97482957c685fe56a3e1fd85b8985a96f0d1712a58ac7469adbc987bf454ff3d54a95e9c1e79b01fa365caeca344653b81d21df60e63e621752f75e215a01030d27c1c100f2dbcacdcaf866690a4e971192b68f74dfe701faaf1fc5afd4e4", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f00000003c0)='GPL\x00', 0x6, 0x8e, &(0x7f0000000700)=""/142, 0x41000, 0x23, '\x00', 0x0, @fallback=0x15, r5, 0x8, &(0x7f0000000540)={0x3, 0x5}, 0x8, 0x10, &(0x7f00000007c0)={0x5, 0xf, 0x52a, 0x57}, 0x10, 0x0, 0xffffffffffffffff, 0xa, 0x0, &(0x7f0000000cc0)=[{0x1, 0x4, 0xf, 0xb}, {0x2, 0x4, 0x5, 0x8}, {0x1, 0x3, 0xe, 0x5}, {0x4, 0x5, 0x6, 0x7}, {0x1, 0x2, 0x2, 0x5}, {0x3, 0x1, 0x8}, {0x0, 0xffffffff, 0x8, 0x9}, {0x3, 0x4, 0xc, 0x5}, {0x1, 0x1, 0xf, 0x4}, {0x0, 0x4, 0x8, 0x9}], 0x10, 0x7fffffff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

627.907455ms ago: executing program 1 (id=4652):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f0000009700000050000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_enter\x00', r0}, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

544.556726ms ago: executing program 1 (id=4653):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x22, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa2180c20000000800450000140000000000739078ac1414bbac141435"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000042000000000000000000000000000000000000000000000000feffffff00000000"]}, 0x108)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='kfree\x00', r4, 0x0, 0x2}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[], 0x119)
syz_usb_connect$hid(0x5, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000106a0529000000000000010902"], 0x0)
pipe(&(0x7f0000000040))
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'ip_vti0\x00', <r7=>0x0})
bind$packet(r6, &(0x7f0000000080)={0x11, 0xf7, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa1000000000000070100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r8}, 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r9, 0xffffffffffffffff, 0x0)

518.574737ms ago: executing program 3 (id=4654):
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="160000000000000000000000008000000000000002357db1dc8f64ea65125db05e4eefb4", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x3, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x7ff, 0x5, 0x1, 0x40}, {0x1, 0x7, 0x0, 0x6}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
r2 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000180)='\x00', 0x1, 0xfffffffffffffffe)
keyctl$search(0x4, r2, &(0x7f0000000580)='cifs.idmap\x00', 0x0, 0xfffffffffffffffa)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0xffffff81, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r3}, 0x10)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
keyctl$describe(0x6, r2, &(0x7f0000000340)=""/223, 0xdf)
write$nci(r4, &(0x7f0000005c40)=ANY=[@ANYBLOB="6103057f030603f93677ff6fcad8cf254cac"], 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1, 0x0, 0x200}, 0x18)
mq_getsetattr(0xffffffffffffffff, &(0x7f0000000200)={0x9, 0xb39fdb0, 0x81, 0x1}, &(0x7f0000000280))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000500)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0xa4}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mlockall(0x2)
r8 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
shmctl$SHM_LOCK(r8, 0xb)
shmat(r8, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
shmctl$SHM_UNLOCK(r8, 0xc)
umount2(&(0x7f0000000040)='.\x00', 0x2)

230.256858ms ago: executing program 0 (id=4655):
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = io_uring_setup(0x766d, &(0x7f0000000880)={0x0, 0xd277, 0x0, 0x1, 0x291})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004000000080000000700000000100000bb5dfd6aa6576f14818ef33c3280ac724018ae2463c1728f5aff7dde2b577680c1500f94c2e46f2219f3f4c1d188e2b1ba208d0bfb5489c82114dd17fe477455a6dd806cead201d9461a8c547ee87880d0c29e9b773bdc65e9c6da11689a243228fd5720ea8536d1299e8d90704a0e1ad69051bb0426", @ANYRES32=<r7=>r2, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES16=r5, @ANYBLOB="cf0d5a27e75c651d00"/28, @ANYRESHEX=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYRES32=r1, @ANYRESOCT=r1, @ANYRESHEX=r7, @ANYRESDEC=r0, @ANYRES8=r6], 0xc4}}, 0x24040045)

0s ago: executing program 1 (id=4656):
socket$inet_sctp(0x2, 0x1, 0x84)
io_uring_setup(0x4f01, &(0x7f0000000180)={0x0, 0x3, 0x10000, 0x1, 0x237})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
getpeername$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0xc000000)
socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'sit0\x00'})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r5, 0x0, 0x6}, 0x18)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r6, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}}}}, 0x32)
writev(r6, &(0x7f0000000580)=[{&(0x7f0000000380)="0a98bae3fb6520730413cf1f1328966066a5b606209e9b42cd35a6d4ef213f", 0x1f}, {&(0x7f0000000400)="22ec95c2b8b49b0946a779b4f6d072ec7620ef5c2310890e466a3fb2628a6f0ed035c87b", 0x24}, {&(0x7f0000000440)="9e211e3879994732768fad6000336a366c", 0x11}, {&(0x7f0000000500)="a3358904da306d6b4984afbeabfc1ce13e070280c8ba7423554620c78c5ef3e57e1ebf182b95454698745557c3cac78154dae703f3da3525f92251b84df0277917af9bfd3b634c25e44719935d691d2a33fd90208407217f7f60b9c237f2e344e24432d023a0f3fb60876ea796f1acf13bc0cbb17b2712706ebdf7497443", 0x7e}, {&(0x7f0000001040)="e38e9ddb7b573bc7200d4271f06a7015c263a778a05c9aea486cb17e8197e4a45686310889992b5f4df5a9d1432763bce33fc34a564be2cfd243d888ba25556d32cafefe9f7523dd1682d972364723174e765e5e9d22aa2fcfcc857a7c2938e7c72739aaf9a3befb442c4ab9e2c57230d5200b8df1a6680b0748fd1ffa881dba7888649c6e203b431dac9734cf2293eefb4e4588a2cb5a8bb024da3a59326f5a370c50b4cb964a9dba93c6e2decfbc81b8e51793e36283fe8b61170f0b8edd467f0c42443abd1ccc0f43020447e1b8ef4b441b94c99f85f17cd680b5187266f3671ad5a03c16a94ebb6b178b5ac99b34b81ca248a934d4bf2366ccc3805e0197ae472a8a55100f0c5cb68520f3573e423608e0f8d7e04edc45cd290ed63c21c179b20236e0c009a709f0cf03ec306254cf9fd880dfb654cb12ee211c3d2c2bd9eb0f8af9a735588220f71b07690d996e25604748b864fbc6fcca0ddecee38cdd352cfb4bb3a7ba6535f06a21bddfb0ee7f7e89ce440ca3edde3f916a2de7d94150e849a2ee574b1e24879086a0c8bdc48e68aaa4b66409159daa63594aea55f6f295726874388d13404b2e21e1d3e7652aa9f9c6d5baf26ead44a20c4d1e811f0c27f3e7c824dd4bda9cff382e4407768eb182d1f1fd2733840e321eddc684ee79501f4c0134e80aa13a827cd1fab06df6e7e39015606bef6e83f8757e4047b9f3d048388df0cc48147b2a968a01b2db7fb23b05c07b0a325d150375486c6feddd33444345fdc496f6d92a922c00701e529a370958603f6a61cc27c1e73113a7879fc37974da17db3ab98513c82f67eba49c8bb20b18a3157a696b5e24f8fa7dfcc23bc39ff32c1cd43e3cfd493ef94f41dda59ba74e9103d2e76febb8a2840675b18612686f6cf1e38711d59290a3bc801333a0edd0271d62fd104babf535ef8e8c67491ad9421f97761d9aa16d01a36c50f30f8a1f685ddfc5c6aa4a19baae8d6453f36a94b5379bf8fd85d2bf4e563f17b5e48d302fe493d8bcfac04bfe80fff24df0f12d4144e01b42014071b4803cbed8c1175cc0982f7c74dbaf4154e879479cae265ffd26823566d6443bc1ff9e0a632b9a10ee58a92c8b3624674832e8c1f675c3dc471975601a4b56015cbb32f9c80de2cbef416c768e430592f4d738273a742001aefad57857818a8265cbc329e86cad48993b42067d0572cac61632cf27e1c21b24ffccff8a5fb6623a3186ddbb13a3eed072e9fe4d123a6a0072024314855bb1f69bf3a1ea5b1b1af654a54d3165c9bd3b7edf04a34f01bd6a8fcc0b0cdbd5465347157d047a5945645a50d6d41fae15a03eeaa455eb7d2e4b37d0689ca7b745859e4e4ae7838afa083a2c163398ff0e8194772d622b6cab019e3f88baa43cd94f546c245f5cc27e0f8ce8a9970355fb42dfee43758ceb9667a715af264dfaa56f00e45d9d56af97a77f92720e726819ceab6a2542b3f5c55acd2792f12c50775cc9f5a964b97a2bded7e36a92e873ea10cc27a77ef711dbefd50c5145c942cbd5907beff3603eb500eabf1cb850d48bf01d7dcdeed6c1d23b589b0c61755c7a90aeb66c9c070725a546c86ed5e75ccc4e8215d074d2cb25501865ca2001106884c74b14917913aa88520d3a4d6ce69a1b57671a62d18c2fc27ef368c7a53fe199753865186c7e", 0x4ad}], 0x5)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x8200, &(0x7f0000000000)=ANY=[])
open(0x0, 0x4000, 0x1)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')

kernel console output (not intermixed with test programs):

ut journal. Quota mode: writeback.
[  262.032844][T14281] ext4 filesystem being mounted at /199/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.116270][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.194066][T14303] loop0: detected capacity change from 0 to 128
[  262.239817][T14305] loop2: detected capacity change from 0 to 1024
[  262.257319][T14303] syz.0.3986: attempt to access beyond end of device
[  262.257319][T14303] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  262.289019][T14305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.302359][T14312] loop1: detected capacity change from 0 to 1024
[  262.322264][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.322697][T14312] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.359505][T14315] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3991'.
[  262.379376][T14317] netlink: 118396 bytes leftover after parsing attributes in process `gtp'.
[  262.515581][T14326] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  262.633665][T14331] loop4: detected capacity change from 0 to 1024
[  262.645277][T14319] loop0: detected capacity change from 0 to 128
[  262.663240][T14331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.712955][T14331] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4115: comm syz.4.3997: Allocating blocks 385-513 which overlap fs metadata
[  262.731694][T14331] FAULT_INJECTION: forcing a failure.
[  262.731694][T14331] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  262.745008][T14331] CPU: 0 UID: 0 PID: 14331 Comm: syz.4.3997 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  262.745034][T14331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  262.745047][T14331] Call Trace:
[  262.745054][T14331]  <TASK>
[  262.745063][T14331]  dump_stack_lvl+0xf2/0x150
[  262.745148][T14331]  dump_stack+0x15/0x1a
[  262.745174][T14331]  should_fail_ex+0x24a/0x260
[  262.745210][T14331]  should_fail_alloc_page+0xfd/0x110
[  262.745281][T14331]  __alloc_frozen_pages_noprof+0x109/0x340
[  262.745320][T14331]  alloc_pages_mpol+0xb4/0x260
[  262.745424][T14331]  folio_alloc_noprof+0xee/0x140
[  262.745497][T14331]  filemap_alloc_folio_noprof+0x69/0x220
[  262.745541][T14331]  __filemap_get_folio+0x298/0x630
[  262.745639][T14331]  ext4_write_begin+0x18c/0xc30
[  262.745660][T14331]  ? __brelse+0x30/0x60
[  262.745729][T14331]  ? ext4_mark_iloc_dirty+0xd1c/0xd60
[  262.745761][T14331]  ext4_da_write_begin+0x1b6/0x540
[  262.745789][T14331]  generic_perform_write+0x1a8/0x4a0
[  262.745814][T14331]  ? __mark_inode_dirty+0x1b7/0x7e0
[  262.745931][T14331]  ext4_buffered_write_iter+0x1ed/0x3c0
[  262.745971][T14331]  ext4_file_write_iter+0x383/0xf20
[  262.746077][T14331]  ? 0xffffffff81000000
[  262.746124][T14331]  ? selinux_file_permission+0x22a/0x360
[  262.746191][T14331]  ? __rcu_read_unlock+0x4e/0x70
[  262.746217][T14331]  ? avc_policy_seqno+0x15/0x20
[  262.746314][T14331]  ? selinux_file_permission+0x22a/0x360
[  262.746362][T14331]  vfs_write+0x77b/0x920
[  262.746463][T14331]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  262.746573][T14331]  __x64_sys_pwrite64+0xf6/0x150
[  262.746602][T14331]  x64_sys_call+0xab0/0x2dc0
[  262.746701][T14331]  do_syscall_64+0xc9/0x1c0
[  262.746732][T14331]  ? clear_bhb_loop+0x55/0xb0
[  262.746757][T14331]  ? clear_bhb_loop+0x55/0xb0
[  262.746855][T14331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.746886][T14331] RIP: 0033:0x7fd772ded169
[  262.746900][T14331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.746918][T14331] RSP: 002b:00007fd771451038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  262.746937][T14331] RAX: ffffffffffffffda RBX: 00007fd773005fa0 RCX: 00007fd772ded169
[  262.747000][T14331] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: 0000000000000004
[  262.747015][T14331] RBP: 00007fd771451090 R08: 0000000000000000 R09: 0000000000000000
[  262.747029][T14331] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000001
[  262.747043][T14331] R13: 0000000000000000 R14: 00007fd773005fa0 R15: 00007ffc0d1aa6c8
[  262.747078][T14331]  </TASK>
[  262.747308][T14330] EXT4-fs (loop4): pa ffff8881054e95b0: logic 16, phys. 129, len 24
[  263.009853][T14330] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 8
[  263.031989][T14339] loop2: detected capacity change from 0 to 2048
[  263.058534][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.067954][T14341] loop0: detected capacity change from 0 to 1024
[  263.076072][T14341] EXT4-fs: Ignoring removed oldalloc option
[  263.084117][T14341] EXT4-fs: Ignoring removed i_version option
[  263.106709][T14343] loop4: detected capacity change from 0 to 1024
[  263.117904][T14339] Alternate GPT is invalid, using primary GPT.
[  263.125383][T14339]  loop2: p1 p2 p3
[  263.132207][T14343] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.145278][T14341] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.186121][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.220416][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.316013][T14352] loop0: detected capacity change from 0 to 512
[  263.334202][T14352] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  263.382738][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.402660][T14356] bridge0: port 3(vlan2) entered blocking state
[  263.409034][T14356] bridge0: port 3(vlan2) entered disabled state
[  263.415821][T14356] vlan2: entered allmulticast mode
[  263.421083][T14356] bridge0: entered allmulticast mode
[  263.437590][T14356] vlan2: left allmulticast mode
[  263.442585][T14356] bridge0: left allmulticast mode
[  263.463306][T14348] loop4: detected capacity change from 0 to 128
[  263.493740][T14365] loop0: detected capacity change from 0 to 1024
[  263.523582][T14365] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.534922][T14368] loop2: detected capacity change from 0 to 1024
[  263.542331][T14368] EXT4-fs: Ignoring removed oldalloc option
[  263.548584][T14368] EXT4-fs: Ignoring removed i_version option
[  263.586275][T14358] loop1: detected capacity change from 0 to 2048
[  263.593454][T14368] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.637365][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.656791][T14358] Alternate GPT is invalid, using primary GPT.
[  263.664559][T14358]  loop1: p1 p2 p3
[  263.689491][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.743730][T14385] loop4: detected capacity change from 0 to 1024
[  263.773712][T14385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.889910][T14381] loop2: detected capacity change from 0 to 128
[  263.927614][T14397] loop0: detected capacity change from 0 to 1024
[  263.956835][T14400] tmpfs: Unknown parameter 'kmem_cache_free'
[  263.970063][T14397] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.995061][T14402] loop2: detected capacity change from 0 to 1024
[  264.013218][T14402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.105091][T14406] tmpfs: Unknown parameter 'kmem_cache_free'
[  264.144637][T14407] tmpfs: Unknown parameter 'kfree'
[  264.895421][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.944445][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.963900][T14413] loop1: detected capacity change from 0 to 512
[  264.978109][T14412] loop4: detected capacity change from 0 to 1024
[  265.010289][T14412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.044224][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.099518][T14413] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4025: Failed to acquire dquot type 1
[  265.170746][T14428] tmpfs: Unknown parameter 'kmem_cache_free'
[  265.240034][T14432] loop3: detected capacity change from 0 to 512
[  265.248289][T14432] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  265.302313][T14413] EXT4-fs (loop1): 1 truncate cleaned up
[  265.334138][T14413] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.382356][T14413] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.411522][T14422] loop0: detected capacity change from 0 to 2048
[  265.418177][T14437] loop2: detected capacity change from 0 to 1024
[  265.421091][T14437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.478097][T14422] Alternate GPT is invalid, using primary GPT.
[  265.484950][T14422]  loop0: p1 p2 p3
[  265.582507][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.623797][T14440] tmpfs: Unknown parameter 'kmem_cache_free'
[  265.698333][T14443] loop0: detected capacity change from 0 to 1024
[  265.719992][T14443] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.733704][T14441] loop3: detected capacity change from 0 to 128
[  265.790835][T14446] loop1: detected capacity change from 0 to 1024
[  265.797627][T14446] EXT4-fs: Ignoring removed oldalloc option
[  265.803755][T14446] EXT4-fs: Ignoring removed i_version option
[  265.962928][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.004682][T14450] tmpfs: Unknown parameter 'kfree'
[  266.015579][T14446] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.042798][T14453] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4039'.
[  266.131863][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.220040][   T30] kauditd_printk_skb: 220 callbacks suppressed
[  266.220058][   T30] audit: type=1400 audit(1741794096.535:8673): avc:  denied  { create } for  pid=14454 comm="syz.4.4038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  266.275827][T14466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.284836][T14466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.296564][   T30] audit: type=1400 audit(1741794096.591:8674): avc:  denied  { ioctl } for  pid=14454 comm="syz.4.4038" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  266.307834][T14466] syz.4.4038 uses obsolete (PF_INET,SOCK_PACKET)
[  266.323959][T14462] loop1: detected capacity change from 0 to 128
[  266.355043][T14458] loop3: detected capacity change from 0 to 128
[  266.371451][T14462] syz.1.4040: attempt to access beyond end of device
[  266.371451][T14462] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  266.481740][T14477] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4042'.
[  266.556710][T14488] loop1: detected capacity change from 0 to 512
[  266.563878][T14488] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  266.580660][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.634718][   T30] audit: type=1326 audit(1741794096.918:8675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.2.4045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648127d169 code=0x7ffc0000
[  266.658514][   T30] audit: type=1326 audit(1741794096.918:8676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.2.4045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f648127d169 code=0x7ffc0000
[  266.682023][   T30] audit: type=1326 audit(1741794096.918:8677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.2.4045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648127d169 code=0x7ffc0000
[  266.705680][   T30] audit: type=1326 audit(1741794096.918:8678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.2.4045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f648127d169 code=0x7ffc0000
[  266.729390][   T30] audit: type=1326 audit(1741794096.918:8679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.2.4045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648127d169 code=0x7ffc0000
[  266.763012][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.802530][T14513] loop0: detected capacity change from 0 to 1024
[  266.809393][T14513] EXT4-fs: Ignoring removed oldalloc option
[  266.815421][T14513] EXT4-fs: Ignoring removed i_version option
[  266.829731][T14513] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.845043][T14523] netlink: 'syz.1.4048': attribute type 13 has an invalid length.
[  266.853309][T14523] gretap0: refused to change device tx_queue_len
[  266.859732][T14523] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  266.891171][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.900246][T14518] loop2: detected capacity change from 0 to 128
[  266.921963][   T30] audit: type=1400 audit(1741794097.189:8680): avc:  denied  { setopt } for  pid=14529 comm="syz.0.4051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  266.944068][T14531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.948343][T14518] syz.2.4050: attempt to access beyond end of device
[  266.948343][T14518] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  266.953548][T14531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.974351][   T30] audit: type=1400 audit(1741794097.208:8681): avc:  denied  { read write } for  pid=14529 comm="syz.0.4051" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  266.998146][   T30] audit: type=1400 audit(1741794097.208:8682): avc:  denied  { open } for  pid=14529 comm="syz.0.4051" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  267.179970][T14544] loop2: detected capacity change from 0 to 128
[  267.259873][T14578] loop2: detected capacity change from 0 to 1024
[  267.271265][T14578] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.402657][T14604] tmpfs: Unknown parameter 'kmem_cache_free'
[  267.691539][T14645] loop0: detected capacity change from 0 to 512
[  267.705609][T14645] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4056: bg 0: block 248: padding at end of block bitmap is not set
[  267.724810][T14645] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4056: Failed to acquire dquot type 1
[  267.738210][T14645] EXT4-fs (loop0): 1 truncate cleaned up
[  267.744303][T14645] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.756963][T14645] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  267.780086][T14651] loop1: detected capacity change from 0 to 512
[  267.786618][T14651] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  267.970438][T14655] loop1: detected capacity change from 0 to 128
[  268.045184][T14658] loop1: detected capacity change from 0 to 1024
[  268.051900][T14658] EXT4-fs: Ignoring removed oldalloc option
[  268.057956][T14658] EXT4-fs: Ignoring removed i_version option
[  268.070110][T14658] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.101880][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.151103][T14664] loop1: detected capacity change from 0 to 512
[  268.170126][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.180342][T14664] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4063: Failed to acquire dquot type 1
[  268.192509][T14664] EXT4-fs (loop1): 1 truncate cleaned up
[  268.199052][T14664] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.200866][T14668] bridge0: port 3(vlan2) entered blocking state
[  268.211721][T14664] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.218052][T14668] bridge0: port 3(vlan2) entered disabled state
[  268.236156][T14668] vlan2: entered allmulticast mode
[  268.241428][T14668] bridge0: entered allmulticast mode
[  268.247596][T14668] vlan2: left allmulticast mode
[  268.252621][T14668] bridge0: left allmulticast mode
[  268.258636][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.328904][T14674] loop2: detected capacity change from 0 to 512
[  268.336732][T14674] EXT4-fs: Ignoring removed i_version option
[  268.343215][T14674] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  268.355122][T14674] EXT4-fs (loop2): 1 truncate cleaned up
[  268.361396][T14674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.416647][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.439381][T14678] loop2: detected capacity change from 0 to 512
[  268.464021][T14678] EXT4-fs: Ignoring removed i_version option
[  268.470209][T14670] loop1: detected capacity change from 0 to 128
[  268.470755][T14678] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  268.488652][T14672] loop4: detected capacity change from 0 to 128
[  268.543906][T14678] EXT4-fs (loop2): 1 truncate cleaned up
[  268.551827][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.564033][T14683] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4069'.
[  268.564152][T14678] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.610351][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.620807][T14686] loop0: detected capacity change from 0 to 512
[  268.645501][T14688] loop2: detected capacity change from 0 to 1024
[  268.652677][T14686] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  268.663640][T14688] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.828930][T14698] loop0: detected capacity change from 0 to 512
[  268.844486][T14697] tmpfs: Unknown parameter 'kfree'
[  268.904491][T14698] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4074: Failed to acquire dquot type 1
[  268.981147][T14698] EXT4-fs (loop0): 1 truncate cleaned up
[  269.001245][T14698] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.091891][T14698] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  269.135073][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.363654][T14709] loop1: detected capacity change from 0 to 512
[  269.375102][T14709] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4077: bg 0: block 16: invalid block bitmap
[  269.463985][T14709] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  269.473028][T14709] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4077: invalid indirect mapped block 5 (level 0)
[  269.489647][T14709] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4077: invalid indirect mapped block 4294967295 (level 1)
[  269.527938][T14709] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4077: invalid indirect mapped block 4294967295 (level 2)
[  269.543295][T14709] EXT4-fs (loop1): 1 truncate cleaned up
[  269.549518][T14709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.684179][T14719] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  269.769599][T14715] loop2: detected capacity change from 0 to 128
[  269.776109][T14713] loop1: detected capacity change from 0 to 128
[  269.878999][T14729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.887572][T14729] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.892671][T14732] loop3: detected capacity change from 0 to 1024
[  269.925429][T14733] loop1: detected capacity change from 0 to 512
[  269.933762][T14733] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4085: bg 0: block 16: invalid block bitmap
[  269.946717][T14733] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  269.955781][T14733] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4085: invalid indirect mapped block 5 (level 0)
[  269.969240][T14733] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4085: invalid indirect mapped block 4294967295 (level 1)
[  269.984310][T14733] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4085: invalid indirect mapped block 4294967295 (level 2)
[  270.001165][T14733] EXT4-fs (loop1): 1 truncate cleaned up
[  270.017753][T14740] loop0: detected capacity change from 0 to 1024
[  270.050457][T14742] loop1: detected capacity change from 0 to 1024
[  270.175103][T14747] tmpfs: Unknown parameter 'kfree'
[  270.217272][T14748] tmpfs: Unknown parameter 'kmem_cache_free'
[  270.475959][T14750] loop2: detected capacity change from 0 to 512
[  270.486292][T14750] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  270.494659][T14750] EXT4-fs (loop2): orphan cleanup on readonly fs
[  270.501438][T14750] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4091: Failed to acquire dquot type 1
[  270.514292][T14750] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4091: bg 0: block 40: padding at end of block bitmap is not set
[  270.529418][T14750] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  270.538480][T14750] EXT4-fs (loop2): 1 truncate cleaned up
[  270.856795][T14763] loop3: detected capacity change from 0 to 1024
[  270.864311][T14763] EXT4-fs: Ignoring removed oldalloc option
[  270.872239][T14763] EXT4-fs: Ignoring removed i_version option
[  271.067734][T14771] process 'syz.1.4098' launched './file1' with NULL argv: empty string added
[  271.149796][T14773] loop1: detected capacity change from 0 to 512
[  271.160292][T14773] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4100: bg 0: block 16: invalid block bitmap
[  271.196444][T14775] loop2: detected capacity change from 0 to 8192
[  271.208503][T14769] loop3: detected capacity change from 0 to 2048
[  271.210262][T14773] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  271.224108][T14773] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4100: invalid indirect mapped block 5 (level 0)
[  271.237821][T14773] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4100: invalid indirect mapped block 4294967295 (level 1)
[  271.252110][T14767] loop0: detected capacity change from 0 to 128
[  271.258946][T14775]  loop2: p2 p3
[  271.265676][T14769] Alternate GPT is invalid, using primary GPT.
[  271.272941][T14769]  loop3: p1 p2 p3
[  271.288105][T14773] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4100: invalid indirect mapped block 4294967295 (level 2)
[  271.312995][T14773] EXT4-fs (loop1): 1 truncate cleaned up
[  271.384601][T14779] loop0: detected capacity change from 0 to 128
[  271.433649][T14779] syz.0.4102: attempt to access beyond end of device
[  271.433649][T14779] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  271.476495][T14787] loop1: detected capacity change from 0 to 512
[  271.495482][T14787] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  271.504079][T14787] EXT4-fs (loop1): orphan cleanup on readonly fs
[  271.521089][T14787] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4106: Failed to acquire dquot type 1
[  271.550105][T14787] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4106: bg 0: block 40: padding at end of block bitmap is not set
[  271.576113][T14787] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  271.578755][T14781] loop2: detected capacity change from 0 to 2048
[  271.593623][T14787] EXT4-fs (loop1): 1 truncate cleaned up
[  271.631060][T14794] loop0: detected capacity change from 0 to 1024
[  271.656235][T14781] Alternate GPT is invalid, using primary GPT.
[  271.663473][T14781]  loop2: p1 p2 p3
[  271.669653][T14789] loop3: detected capacity change from 0 to 128
[  271.787287][T14803] tmpfs: Unknown parameter 'kmem_cache_free'
[  271.896425][   T30] kauditd_printk_skb: 157 callbacks suppressed
[  271.896443][   T30] audit: type=1400 audit(1741794101.848:8830): avc:  denied  { read } for  pid=2983 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  271.924747][   T30] audit: type=1400 audit(1741794101.848:8831): avc:  denied  { search } for  pid=2983 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  271.946400][   T30] audit: type=1400 audit(1741794101.848:8832): avc:  denied  { append } for  pid=2983 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  271.968695][   T30] audit: type=1400 audit(1741794101.848:8833): avc:  denied  { open } for  pid=2983 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  271.968737][   T30] audit: type=1400 audit(1741794101.848:8834): avc:  denied  { getattr } for  pid=2983 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  272.091562][T14813] loop1: detected capacity change from 0 to 512
[  272.148067][T14813] Quota error (device loop1): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[  272.148098][T14813] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  272.148120][T14813] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4112: Failed to acquire dquot type 1
[  272.213008][T14810] loop3: detected capacity change from 0 to 128
[  272.241817][T14813] EXT4-fs (loop1): 1 truncate cleaned up
[  272.242449][T14813] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.314579][T14818] loop4: detected capacity change from 0 to 512
[  272.333612][T14818] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4115: bg 0: block 16: invalid block bitmap
[  272.333740][T14818] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  272.333878][T14818] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4115: invalid indirect mapped block 5 (level 0)
[  272.334057][T14818] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4115: invalid indirect mapped block 4294967295 (level 1)
[  272.334193][T14818] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4115: invalid indirect mapped block 4294967295 (level 2)
[  272.334513][T14818] EXT4-fs (loop4): 1 truncate cleaned up
[  272.577030][   T30] audit: type=1326 audit(1741794102.456:8835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.3.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f93cd169 code=0x7ffc0000
[  272.600836][   T30] audit: type=1326 audit(1741794102.456:8836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.3.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f93cd169 code=0x7ffc0000
[  272.624442][   T30] audit: type=1326 audit(1741794102.465:8837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.3.4118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26f93cd169 code=0x7ffc0000
[  272.648700][T14828] loop2: detected capacity change from 0 to 1024
[  272.657849][T14828] EXT4-fs: Ignoring removed oldalloc option
[  272.663894][T14828] EXT4-fs: Ignoring removed i_version option
[  272.737059][T14834] loop0: detected capacity change from 0 to 512
[  272.750848][T14834] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  272.759362][T14834] EXT4-fs (loop0): orphan cleanup on readonly fs
[  272.766438][T14834] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4122: Failed to acquire dquot type 1
[  272.779174][T14834] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4122: bg 0: block 40: padding at end of block bitmap is not set
[  272.794448][T14834] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  272.804781][T14834] EXT4-fs (loop0): 1 truncate cleaned up
[  272.860340][T14841] loop1: detected capacity change from 0 to 1024
[  272.867558][T14841] EXT4-fs: Ignoring removed oldalloc option
[  272.874004][T14841] EXT4-fs: Ignoring removed i_version option
[  272.897934][T14830] loop3: detected capacity change from 0 to 2048
[  272.930611][T14848] loop2: detected capacity change from 0 to 512
[  272.954576][T14848] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  272.963362][T14848] EXT4-fs (loop2): orphan cleanup on readonly fs
[  272.968060][T14830] Alternate GPT is invalid, using primary GPT.
[  272.970667][T14848] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4126: Failed to acquire dquot type 1
[  272.976554][T14830]  loop3: p1 p2 p3
[  272.989093][T14848] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4126: bg 0: block 40: padding at end of block bitmap is not set
[  273.007089][T14848] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  273.016497][T14848] EXT4-fs (loop2): 1 truncate cleaned up
[  273.037459][T14852] loop0: detected capacity change from 0 to 1024
[  273.044577][T14852] EXT4-fs: Ignoring removed oldalloc option
[  273.050717][T14852] EXT4-fs: Ignoring removed i_version option
[  273.079867][T14853] loop1: detected capacity change from 0 to 1024
[  273.151963][T14865] loop0: detected capacity change from 0 to 1024
[  273.221211][T14873] loop2: detected capacity change from 0 to 2048
[  273.233064][T14873] ext4 filesystem being mounted at /222/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.249168][T14876] tmpfs: Unknown parameter 'kmem_cache_free'
[  273.331078][T14878] tmpfs: Unknown parameter 'kmem_cache_free'
[  273.546970][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set
[  273.597011][T14886] loop3: detected capacity change from 0 to 512
[  273.607120][T14886] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  273.629009][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  273.641813][   T51] EXT4-fs (loop2): This should not happen!! Data will be lost
[  273.641813][   T51] 
[  273.774802][  T373] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  273.787576][  T373] EXT4-fs (loop2): This should not happen!! Data will be lost
[  273.787576][  T373] 
[  273.797233][  T373] EXT4-fs (loop2): Total free blocks count 0
[  273.803244][  T373] EXT4-fs (loop2): Free/Dirty block details
[  273.809309][  T373] EXT4-fs (loop2): free_blocks=0
[  273.814259][  T373] EXT4-fs (loop2): dirty_blocks=2048
[  273.819576][  T373] EXT4-fs (loop2): Block reservation details
[  273.825579][  T373] EXT4-fs (loop2): i_reserved_data_blocks=128
[  273.859852][T14888] loop3: detected capacity change from 0 to 2048
[  273.951348][T14888] Alternate GPT is invalid, using primary GPT.
[  273.958649][T14888]  loop3: p1 p2 p3
[  274.003012][T14884] loop4: detected capacity change from 0 to 2048
[  274.072371][T14884] Alternate GPT is invalid, using primary GPT.
[  274.079796][T14884]  loop4: p1 p2 p3
[  274.086476][T14891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.094998][T14891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.217284][T14906] loop2: detected capacity change from 0 to 512
[  274.235798][T14906] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  274.237595][T14908] loop4: detected capacity change from 0 to 1024
[  274.283845][T14908] EXT4-fs: Ignoring removed oldalloc option
[  274.304769][T14908] EXT4-fs: Ignoring removed i_version option
[  274.329866][T14913] loop0: detected capacity change from 0 to 512
[  274.353045][T14896] loop3: detected capacity change from 0 to 128
[  274.415883][T14913] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4147: Failed to acquire dquot type 1
[  274.443308][T14913] EXT4-fs (loop0): 1 truncate cleaned up
[  274.449526][T14913] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.470553][T14922] loop4: detected capacity change from 0 to 1024
[  274.598796][T14930] loop3: detected capacity change from 0 to 512
[  274.599066][T14931] tmpfs: Unknown parameter 'kmem_cache_free'
[  274.616160][T14930] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4155: bg 0: block 16: invalid block bitmap
[  274.642803][T14930] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  274.651772][T14930] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4155: invalid indirect mapped block 5 (level 0)
[  274.665630][T14930] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4155: invalid indirect mapped block 4294967295 (level 1)
[  274.680261][T14930] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4155: invalid indirect mapped block 4294967295 (level 2)
[  274.694923][T14930] EXT4-fs (loop3): 1 truncate cleaned up
[  274.792645][T14942] loop1: detected capacity change from 0 to 1024
[  274.943170][T14952] loop3: detected capacity change from 0 to 512
[  274.965529][T14952] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4162: Failed to acquire dquot type 1
[  275.013287][T14958] loop0: detected capacity change from 0 to 1024
[  275.030541][T14952] EXT4-fs (loop3): 1 truncate cleaned up
[  275.048767][T14952] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  275.186928][T14961] tmpfs: Unknown parameter 'kmem_cache_free'
[  275.399032][T14969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.419109][T14969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.530224][T14977] loop4: detected capacity change from 0 to 1024
[  275.537115][T14977] EXT4-fs: Ignoring removed oldalloc option
[  275.547909][T14977] EXT4-fs: Ignoring removed i_version option
[  275.564490][T14979] loop3: detected capacity change from 0 to 1024
[  275.762248][T14991] loop4: detected capacity change from 0 to 1024
[  275.791014][T14994] loop1: detected capacity change from 0 to 256
[  275.923007][T14997] tmpfs: Unknown parameter 'kmem_cache_free'
[  276.002102][T15000] loop2: detected capacity change from 0 to 1024
[  276.010832][T14998] loop1: detected capacity change from 0 to 128
[  276.021517][T15000] EXT4-fs: Ignoring removed oldalloc option
[  276.030681][T15000] EXT4-fs: Ignoring removed i_version option
[  276.157516][T14998] syz.1.4180: attempt to access beyond end of device
[  276.157516][T14998] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  276.441004][T15025] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4192'.
[  276.493388][T15029] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  276.630493][T15036] loop3: detected capacity change from 0 to 128
[  276.645036][T15037] loop2: detected capacity change from 0 to 1024
[  276.651778][T15037] EXT4-fs: Ignoring removed oldalloc option
[  276.659545][T15037] EXT4-fs: Ignoring removed i_version option
[  276.741817][T15036] syz.3.4196: attempt to access beyond end of device
[  276.741817][T15036] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  276.871361][T15060] 9pnet_fd: Insufficient options for proto=fd
[  277.051339][T15073] loop0: detected capacity change from 0 to 128
[  277.059745][T15054] loop2: detected capacity change from 0 to 2048
[  277.082692][T15074] loop3: detected capacity change from 0 to 512
[  277.116806][T15073] syz.0.4213: attempt to access beyond end of device
[  277.116806][T15073] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  277.135379][T15074] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4211: Failed to acquire dquot type 1
[  277.229428][T15074] EXT4-fs (loop3): 1 truncate cleaned up
[  277.240614][T15054] Alternate GPT is invalid, using primary GPT.
[  277.249157][T15054]  loop2: p1 p2 p3
[  277.258952][T15074] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.299856][   T30] kauditd_printk_skb: 296 callbacks suppressed
[  277.299891][   T30] audit: type=1326 audit(1741794106.899:9124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.336416][   T30] audit: type=1326 audit(1741794106.899:9125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.360519][   T30] audit: type=1326 audit(1741794106.908:9126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.383985][   T30] audit: type=1326 audit(1741794106.908:9127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.407525][   T30] audit: type=1326 audit(1741794106.908:9128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.431138][   T30] audit: type=1326 audit(1741794106.908:9129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.454680][   T30] audit: type=1326 audit(1741794106.908:9130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.478234][   T30] audit: type=1326 audit(1741794106.908:9131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15079 comm="syz.0.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.527918][T15082] loop1: detected capacity change from 0 to 512
[  277.536139][T15082] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  277.545029][   T30] audit: type=1326 audit(1741794107.133:9132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15085 comm="syz.0.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafefbed169 code=0x7ffc0000
[  277.568586][   T30] audit: type=1400 audit(1741794107.133:9134): avc:  denied  { connect } for  pid=15083 comm="syz.2.4217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  277.577729][T15084] loop2: detected capacity change from 0 to 128
[  277.670904][T15090] netlink: 'syz.1.4221': attribute type 1 has an invalid length.
[  277.693936][T15091] netlink: 'syz.0.4220': attribute type 13 has an invalid length.
[  277.707347][T15084] syz.2.4217: attempt to access beyond end of device
[  277.707347][T15084] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  277.716770][T15094] loop3: detected capacity change from 0 to 2048
[  277.730640][T15091] gretap0: refused to change device tx_queue_len
[  277.737108][T15091] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  277.827022][T15099] loop3: detected capacity change from 0 to 256
[  277.979151][T15113] FAULT_INJECTION: forcing a failure.
[  277.979151][T15113] name failslab, interval 1, probability 0, space 0, times 0
[  277.991836][T15113] CPU: 0 UID: 0 PID: 15113 Comm: syz.3.4229 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  277.991893][T15113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  277.991908][T15113] Call Trace:
[  277.991948][T15113]  <TASK>
[  277.991957][T15113]  dump_stack_lvl+0xf2/0x150
[  277.991992][T15113]  dump_stack+0x15/0x1a
[  277.992018][T15113]  should_fail_ex+0x24a/0x260
[  277.992153][T15113]  should_failslab+0x8f/0xb0
[  277.992191][T15113]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  277.992239][T15113]  ? __d_alloc+0x3d/0x350
[  277.992268][T15113]  __d_alloc+0x3d/0x350
[  277.992290][T15113]  d_alloc_pseudo+0x1e/0x80
[  277.992311][T15113]  alloc_file_pseudo+0x73/0x160
[  277.992407][T15113]  __shmem_file_setup+0x1bb/0x1f0
[  277.992559][T15113]  shmem_file_setup+0x3b/0x50
[  277.992577][T15113]  __se_sys_memfd_create+0x2e1/0x5a0
[  277.992608][T15113]  __x64_sys_memfd_create+0x31/0x40
[  277.992637][T15113]  x64_sys_call+0x2d4c/0x2dc0
[  277.992662][T15113]  do_syscall_64+0xc9/0x1c0
[  277.992759][T15113]  ? clear_bhb_loop+0x55/0xb0
[  277.992836][T15113]  ? clear_bhb_loop+0x55/0xb0
[  277.992863][T15113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.992897][T15113] RIP: 0033:0x7f26f93cd169
[  277.992916][T15113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.992937][T15113] RSP: 002b:00007f26f7a30e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  277.993009][T15113] RAX: ffffffffffffffda RBX: 0000000000000538 RCX: 00007f26f93cd169
[  277.993052][T15113] RDX: 00007f26f7a30ef0 RSI: 0000000000000000 RDI: 00007f26f944ec3c
[  277.993067][T15113] RBP: 0000400000000600 R08: 00007f26f7a30bb7 R09: 00007f26f7a30e40
[  277.993083][T15113] R10: 000000000000000a R11: 0000000000000202 R12: 0000400000000580
[  277.993095][T15113] R13: 00007f26f7a30ef0 R14: 00007f26f7a30eb0 R15: 00004000000005c0
[  277.993116][T15113]  </TASK>
[  278.215595][T15117] loop4: detected capacity change from 0 to 1024
[  278.225191][T15117] EXT4-fs: Ignoring removed oldalloc option
[  278.229324][T15119] loop3: detected capacity change from 0 to 1024
[  278.238822][T15117] EXT4-fs: Ignoring removed i_version option
[  278.246592][T15119] EXT4-fs: Ignoring removed oldalloc option
[  278.253175][T15119] EXT4-fs: Ignoring removed i_version option
[  278.359689][T15101] loop2: detected capacity change from 0 to 128
[  278.536213][T15136] loop1: detected capacity change from 0 to 512
[  278.545995][T15136] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4236: bg 0: block 16: invalid block bitmap
[  278.558967][T15136] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  278.561227][T15141] loop0: detected capacity change from 0 to 256
[  278.579392][T15136] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4236: invalid indirect mapped block 5 (level 0)
[  278.608015][T15139] loop3: detected capacity change from 0 to 128
[  278.617407][T15136] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4236: invalid indirect mapped block 4294967295 (level 1)
[  278.633485][T15136] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4236: invalid indirect mapped block 4294967295 (level 2)
[  278.648511][T15136] EXT4-fs (loop1): 1 truncate cleaned up
[  278.782151][T15138] loop2: detected capacity change from 0 to 32768
[  278.815775][T15153] loop1: detected capacity change from 0 to 128
[  278.910368][T15153] syz.1.4244: attempt to access beyond end of device
[  278.910368][T15153] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  278.923653][T15160] loop3: detected capacity change from 0 to 128
[  278.973782][T15160] syz.3.4246: attempt to access beyond end of device
[  278.973782][T15160] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  279.149205][T15183] loop1: detected capacity change from 0 to 512
[  279.156222][T15170] loop2: detected capacity change from 0 to 512
[  279.176261][T15183] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  279.177012][T15170] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4251: bg 0: block 16: invalid block bitmap
[  279.184617][T15183] EXT4-fs (loop1): orphan cleanup on readonly fs
[  279.204603][T15170] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  279.206295][T15183] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4256: Failed to acquire dquot type 1
[  279.224718][T15188] loop0: detected capacity change from 0 to 512
[  279.226258][T15183] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4256: bg 0: block 40: padding at end of block bitmap is not set
[  279.233364][T15170] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4251: invalid indirect mapped block 5 (level 0)
[  279.247493][T15183] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  279.259731][T15170] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4251: invalid indirect mapped block 4294967295 (level 1)
[  279.269663][T15188] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4258: bg 0: block 16: invalid block bitmap
[  279.281985][T15183] EXT4-fs (loop1): 1 truncate cleaned up
[  279.295215][T15188] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  279.299173][T15170] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4251: invalid indirect mapped block 4294967295 (level 2)
[  279.324283][T15170] EXT4-fs (loop2): 1 truncate cleaned up
[  279.327123][T15188] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4258: invalid indirect mapped block 5 (level 0)
[  279.344472][T15188] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4258: invalid indirect mapped block 4294967295 (level 1)
[  279.360838][T15188] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4258: invalid indirect mapped block 4294967295 (level 2)
[  279.375976][T15188] EXT4-fs (loop0): 1 truncate cleaned up
[  279.413429][T15196] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4260'.
[  279.489123][T15200] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4263'.
[  279.560961][T15215] FAULT_INJECTION: forcing a failure.
[  279.560961][T15215] name failslab, interval 1, probability 0, space 0, times 0
[  279.573790][T15215] CPU: 0 UID: 0 PID: 15215 Comm: syz.0.4271 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  279.573820][T15215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  279.573837][T15215] Call Trace:
[  279.573853][T15215]  <TASK>
[  279.573861][T15215]  dump_stack_lvl+0xf2/0x150
[  279.573894][T15215]  dump_stack+0x15/0x1a
[  279.573919][T15215]  should_fail_ex+0x24a/0x260
[  279.573961][T15215]  should_failslab+0x8f/0xb0
[  279.574000][T15215]  kmem_cache_alloc_node_noprof+0x59/0x320
[  279.574078][T15215]  ? __alloc_skb+0x10b/0x310
[  279.574172][T15215]  __alloc_skb+0x10b/0x310
[  279.574256][T15215]  netlink_alloc_large_skb+0xad/0xe0
[  279.574294][T15215]  netlink_sendmsg+0x3b4/0x6e0
[  279.574338][T15215]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.574377][T15215]  __sock_sendmsg+0x140/0x180
[  279.574431][T15215]  ____sys_sendmsg+0x326/0x4b0
[  279.574464][T15215]  __sys_sendmsg+0x19d/0x230
[  279.574506][T15215]  __x64_sys_sendmsg+0x46/0x50
[  279.574582][T15215]  x64_sys_call+0x2734/0x2dc0
[  279.574615][T15215]  do_syscall_64+0xc9/0x1c0
[  279.574654][T15215]  ? clear_bhb_loop+0x55/0xb0
[  279.574720][T15215]  ? clear_bhb_loop+0x55/0xb0
[  279.574752][T15215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.574867][T15215] RIP: 0033:0x7fafefbed169
[  279.574886][T15215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.574908][T15215] RSP: 002b:00007fafee257038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.574949][T15215] RAX: ffffffffffffffda RBX: 00007fafefe05fa0 RCX: 00007fafefbed169
[  279.574964][T15215] RDX: 0000000000040800 RSI: 00004000000002c0 RDI: 0000000000000004
[  279.574979][T15215] RBP: 00007fafee257090 R08: 0000000000000000 R09: 0000000000000000
[  279.574994][T15215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.575009][T15215] R13: 0000000000000000 R14: 00007fafefe05fa0 R15: 00007ffd25f52928
[  279.575032][T15215]  </TASK>
[  279.776886][T15215] loop0: detected capacity change from 0 to 2048
[  279.810738][T15221] loop1: detected capacity change from 0 to 512
[  279.822806][T15221] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.4273: bg 0: block 16: invalid block bitmap
[  279.835620][T15221] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  279.848311][T15221] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4273: invalid indirect mapped block 5 (level 0)
[  279.867244][T15224] loop0: detected capacity change from 0 to 512
[  279.875056][T15221] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4273: invalid indirect mapped block 4294967295 (level 1)
[  279.890495][T15224] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  279.897178][T15221] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4273: invalid indirect mapped block 4294967295 (level 2)
[  279.907857][T15224] EXT4-fs (loop0): orphan cleanup on readonly fs
[  279.912733][T15221] EXT4-fs (loop1): 1 truncate cleaned up
[  279.923801][T15224] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4274: Failed to acquire dquot type 1
[  279.937061][T15224] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4274: bg 0: block 40: padding at end of block bitmap is not set
[  279.937091][T15219] loop3: detected capacity change from 0 to 128
[  279.951922][T15224] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  279.968805][T15224] EXT4-fs (loop0): 1 truncate cleaned up
[  279.999703][T15228] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4275'.
[  280.068830][T15237] loop1: detected capacity change from 0 to 128
[  280.078199][T15237] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8)
[  280.086484][T15237] FAT-fs (loop1): Filesystem has been set read-only
[  280.093359][T15237] FAT-fs (loop1): error, corrupted file size (i_pos 548, 522)
[  280.226285][T15252] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4286'.
[  280.272580][T15246] loop0: detected capacity change from 0 to 2048
[  280.331009][T15246] Alternate GPT is invalid, using primary GPT.
[  280.338481][T15246]  loop0: p1 p2 p3
[  280.416850][T15256] loop1: detected capacity change from 0 to 128
[  280.482858][T15262] loop0: detected capacity change from 0 to 256
[  280.520391][T15264] loop1: detected capacity change from 0 to 128
[  280.546190][T15258] loop2: detected capacity change from 0 to 128
[  280.567821][T15264] syz.1.4291: attempt to access beyond end of device
[  280.567821][T15264] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  280.659327][T15280] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4297'.
[  280.692292][T15285] loop2: detected capacity change from 0 to 1024
[  280.699700][T15285] EXT4-fs: Ignoring removed oldalloc option
[  280.705837][T15285] EXT4-fs: Ignoring removed i_version option
[  280.714249][T15286] netlink: 'syz.0.4296': attribute type 13 has an invalid length.
[  280.723992][T15286] gretap0: refused to change device tx_queue_len
[  280.730411][T15286] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  280.777915][T15291] loop2: detected capacity change from 0 to 128
[  280.799400][T15291] syz.2.4301: attempt to access beyond end of device
[  280.799400][T15291] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  280.838349][T15295] loop2: detected capacity change from 0 to 256
[  280.908982][T15300] loop2: detected capacity change from 0 to 128
[  280.939710][T15300] syz.2.4304: attempt to access beyond end of device
[  280.939710][T15300] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  281.005285][T15306] loop2: detected capacity change from 0 to 128
[  281.011772][T15304] loop3: detected capacity change from 0 to 512
[  281.029034][T15306] syz.2.4307: attempt to access beyond end of device
[  281.029034][T15306] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  281.033055][T15304] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4306: bg 0: block 16: invalid block bitmap
[  281.056651][T15304] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  281.065559][T15304] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4306: invalid indirect mapped block 5 (level 0)
[  281.079155][T15304] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4306: invalid indirect mapped block 4294967295 (level 1)
[  281.095385][T15304] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4306: invalid indirect mapped block 4294967295 (level 2)
[  281.111578][T15304] EXT4-fs (loop3): 1 truncate cleaned up
[  281.148158][T15313] loop3: detected capacity change from 0 to 1024
[  281.156323][T15313] EXT4-fs: Ignoring removed oldalloc option
[  281.159070][T15315] loop2: detected capacity change from 0 to 1024
[  281.162333][T15313] EXT4-fs: Ignoring removed i_version option
[  281.173885][T15315] EXT4-fs: Ignoring removed oldalloc option
[  281.180613][T15315] EXT4-fs: Ignoring removed i_version option
[  281.243097][T15321] loop3: detected capacity change from 0 to 128
[  281.266187][T15321] syz.3.4312: attempt to access beyond end of device
[  281.266187][T15321] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  281.328173][T15331] loop2: detected capacity change from 0 to 512
[  281.337518][T15331] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  281.345736][T15331] EXT4-fs (loop2): orphan cleanup on readonly fs
[  281.352599][T15331] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4317: Failed to acquire dquot type 1
[  281.354007][T15336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.364822][T15331] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4317: bg 0: block 40: padding at end of block bitmap is not set
[  281.372452][T15336] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.388451][T15331] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  281.404178][T15331] EXT4-fs (loop2): 1 truncate cleaned up
[  281.581365][T15345] loop2: detected capacity change from 0 to 1024
[  281.588073][T15345] EXT4-fs: Ignoring removed oldalloc option
[  281.595713][T15345] EXT4-fs: Ignoring removed i_version option
[  281.647153][T15353] loop4: detected capacity change from 0 to 1024
[  281.734311][T15364] loop4: detected capacity change from 0 to 512
[  281.738671][T15363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.741340][T15364] EXT4-fs: Ignoring removed orlov option
[  281.756348][T15364] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  281.765206][T15363] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.780998][T15341] loop0: detected capacity change from 0 to 128
[  281.788837][T15364] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4330: bg 0: block 248: padding at end of block bitmap is not set
[  281.807733][T15364] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.4330: Failed to acquire dquot type 1
[  281.821096][T15364] EXT4-fs (loop4): 1 truncate cleaned up
[  281.837480][T15364] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.871305][T15364] netlink: 'syz.4.4330': attribute type 12 has an invalid length.
[  281.879895][T15364] EXT4-fs: Ignoring removed orlov option
[  281.885731][T15364] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  281.896946][T15366] loop2: detected capacity change from 0 to 2048
[  281.901282][T15364] EXT4-fs error (device loop4): __ext4_remount:6738: comm syz.4.4330: Abort forced by user
[  281.915050][T15364] EXT4-fs (loop4): Remounting filesystem read-only
[  281.921756][T15364] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  281.956444][T15366] Alternate GPT is invalid, using primary GPT.
[  281.963456][T15366]  loop2: p1 p2 p3
[  281.979650][T15373] netlink: 'syz.0.4332': attribute type 13 has an invalid length.
[  282.024071][T15373] gretap0: refused to change device tx_queue_len
[  282.030536][T15373] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  282.157878][T15393] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4341'.
[  282.290972][T15396] loop2: detected capacity change from 0 to 128
[  282.349869][T15400] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.358689][T15400] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.638425][T15411] FAULT_INJECTION: forcing a failure.
[  282.638425][T15411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.651596][T15411] CPU: 1 UID: 0 PID: 15411 Comm: syz.1.4348 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  282.651653][T15411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  282.651664][T15411] Call Trace:
[  282.651670][T15411]  <TASK>
[  282.651677][T15411]  dump_stack_lvl+0xf2/0x150
[  282.651710][T15411]  dump_stack+0x15/0x1a
[  282.651736][T15411]  should_fail_ex+0x24a/0x260
[  282.651823][T15411]  should_fail+0xb/0x10
[  282.651857][T15411]  should_fail_usercopy+0x1a/0x20
[  282.651923][T15411]  _copy_from_user+0x1c/0xa0
[  282.651943][T15411]  move_addr_to_kernel+0x82/0x120
[  282.651987][T15411]  __sys_sendto+0x12e/0x230
[  282.652022][T15411]  __x64_sys_sendto+0x78/0x90
[  282.652048][T15411]  x64_sys_call+0x29fa/0x2dc0
[  282.652134][T15411]  do_syscall_64+0xc9/0x1c0
[  282.652173][T15411]  ? clear_bhb_loop+0x55/0xb0
[  282.652206][T15411]  ? clear_bhb_loop+0x55/0xb0
[  282.652237][T15411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.652320][T15411] RIP: 0033:0x7f684b81d169
[  282.652337][T15411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.652381][T15411] RSP: 002b:00007f6849e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  282.652404][T15411] RAX: ffffffffffffffda RBX: 00007f684ba35fa0 RCX: 00007f684b81d169
[  282.652419][T15411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  282.652432][T15411] RBP: 00007f6849e87090 R08: 0000400000000440 R09: 000000000000001c
[  282.652446][T15411] R10: 00000000000000c4 R11: 0000000000000246 R12: 0000000000000001
[  282.652460][T15411] R13: 0000000000000000 R14: 00007f684ba35fa0 R15: 00007ffeeea7ae38
[  282.652484][T15411]  </TASK>
[  282.839033][   T30] kauditd_printk_skb: 374 callbacks suppressed
[  282.839050][   T30] audit: type=1326 audit(1741794112.081:9500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.868983][   T30] audit: type=1326 audit(1741794112.081:9501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.892985][   T30] audit: type=1326 audit(1741794112.081:9502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.916533][   T30] audit: type=1326 audit(1741794112.081:9503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.916575][   T30] audit: type=1326 audit(1741794112.081:9504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.916707][   T30] audit: type=1326 audit(1741794112.081:9505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.916779][   T30] audit: type=1326 audit(1741794112.081:9506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15412 comm="syz.1.4349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  282.948721][   T30] audit: type=1400 audit(1741794112.137:9507): avc:  denied  { write } for  pid=15415 comm="syz.1.4351" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  282.950136][T15419] loop1: detected capacity change from 0 to 1024
[  283.052388][T15422] loop0: detected capacity change from 0 to 512
[  283.053180][   T30] audit: type=1400 audit(1741794112.277:9508): avc:  denied  { create } for  pid=15417 comm="syz.1.4352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  283.054945][   T30] audit: type=1400 audit(1741794112.277:9509): avc:  denied  { connect } for  pid=15417 comm="syz.1.4352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  283.057126][T15419] tmpfs: Unknown parameter 'kmem_cache_free'
[  283.087201][T15424] loop2: detected capacity change from 0 to 512
[  283.160779][T15422] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4350: Failed to acquire dquot type 1
[  283.196987][T15422] EXT4-fs (loop0): 1 truncate cleaned up
[  283.203091][T15422] ext4 filesystem being mounted at /277/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.235000][T15424] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  283.249901][T15432] loop1: detected capacity change from 0 to 256
[  283.267928][T15424] EXT4-fs (loop2): orphan cleanup on readonly fs
[  283.275311][T15424] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4353: Failed to acquire dquot type 1
[  283.290821][T15424] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4353: bg 0: block 40: padding at end of block bitmap is not set
[  283.321330][T15424] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  283.330760][T15424] EXT4-fs (loop2): 1 truncate cleaned up
[  283.396223][T15437] loop1: detected capacity change from 0 to 128
[  283.434949][T15435] loop4: detected capacity change from 0 to 128
[  283.436553][T15437] syz.1.4359: attempt to access beyond end of device
[  283.436553][T15437] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  283.519617][T15447] loop1: detected capacity change from 0 to 512
[  283.530546][T15449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.540412][T15449] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.549781][T15447] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4362: Failed to acquire dquot type 1
[  283.551848][T15453] netlink: 'syz.0.4361': attribute type 13 has an invalid length.
[  283.562170][T15447] EXT4-fs (loop1): 1 truncate cleaned up
[  283.578747][T15447] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.581622][T15451] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  283.596602][T15453] gretap0: refused to change device tx_queue_len
[  283.603014][T15453] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  283.639600][T15456] loop1: detected capacity change from 0 to 128
[  283.662225][T15456] syz.1.4365: attempt to access beyond end of device
[  283.662225][T15456] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  283.687342][T15460] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.695816][T15460] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.719431][T15462] netlink: 180900 bytes leftover after parsing attributes in process `syz.1.4367'.
[  283.728788][T15462] netlink: zone id is out of range
[  283.733976][T15462] netlink: zone id is out of range
[  283.739308][T15462] netlink: zone id is out of range
[  283.747354][T15462] netlink: set zone limit has 8 unknown bytes
[  283.772166][T15466] loop1: detected capacity change from 0 to 1024
[  283.779016][T15466] EXT4-fs: Ignoring removed oldalloc option
[  283.785108][T15466] EXT4-fs: Ignoring removed i_version option
[  283.973240][T15470] loop1: detected capacity change from 0 to 512
[  283.988503][T15470] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4369: Failed to acquire dquot type 1
[  284.000463][T15470] EXT4-fs (loop1): 1 truncate cleaned up
[  284.006606][T15470] ext4 filesystem being mounted at /314/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.106286][T15475] loop1: detected capacity change from 0 to 512
[  284.126354][T15475] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4370: Failed to acquire dquot type 1
[  284.140970][T15475] EXT4-fs (loop1): 1 truncate cleaned up
[  284.147218][T15475] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.216765][T15479] lo speed is unknown, defaulting to 1000
[  284.222827][T15479] lo speed is unknown, defaulting to 1000
[  284.228829][T15479] lo speed is unknown, defaulting to 1000
[  284.235538][T15483] loop1: detected capacity change from 0 to 512
[  284.235572][T15479] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  284.252391][T15483] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  284.253055][T15479] lo speed is unknown, defaulting to 1000
[  284.267743][T15479] lo speed is unknown, defaulting to 1000
[  284.273689][T15483] EXT4-fs (loop1): orphan cleanup on readonly fs
[  284.273847][T15479] lo speed is unknown, defaulting to 1000
[  284.281352][T15483] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4373: Failed to acquire dquot type 1
[  284.298868][T15483] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4373: bg 0: block 40: padding at end of block bitmap is not set
[  284.300689][T15479] lo speed is unknown, defaulting to 1000
[  284.313440][T15483] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  284.320063][T15479] lo speed is unknown, defaulting to 1000
[  284.329245][T15483] EXT4-fs (loop1): 1 truncate cleaned up
[  284.396284][T15489] loop0: detected capacity change from 0 to 1024
[  284.403083][T15489] EXT4-fs: Ignoring removed oldalloc option
[  284.409078][T15489] EXT4-fs: Ignoring removed i_version option
[  284.454896][T15486] loop4: detected capacity change from 0 to 128
[  284.505826][T15495] loop0: detected capacity change from 0 to 256
[  284.576420][T15501] loop2: detected capacity change from 0 to 128
[  284.621862][T15509] FAULT_INJECTION: forcing a failure.
[  284.621862][T15509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.635100][T15509] CPU: 0 UID: 0 PID: 15509 Comm: syz.0.4383 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  284.635141][T15509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  284.635156][T15509] Call Trace:
[  284.635165][T15509]  <TASK>
[  284.635175][T15509]  dump_stack_lvl+0xf2/0x150
[  284.635210][T15509]  dump_stack+0x15/0x1a
[  284.635231][T15509]  should_fail_ex+0x24a/0x260
[  284.635264][T15509]  should_fail+0xb/0x10
[  284.635372][T15509]  should_fail_usercopy+0x1a/0x20
[  284.635434][T15509]  _copy_to_user+0x20/0xa0
[  284.635459][T15509]  simple_read_from_buffer+0xa0/0x110
[  284.635514][T15509]  proc_fail_nth_read+0xf9/0x140
[  284.635601][T15509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  284.635638][T15509]  vfs_read+0x19b/0x6f0
[  284.635669][T15509]  ? __rcu_read_unlock+0x4e/0x70
[  284.635691][T15509]  ? __fget_files+0x17c/0x1c0
[  284.635804][T15509]  ksys_read+0xe8/0x1b0
[  284.635833][T15509]  __x64_sys_read+0x42/0x50
[  284.635933][T15509]  x64_sys_call+0x2874/0x2dc0
[  284.635960][T15509]  do_syscall_64+0xc9/0x1c0
[  284.635993][T15509]  ? clear_bhb_loop+0x55/0xb0
[  284.636085][T15509]  ? clear_bhb_loop+0x55/0xb0
[  284.636119][T15509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.636151][T15509] RIP: 0033:0x7fafefbebb7c
[  284.636166][T15509] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  284.636184][T15509] RSP: 002b:00007fafee257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  284.636250][T15509] RAX: ffffffffffffffda RBX: 00007fafefe05fa0 RCX: 00007fafefbebb7c
[  284.636264][T15509] RDX: 000000000000000f RSI: 00007fafee2570a0 RDI: 0000000000000004
[  284.636276][T15509] RBP: 00007fafee257090 R08: 0000000000000000 R09: 0000000000000000
[  284.636287][T15509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  284.636299][T15509] R13: 0000000000000000 R14: 00007fafefe05fa0 R15: 00007ffd25f52928
[  284.636318][T15509]  </TASK>
[  284.837887][T15501] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  284.846101][T15501] FAT-fs (loop2): Filesystem has been set read-only
[  284.852882][T15501] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  284.881624][T15502] loop4: detected capacity change from 0 to 128
[  284.894202][T15514] loop2: detected capacity change from 0 to 1024
[  284.901036][T15514] EXT4-fs: Ignoring removed oldalloc option
[  284.910223][T15512] lo speed is unknown, defaulting to 1000
[  284.929784][T15516] loop0: detected capacity change from 0 to 128
[  284.930952][T15514] EXT4-fs: Ignoring removed i_version option
[  284.964056][T15516] syz.0.4386: attempt to access beyond end of device
[  284.964056][T15516] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  285.023115][T15524] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4387'.
[  285.048012][T15526] loop4: detected capacity change from 0 to 1024
[  285.061270][T15528] loop2: detected capacity change from 0 to 1024
[  285.070335][T15530] loop0: detected capacity change from 0 to 256
[  285.207790][T15541] loop1: detected capacity change from 0 to 512
[  285.222491][T15543] tmpfs: Unknown parameter 'kmem_cache_free'
[  285.231378][T15544] tmpfs: Unknown parameter 'kmem_cache_free'
[  285.240743][T15542] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  285.294398][T15541] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  285.304350][T15541] EXT4-fs (loop1): orphan cleanup on readonly fs
[  285.315146][T15541] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4395: Failed to acquire dquot type 1
[  285.329266][T15541] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4395: bg 0: block 40: padding at end of block bitmap is not set
[  285.344863][T15541] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  285.353954][T15541] EXT4-fs (loop1): 1 truncate cleaned up
[  285.403460][T15549] loop0: detected capacity change from 0 to 512
[  285.419358][T15551] loop3: detected capacity change from 0 to 128
[  285.447831][T15551] syz.3.4398: attempt to access beyond end of device
[  285.447831][T15551] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  285.498065][T15549] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4396: Failed to acquire dquot type 1
[  285.510651][T15549] EXT4-fs (loop0): 1 truncate cleaned up
[  285.516932][T15549] ext4 filesystem being mounted at /291/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.558361][T15556] loop3: detected capacity change from 0 to 1024
[  285.565130][T15556] EXT4-fs: Ignoring removed oldalloc option
[  285.571323][T15556] EXT4-fs: Ignoring removed i_version option
[  285.604087][T15558] loop0: detected capacity change from 0 to 1024
[  285.610961][T15558] EXT4-fs: Ignoring removed oldalloc option
[  285.616993][T15558] EXT4-fs: Ignoring removed i_version option
[  285.636935][T15562] loop1: detected capacity change from 0 to 1024
[  285.643731][T15562] EXT4-fs: Ignoring removed oldalloc option
[  285.649698][T15562] EXT4-fs: Ignoring removed i_version option
[  285.719553][T15568] loop3: detected capacity change from 0 to 128
[  285.742688][T15568] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8)
[  285.750843][T15568] FAT-fs (loop3): Filesystem has been set read-only
[  285.757923][T15568] FAT-fs (loop3): error, corrupted file size (i_pos 548, 522)
[  285.985049][T15576] siw: device registration error -23
[  286.098707][T15587] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4410'.
[  286.116632][T15589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.116772][T15589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.182264][T15600] loop4: detected capacity change from 0 to 1024
[  286.189003][T15600] EXT4-fs: Ignoring removed oldalloc option
[  286.195018][T15600] EXT4-fs: Ignoring removed i_version option
[  286.290186][T15610] loop4: detected capacity change from 0 to 1024
[  286.414966][T15614] tmpfs: Unknown parameter 'kmem_cache_free'
[  287.110893][T15626] loop1: detected capacity change from 0 to 1024
[  287.147848][T15626] tmpfs: Unknown parameter 'kmem_cache_free'
[  287.198198][T15631] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4425'.
[  287.230801][T15633] loop1: detected capacity change from 0 to 128
[  287.257752][T15637] loop3: detected capacity change from 0 to 128
[  287.275045][T15635] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  287.286721][T15633] syz.1.4426: attempt to access beyond end of device
[  287.286721][T15633] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  287.330693][T15637] syz.3.4429: attempt to access beyond end of device
[  287.330693][T15637] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  287.435506][T15649] loop4: detected capacity change from 0 to 1024
[  287.485864][T15649] tmpfs: Unknown parameter 'kmem_cache_free'
[  287.541101][T15639] loop2: detected capacity change from 0 to 128
[  287.564024][T15656] loop4: detected capacity change from 0 to 512
[  287.575472][T15647] loop1: detected capacity change from 0 to 128
[  287.638561][T15656] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.4436: Failed to acquire dquot type 1
[  287.659937][T15656] EXT4-fs (loop4): 1 truncate cleaned up
[  287.675838][T15656] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.719021][T15665] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4439'.
[  287.780579][T15669] loop4: detected capacity change from 0 to 128
[  287.828213][T15672] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  287.865371][T15663] loop2: detected capacity change from 0 to 128
[  287.975394][T15681] loop2: detected capacity change from 0 to 1024
[  287.991553][T15681] tmpfs: Unknown parameter 'kmem_cache_free'
[  288.011671][T15683] netlink: 'syz.4.4445': attribute type 13 has an invalid length.
[  288.032621][T15685] loop2: detected capacity change from 0 to 256
[  288.033293][T15683] gretap0: refused to change device tx_queue_len
[  288.045395][T15683] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  288.127270][T15690] loop2: detected capacity change from 0 to 128
[  288.137134][T15690] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  288.145477][T15690] FAT-fs (loop2): Filesystem has been set read-only
[  288.152306][T15690] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  288.185534][T15693] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4450'.
[  288.270658][   T30] kauditd_printk_skb: 412 callbacks suppressed
[  288.270676][   T30] audit: type=1400 audit(1741794117.160:9904): avc:  denied  { open } for  pid=15695 comm="syz.2.4451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  288.296551][   T30] audit: type=1400 audit(1741794117.160:9905): avc:  denied  { kernel } for  pid=15695 comm="syz.2.4451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  288.410848][   T30] audit: type=1400 audit(1741794117.291:9906): avc:  denied  { create } for  pid=15698 comm="syz.3.4452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  288.435345][T15699] loop3: detected capacity change from 0 to 512
[  288.444503][T15699] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  288.452622][T15699] EXT4-fs (loop3): orphan cleanup on readonly fs
[  288.459853][T15699] Quota error (device loop3): find_block_dqentry: Quota for id 0 referenced but not present
[  288.470086][T15699] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  288.479545][T15699] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4452: Failed to acquire dquot type 1
[  288.491573][T15699] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4452: bg 0: block 40: padding at end of block bitmap is not set
[  288.506081][T15699] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  288.515265][T15699] EXT4-fs (loop3): 1 truncate cleaned up
[  288.521693][   T30] audit: type=1400 audit(1741794117.394:9907): avc:  denied  { mount } for  pid=15698 comm="syz.3.4452" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  288.543784][   T30] audit: type=1400 audit(1741794117.394:9908): avc:  denied  { write } for  pid=15698 comm="syz.3.4452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  288.667880][   T30] audit: type=1400 audit(1741794117.525:9909): avc:  denied  { unmount } for  pid=11309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  288.710943][   T30] audit: type=1326 audit(1741794117.572:9910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.1.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  288.734577][   T30] audit: type=1326 audit(1741794117.572:9911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.1.4454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f684b81d169 code=0x7ffc0000
[  288.762029][T15709] FAULT_INJECTION: forcing a failure.
[  288.762029][T15709] name failslab, interval 1, probability 0, space 0, times 0
[  288.774950][T15709] CPU: 0 UID: 0 PID: 15709 Comm: syz.3.4455 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  288.775055][T15709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.775071][T15709] Call Trace:
[  288.775077][T15709]  <TASK>
[  288.775086][T15709]  dump_stack_lvl+0xf2/0x150
[  288.775119][T15709]  dump_stack+0x15/0x1a
[  288.775141][T15709]  should_fail_ex+0x24a/0x260
[  288.775199][T15709]  should_failslab+0x8f/0xb0
[  288.775251][T15709]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  288.775279][T15709]  ? __d_alloc+0x3d/0x350
[  288.775307][T15709]  __d_alloc+0x3d/0x350
[  288.775333][T15709]  d_alloc_pseudo+0x1e/0x80
[  288.775356][T15709]  alloc_file_pseudo+0x73/0x160
[  288.775406][T15709]  __shmem_file_setup+0x1bb/0x1f0
[  288.775449][T15709]  shmem_file_setup+0x3b/0x50
[  288.775470][T15709]  __se_sys_memfd_create+0x2e1/0x5a0
[  288.775577][T15709]  __x64_sys_memfd_create+0x31/0x40
[  288.775606][T15709]  x64_sys_call+0x2d4c/0x2dc0
[  288.775639][T15709]  do_syscall_64+0xc9/0x1c0
[  288.775745][T15709]  ? clear_bhb_loop+0x55/0xb0
[  288.775781][T15709]  ? clear_bhb_loop+0x55/0xb0
[  288.775820][T15709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.775876][T15709] RIP: 0033:0x7f26f93cd169
[  288.775895][T15709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.775917][T15709] RSP: 002b:00007f26f7a30e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  288.775939][T15709] RAX: ffffffffffffffda RBX: 000000000000050f RCX: 00007f26f93cd169
[  288.775954][T15709] RDX: 00007f26f7a30ef0 RSI: 0000000000000000 RDI: 00007f26f944ec3c
[  288.775968][T15709] RBP: 0000400000000f80 R08: 00007f26f7a30bb7 R09: 00007f26f7a30e40
[  288.775983][T15709] R10: 000000000000000a R11: 0000000000000202 R12: 00004000000001c0
[  288.775996][T15709] R13: 00007f26f7a30ef0 R14: 00007f26f7a30eb0 R15: 00004000000008c0
[  288.776094][T15709]  </TASK>
[  288.968922][T15707] loop1: detected capacity change from 0 to 512
[  289.000679][T15707] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.4456: Failed to acquire dquot type 1
[  289.016667][T15707] EXT4-fs (loop1): 1 truncate cleaned up
[  289.022893][T15707] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.031276][T15718] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  289.125672][T15722] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4461'.
[  289.175097][T15726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.184650][T15726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.192640][T15713] loop4: detected capacity change from 0 to 32768
[  289.201915][T15728] loop3: detected capacity change from 0 to 512
[  289.209682][T15728] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  289.217755][T15728] EXT4-fs (loop3): orphan cleanup on readonly fs
[  289.224775][T15728] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4464: Failed to acquire dquot type 1
[  289.237060][T15728] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4464: bg 0: block 40: padding at end of block bitmap is not set
[  289.251484][T15728] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  289.261068][T15728] EXT4-fs (loop3): 1 truncate cleaned up
[  289.443817][T15741] loop3: detected capacity change from 0 to 1024
[  289.571180][T15748] tmpfs: Unknown parameter 'kmem_cache_free'
[  289.792818][T15752] 9pnet_fd: Insufficient options for proto=fd
[  290.367191][T15754] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4473'.
[  290.425332][T11309] EXT4-fs unmount: 151 callbacks suppressed
[  290.425348][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.454871][T15760] FAULT_INJECTION: forcing a failure.
[  290.454871][T15760] name failslab, interval 1, probability 0, space 0, times 0
[  290.467588][T15760] CPU: 0 UID: 0 PID: 15760 Comm: syz.3.4476 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  290.467666][T15760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  290.467742][T15760] Call Trace:
[  290.467749][T15760]  <TASK>
[  290.467757][T15760]  dump_stack_lvl+0xf2/0x150
[  290.467788][T15760]  dump_stack+0x15/0x1a
[  290.467848][T15760]  should_fail_ex+0x24a/0x260
[  290.467924][T15760]  should_failslab+0x8f/0xb0
[  290.467962][T15760]  kmem_cache_alloc_node_noprof+0x59/0x320
[  290.468033][T15760]  ? __alloc_skb+0x10b/0x310
[  290.468059][T15760]  __alloc_skb+0x10b/0x310
[  290.468080][T15760]  nldev_get_chardev+0x299/0x5d0
[  290.468144][T15760]  ? __pfx_nldev_get_chardev+0x10/0x10
[  290.468172][T15760]  rdma_nl_rcv+0x46f/0x5a0
[  290.468258][T15760]  ? should_fail_ex+0xd7/0x260
[  290.468296][T15760]  netlink_unicast+0x599/0x670
[  290.468360][T15760]  netlink_sendmsg+0x5cc/0x6e0
[  290.468441][T15760]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.468531][T15760]  __sock_sendmsg+0x140/0x180
[  290.468571][T15760]  ____sys_sendmsg+0x326/0x4b0
[  290.468663][T15760]  __sys_sendmsg+0x19d/0x230
[  290.468715][T15760]  __x64_sys_sendmsg+0x46/0x50
[  290.468747][T15760]  x64_sys_call+0x2734/0x2dc0
[  290.468780][T15760]  do_syscall_64+0xc9/0x1c0
[  290.468854][T15760]  ? clear_bhb_loop+0x55/0xb0
[  290.468888][T15760]  ? clear_bhb_loop+0x55/0xb0
[  290.468994][T15760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.469022][T15760] RIP: 0033:0x7f26f93cd169
[  290.469036][T15760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.469055][T15760] RSP: 002b:00007f26f7a31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.469075][T15760] RAX: ffffffffffffffda RBX: 00007f26f95e5fa0 RCX: 00007f26f93cd169
[  290.469087][T15760] RDX: 0000000000004000 RSI: 0000400000000380 RDI: 0000000000000005
[  290.469099][T15760] RBP: 00007f26f7a31090 R08: 0000000000000000 R09: 0000000000000000
[  290.469148][T15760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.469161][T15760] R13: 0000000000000000 R14: 00007f26f95e5fa0 R15: 00007ffe57e8ead8
[  290.469182][T15760]  </TASK>
[  290.688277][T15756] loop0: detected capacity change from 0 to 512
[  290.723716][T15764] loop4: detected capacity change from 0 to 1024
[  290.729218][T15756] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4475: bg 0: block 16: invalid block bitmap
[  290.743975][T15764] EXT4-fs: Ignoring removed oldalloc option
[  290.749918][T15764] EXT4-fs: Ignoring removed i_version option
[  290.756767][T15756] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  290.772829][T15768] loop3: detected capacity change from 0 to 512
[  290.780675][T15756] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4475: invalid indirect mapped block 5 (level 0)
[  290.795338][T15768] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  290.803622][T15768] EXT4-fs (loop3): orphan cleanup on readonly fs
[  290.813948][T15764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.819793][T15768] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4479: Failed to acquire dquot type 1
[  290.837916][T15756] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4475: invalid indirect mapped block 4294967295 (level 1)
[  290.862304][T15768] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4479: bg 0: block 40: padding at end of block bitmap is not set
[  290.865371][T15756] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4475: invalid indirect mapped block 4294967295 (level 2)
[  290.883768][T15773] loop1: detected capacity change from 0 to 1024
[  290.890780][T15756] EXT4-fs (loop0): 1 truncate cleaned up
[  290.898495][T15768] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  290.903091][T15756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.914408][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.923939][T15773] EXT4-fs: Ignoring removed oldalloc option
[  290.935482][T15768] EXT4-fs (loop3): 1 truncate cleaned up
[  290.938678][T15756] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.944279][T15768] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  290.952973][T15773] EXT4-fs: Ignoring removed i_version option
[  291.003639][T15778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.012428][T15778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.014871][T15780] loop0: detected capacity change from 0 to 256
[  291.023540][T15773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.093576][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.113805][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.117039][T15784] loop0: detected capacity change from 0 to 128
[  291.133700][T15784] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[  291.141930][T15784] FAT-fs (loop0): Filesystem has been set read-only
[  291.149088][T15784] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  291.190951][T15790] loop0: detected capacity change from 0 to 512
[  291.197788][T15790] EXT4-fs: Ignoring removed orlov option
[  291.205402][T15790] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  291.225689][T15790] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4487: bg 0: block 248: padding at end of block bitmap is not set
[  291.240281][T15790] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4487: Failed to acquire dquot type 1
[  291.252296][T15790] EXT4-fs (loop0): 1 truncate cleaned up
[  291.258368][T15790] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.271082][T15790] ext4 filesystem being mounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  291.282820][T15790] FAULT_INJECTION: forcing a failure.
[  291.282820][T15790] name failslab, interval 1, probability 0, space 0, times 0
[  291.295505][T15790] CPU: 1 UID: 0 PID: 15790 Comm: syz.0.4487 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  291.295536][T15790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  291.295551][T15790] Call Trace:
[  291.295578][T15790]  <TASK>
[  291.295586][T15790]  dump_stack_lvl+0xf2/0x150
[  291.295622][T15790]  dump_stack+0x15/0x1a
[  291.295647][T15790]  should_fail_ex+0x24a/0x260
[  291.295685][T15790]  ? __se_sys_mount+0xf2/0x2d0
[  291.295717][T15790]  should_failslab+0x8f/0xb0
[  291.295808][T15790]  __kmalloc_cache_noprof+0x4e/0x320
[  291.295907][T15790]  ? memdup_user+0x9f/0xc0
[  291.295931][T15790]  __se_sys_mount+0xf2/0x2d0
[  291.295969][T15790]  ? __schedule+0x75b/0x990
[  291.296016][T15790]  __x64_sys_mount+0x67/0x80
[  291.296042][T15790]  x64_sys_call+0x2c84/0x2dc0
[  291.296064][T15790]  do_syscall_64+0xc9/0x1c0
[  291.296091][T15790]  ? clear_bhb_loop+0x55/0xb0
[  291.296171][T15790]  ? clear_bhb_loop+0x55/0xb0
[  291.296200][T15790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.296223][T15790] RIP: 0033:0x7fafefbee90a
[  291.296236][T15790] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.296255][T15790] RSP: 002b:00007fafee256e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  291.296321][T15790] RAX: ffffffffffffffda RBX: 00007fafee256ef0 RCX: 00007fafefbee90a
[  291.296332][T15790] RDX: 0000400000000f40 RSI: 0000400000000f00 RDI: 0000000000000000
[  291.296342][T15790] RBP: 0000400000000f40 R08: 00007fafee256ef0 R09: 0000000001a4a438
[  291.296353][T15790] R10: 0000000001a4a438 R11: 0000000000000246 R12: 0000400000000f00
[  291.296363][T15790] R13: 00007fafee256eb0 R14: 0000000000000000 R15: 00004000000008c0
[  291.296392][T15790]  </TASK>
[  291.501409][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.547742][T15797] vlan2: entered allmulticast mode
[  291.594493][T15804] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.605639][T15804] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.618314][T15806] loop2: detected capacity change from 0 to 1024
[  291.625212][T15806] EXT4-fs: Ignoring removed oldalloc option
[  291.631771][T15806] EXT4-fs: Ignoring removed i_version option
[  291.654628][T15806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.730100][T15813] loop4: detected capacity change from 0 to 1024
[  291.749073][T15813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.764205][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.862717][T15808] loop0: detected capacity change from 0 to 128
[  291.894094][T15822] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  291.958018][T15824] program syz.0.4499 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  291.967510][T15824] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  292.073389][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.110439][T15836] loop4: detected capacity change from 0 to 1024
[  292.117608][T15836] EXT4-fs: Ignoring removed oldalloc option
[  292.124402][T15836] EXT4-fs: Ignoring removed i_version option
[  292.154099][T15836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.168872][T15841] loop0: detected capacity change from 0 to 128
[  292.207505][T15841] syz.0.4506: attempt to access beyond end of device
[  292.207505][T15841] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  292.234103][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.285777][T15847] loop1: detected capacity change from 0 to 256
[  292.366533][T15854] loop3: detected capacity change from 0 to 128
[  292.383320][T15855] netlink: 'syz.2.4507': attribute type 13 has an invalid length.
[  292.399422][T15855] gretap0: refused to change device tx_queue_len
[  292.399659][T15857] loop0: detected capacity change from 0 to 1024
[  292.405839][T15855] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  292.434158][T15854] syz.3.4512: attempt to access beyond end of device
[  292.434158][T15854] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  292.468663][T15857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.524204][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.576124][T15868] loop0: detected capacity change from 0 to 256
[  292.651511][T15876] loop1: detected capacity change from 0 to 1024
[  292.659648][T15876] EXT4-fs: Ignoring removed oldalloc option
[  292.665879][T15876] EXT4-fs: Ignoring removed i_version option
[  292.694734][T15876] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.797423][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.955206][T15878] loop0: detected capacity change from 0 to 128
[  293.050603][T15895] loop1: detected capacity change from 0 to 1024
[  293.059135][T15895] EXT4-fs: Ignoring removed oldalloc option
[  293.074355][T15896] netlink: 'syz.4.4524': attribute type 13 has an invalid length.
[  293.075050][T15895] EXT4-fs: Ignoring removed i_version option
[  293.089611][T15896] gretap0: refused to change device tx_queue_len
[  293.093978][T15898] sd 0:0:1:0: device reset
[  293.096105][T15896] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  293.136213][T15895] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.183614][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.265730][T15908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.305426][T15908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.326614][T15902] loop0: detected capacity change from 0 to 128
[  293.420473][T15915] FAULT_INJECTION: forcing a failure.
[  293.420473][T15915] name failslab, interval 1, probability 0, space 0, times 0
[  293.433296][T15915] CPU: 0 UID: 0 PID: 15915 Comm: syz.0.4532 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  293.433362][T15915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  293.433377][T15915] Call Trace:
[  293.433386][T15915]  <TASK>
[  293.433395][T15915]  dump_stack_lvl+0xf2/0x150
[  293.433430][T15915]  dump_stack+0x15/0x1a
[  293.433606][T15915]  should_fail_ex+0x24a/0x260
[  293.433702][T15915]  should_failslab+0x8f/0xb0
[  293.433740][T15915]  __kmalloc_noprof+0xab/0x3f0
[  293.433766][T15915]  ? scsi_ioctl_reset+0xda/0x4b0
[  293.433794][T15915]  scsi_ioctl_reset+0xda/0x4b0
[  293.433839][T15915]  scsi_ioctl+0x7b6/0x1540
[  293.433874][T15915]  ? scsi_block_when_processing_errors+0x18e/0x1c0
[  293.433910][T15915]  sg_ioctl+0xd00/0x1870
[  293.434013][T15915]  ? __fget_files+0x17c/0x1c0
[  293.434053][T15915]  ? __pfx_sg_ioctl+0x10/0x10
[  293.434085][T15915]  __se_sys_ioctl+0xc9/0x140
[  293.434111][T15915]  __x64_sys_ioctl+0x43/0x50
[  293.434137][T15915]  x64_sys_call+0x1690/0x2dc0
[  293.434165][T15915]  do_syscall_64+0xc9/0x1c0
[  293.434260][T15915]  ? clear_bhb_loop+0x55/0xb0
[  293.434292][T15915]  ? clear_bhb_loop+0x55/0xb0
[  293.434352][T15915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.434385][T15915] RIP: 0033:0x7fafefbed169
[  293.434404][T15915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.434478][T15915] RSP: 002b:00007fafee257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  293.434500][T15915] RAX: ffffffffffffffda RBX: 00007fafefe05fa0 RCX: 00007fafefbed169
[  293.434513][T15915] RDX: 0000400000000080 RSI: 0000000000002284 RDI: 0000000000000005
[  293.434527][T15915] RBP: 00007fafee257090 R08: 0000000000000000 R09: 0000000000000000
[  293.434540][T15915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.434627][T15915] R13: 0000000000000000 R14: 00007fafefe05fa0 R15: 00007ffd25f52928
[  293.434646][T15915]  </TASK>
[  293.673505][   T30] kauditd_printk_skb: 470 callbacks suppressed
[  293.673524][   T30] audit: type=1400 audit(1741794122.202:10374): avc:  denied  { create } for  pid=15918 comm="syz.0.4533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  293.699312][   T30] audit: type=1400 audit(1741794122.211:10375): avc:  denied  { setopt } for  pid=15918 comm="syz.0.4533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  293.722970][T15919] loop0: detected capacity change from 0 to 512
[  293.729835][   T30] audit: type=1400 audit(1741794122.267:10376): avc:  denied  { mounton } for  pid=15918 comm="syz.0.4533" path="/315/file0" dev="tmpfs" ino=1787 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  293.754377][   T30] audit: type=1400 audit(1741794122.267:10377): avc:  denied  { read write } for  pid=15912 comm="syz.1.4531" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  293.777858][   T30] audit: type=1400 audit(1741794122.267:10378): avc:  denied  { open } for  pid=15912 comm="syz.1.4531" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  293.789555][T15919] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4533: bg 0: block 16: invalid block bitmap
[  293.801484][   T30] audit: type=1400 audit(1741794122.295:10379): avc:  denied  { connect } for  pid=15912 comm="syz.1.4531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  293.833229][   T30] audit: type=1400 audit(1741794122.295:10380): avc:  denied  { ioctl } for  pid=15912 comm="syz.1.4531" path="/newroot/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  293.844046][T15919] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  293.914282][T15919] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4533: invalid indirect mapped block 5 (level 0)
[  293.936290][T15913] loop1: detected capacity change from 0 to 32768
[  293.942919][   T30] audit: type=1400 audit(1741794122.454:10381): avc:  denied  { prog_run } for  pid=15924 comm="syz.3.4535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  293.963849][T15919] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4533: invalid indirect mapped block 4294967295 (level 1)
[  293.980075][T15927] loop4: detected capacity change from 0 to 128
[  294.004558][T15927] syz.4.4536: attempt to access beyond end of device
[  294.004558][T15927] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  294.019724][T15919] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.4533: invalid indirect mapped block 4294967295 (level 2)
[  294.045829][T15919] EXT4-fs (loop0): 1 truncate cleaned up
[  294.052217][T15919] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.066293][T15919] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.115420][T15930] loop4: detected capacity change from 0 to 1024
[  294.133549][T15933] loop2: detected capacity change from 0 to 256
[  294.156782][T15925] loop3: detected capacity change from 0 to 128
[  294.156958][T15930] EXT4-fs: Ignoring removed oldalloc option
[  294.169100][   T30] audit: type=1400 audit(1741794122.679:10382): avc:  denied  { create } for  pid=15935 comm="syz.1.4538" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  294.190909][T15930] EXT4-fs: Ignoring removed i_version option
[  294.197134][   T30] audit: type=1326 audit(1741794122.688:10383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15931 comm="syz.2.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648127d169 code=0x7ffc0000
[  294.200007][T15936] loop1: detected capacity change from 0 to 1024
[  294.249988][T15930] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.289391][T15936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.344669][T15948] loop3: detected capacity change from 0 to 1024
[  294.369651][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.398961][T15948] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.433459][T15942] loop2: detected capacity change from 0 to 128
[  294.445456][T15952] loop4: detected capacity change from 0 to 128
[  294.458426][T15952] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8)
[  294.466619][T15952] FAT-fs (loop4): Filesystem has been set read-only
[  294.478327][T15954] tmpfs: Unknown parameter 'kmem_cache_free'
[  294.509056][T15952] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[  294.553537][T15959] loop2: detected capacity change from 0 to 128
[  294.600953][T15959] syz.2.4547: attempt to access beyond end of device
[  294.600953][T15959] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  294.620722][T15962] tmpfs: Unknown parameter 'kmem_cache_free'
[  294.924304][T15961] loop4: detected capacity change from 0 to 32768
[  295.234151][T15971] loop0: detected capacity change from 0 to 128
[  295.278804][T15971] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[  295.287028][T15971] FAT-fs (loop0): Filesystem has been set read-only
[  295.293700][T15971] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  295.307650][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.445023][T15966] loop2: detected capacity change from 0 to 32768
[  295.476019][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.530254][T15969] loop4: detected capacity change from 0 to 128
[  295.617209][T15978] siw: device registration error -23
[  295.680632][T15987] 9pnet_fd: Insufficient options for proto=fd
[  295.705345][T15973] loop1: detected capacity change from 0 to 128
[  295.712841][T15989] siw: device registration error -23
[  295.875598][T16001] netlink: 'syz.4.4562': attribute type 13 has an invalid length.
[  295.883735][T16001] gretap0: refused to change device tx_queue_len
[  295.890127][T16001] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  295.911916][T15980] loop3: detected capacity change from 0 to 128
[  295.991101][T16004] loop2: detected capacity change from 0 to 256
[  296.140599][T16016] loop3: detected capacity change from 0 to 1024
[  296.159806][T16016] EXT4-fs: Ignoring removed oldalloc option
[  296.184011][T16016] EXT4-fs: Ignoring removed i_version option
[  296.214251][T16016] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.239533][T16014] loop2: detected capacity change from 0 to 128
[  296.257118][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.369291][T16024] loop2: detected capacity change from 0 to 512
[  296.378080][T16024] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  296.386257][T16024] EXT4-fs (loop2): orphan cleanup on readonly fs
[  296.398215][T16026] siw: device registration error -23
[  296.423334][T16024] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4571: Failed to acquire dquot type 1
[  296.437732][T16024] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4571: bg 0: block 40: padding at end of block bitmap is not set
[  296.454326][T16024] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  296.465368][T16024] EXT4-fs (loop2): 1 truncate cleaned up
[  296.471615][T16024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  296.600026][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.720762][T16031] loop3: detected capacity change from 0 to 128
[  296.734142][T16036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.742844][T16036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.873766][T16047] loop3: detected capacity change from 0 to 1024
[  296.904347][T16047] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.018157][T16040] loop0: detected capacity change from 0 to 128
[  297.213945][T16059] loop0: detected capacity change from 0 to 512
[  297.222938][T16059] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  297.233187][T16059] EXT4-fs (loop0): orphan cleanup on readonly fs
[  297.241074][T16053] loop4: detected capacity change from 0 to 128
[  297.248295][T16059] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.4584: Failed to acquire dquot type 1
[  297.263229][T16059] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4584: bg 0: block 40: padding at end of block bitmap is not set
[  297.281943][T16059] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  297.314787][T16059] EXT4-fs (loop0): 1 truncate cleaned up
[  297.324876][T16059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  297.426752][T16070] netlink: 'syz.2.4587': attribute type 13 has an invalid length.
[  297.432846][T16065] siw: device registration error -23
[  297.443140][T16070] gretap0: refused to change device tx_queue_len
[  297.449558][T16070] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  297.487963][T12078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.825821][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.848624][T16087] FAULT_INJECTION: forcing a failure.
[  297.848624][T16087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.861824][T16087] CPU: 0 UID: 0 PID: 16087 Comm: syz.4.4592 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  297.861850][T16085] loop3: detected capacity change from 0 to 128
[  297.861853][T16087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  297.861871][T16087] Call Trace:
[  297.861880][T16087]  <TASK>
[  297.861965][T16087]  dump_stack_lvl+0xf2/0x150
[  297.862005][T16087]  dump_stack+0x15/0x1a
[  297.862051][T16087]  should_fail_ex+0x24a/0x260
[  297.862102][T16087]  should_fail+0xb/0x10
[  297.862136][T16087]  should_fail_usercopy+0x1a/0x20
[  297.862178][T16087]  _copy_from_user+0x1c/0xa0
[  297.862259][T16087]  copy_msghdr_from_user+0x54/0x2a0
[  297.862331][T16087]  ? __fget_files+0x17c/0x1c0
[  297.862445][T16087]  __sys_sendmsg+0x13e/0x230
[  297.862496][T16087]  __x64_sys_sendmsg+0x46/0x50
[  297.862530][T16087]  x64_sys_call+0x2734/0x2dc0
[  297.862564][T16087]  do_syscall_64+0xc9/0x1c0
[  297.862647][T16087]  ? clear_bhb_loop+0x55/0xb0
[  297.862682][T16087]  ? clear_bhb_loop+0x55/0xb0
[  297.862796][T16087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.862830][T16087] RIP: 0033:0x7fd772ded169
[  297.862850][T16087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.862873][T16087] RSP: 002b:00007fd771451038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  297.862897][T16087] RAX: ffffffffffffffda RBX: 00007fd773005fa0 RCX: 00007fd772ded169
[  297.863059][T16087] RDX: 0000000000000000 RSI: 0000400000000240 RDI: 0000000000000003
[  297.863075][T16087] RBP: 00007fd771451090 R08: 0000000000000000 R09: 0000000000000000
[  297.863091][T16087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.863106][T16087] R13: 0000000000000000 R14: 00007fd773005fa0 R15: 00007ffc0d1aa6c8
[  297.863163][T16087]  </TASK>
[  297.904269][T16089] loop4: detected capacity change from 0 to 1024
[  297.911396][T16085] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8)
[  297.916750][T16089] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.918356][T16085] FAT-fs (loop3): Filesystem has been set read-only
[  298.081192][T16093] tmpfs: Unknown parameter 'kmem_cache_free'
[  298.087684][T16085] FAT-fs (loop3): error, corrupted file size (i_pos 548, 522)
[  298.288910][T16098] loop2: detected capacity change from 0 to 512
[  298.303413][T16095] loop3: detected capacity change from 0 to 128
[  298.311541][T16098] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4596: bg 0: block 16: invalid block bitmap
[  298.426880][T16098] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  298.440196][T16098] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4596: invalid indirect mapped block 5 (level 0)
[  298.469015][T16098] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4596: invalid indirect mapped block 4294967295 (level 1)
[  298.512434][T16098] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.4596: invalid indirect mapped block 4294967295 (level 2)
[  298.527690][T16098] EXT4-fs (loop2): 1 truncate cleaned up
[  298.534326][T16098] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.548373][T16098] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.558860][T16101] loop3: detected capacity change from 0 to 128
[  298.634970][T16106] loop2: detected capacity change from 0 to 128
[  298.644974][T16106] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  298.653318][T16106] FAT-fs (loop2): Filesystem has been set read-only
[  298.660109][T16106] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  298.673347][T16104] loop3: detected capacity change from 0 to 512
[  298.681038][T16104] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  298.689145][T16104] EXT4-fs (loop3): orphan cleanup on readonly fs
[  298.696257][T16104] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4599: Failed to acquire dquot type 1
[  298.708197][T16104] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4599: bg 0: block 40: padding at end of block bitmap is not set
[  298.723211][T16104] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  298.735425][T16104] EXT4-fs (loop3): 1 truncate cleaned up
[  298.741620][T16104] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  298.817126][T11952] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.831188][T16112] loop2: detected capacity change from 0 to 128
[  298.869471][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.900587][T16112] syz.2.4602: attempt to access beyond end of device
[  298.900587][T16112] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  298.943183][T16120] loop3: detected capacity change from 0 to 256
[  298.986100][T16114] loop4: detected capacity change from 0 to 32768
[  299.027293][T16126] loop2: detected capacity change from 0 to 128
[  299.032192][   T30] kauditd_printk_skb: 178 callbacks suppressed
[  299.032211][   T30] audit: type=1400 audit(1741794127.225:10556): avc:  denied  { create } for  pid=16127 comm="syz.3.4609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  299.060259][T16128] loop3: detected capacity change from 0 to 1024
[  299.067729][   T30] audit: type=1400 audit(1741794127.225:10557): avc:  denied  { mounton } for  pid=16125 comm="syz.2.4608" path="/334/file2" dev="tmpfs" ino=1886 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  299.090919][   T30] audit: type=1400 audit(1741794127.262:10558): avc:  denied  { read write } for  pid=16113 comm="syz.4.4601" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  299.114454][   T30] audit: type=1400 audit(1741794127.262:10559): avc:  denied  { open } for  pid=16113 comm="syz.4.4601" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  299.126660][T16126] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  299.137819][   T30] audit: type=1400 audit(1741794127.272:10560): avc:  denied  { create } for  pid=16113 comm="syz.4.4601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  299.145992][T16126] FAT-fs (loop2): Filesystem has been set read-only
[  299.165511][   T30] audit: type=1400 audit(1741794127.272:10561): avc:  denied  { connect } for  pid=16113 comm="syz.4.4601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  299.172266][T16126] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  299.191781][   T30] audit: type=1400 audit(1741794127.272:10562): avc:  denied  { ioctl } for  pid=16113 comm="syz.4.4601" path="/newroot/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  299.224917][   T30] audit: type=1400 audit(1741794127.272:10563): avc:  denied  { create } for  pid=16113 comm="syz.4.4601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  299.245583][   T30] audit: type=1400 audit(1741794127.272:10564): avc:  denied  { write } for  pid=16113 comm="syz.4.4601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  299.266162][   T30] audit: type=1400 audit(1741794127.272:10565): avc:  denied  { read } for  pid=16113 comm="syz.4.4601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  299.288539][T16128] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.419491][T16135] loop1: detected capacity change from 0 to 1024
[  299.419662][T16137] tmpfs: Unknown parameter 'kmem_cache_free'
[  299.429824][T16135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.480983][T16140] loop4: detected capacity change from 0 to 128
[  299.606395][T16144] tmpfs: Unknown parameter 'kmem_cache_free'
[  299.640009][T16140] syz.4.4611: attempt to access beyond end of device
[  299.640009][T16140] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  299.820331][T16148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.829291][T16148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.967829][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.002376][T16156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.029854][T16156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.125732][T16160] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.134669][T16160] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.323875][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.419348][T16164] loop4: detected capacity change from 0 to 512
[  300.427456][T16164] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4622: bg 0: block 16: invalid block bitmap
[  300.440321][T16164] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  300.449176][T16164] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4622: invalid indirect mapped block 5 (level 0)
[  300.462728][T16164] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4622: invalid indirect mapped block 4294967295 (level 1)
[  300.476972][T16164] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4622: invalid indirect mapped block 4294967295 (level 2)
[  300.491175][T16164] EXT4-fs (loop4): 1 truncate cleaned up
[  300.491199][T16162] loop1: detected capacity change from 0 to 128
[  300.497246][T16164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.516511][T16164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.561577][T16168] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  300.635906][T16178] loop1: detected capacity change from 0 to 1024
[  300.645792][T16178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.714142][T16182] siw: device registration error -23
[  300.730686][T16174] loop3: detected capacity change from 0 to 128
[  300.785984][T16185] tmpfs: Unknown parameter 'kmem_cache_free'
[  300.823495][T16191] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.832089][T16191] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.902613][T16193] loop3: detected capacity change from 0 to 256
[  301.047677][T16197] loop3: detected capacity change from 0 to 512
[  301.090729][T16197] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4635: bg 0: block 16: invalid block bitmap
[  301.103467][T16197] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  301.112553][T16197] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4635: invalid indirect mapped block 5 (level 0)
[  301.129019][T16195] loop0: detected capacity change from 0 to 32768
[  301.135879][T16197] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4635: invalid indirect mapped block 4294967295 (level 1)
[  301.150308][T16197] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4635: invalid indirect mapped block 4294967295 (level 2)
[  301.164909][T16197] EXT4-fs (loop3): 1 truncate cleaned up
[  301.171151][T16197] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.204027][T16197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.278215][T16205] loop3: detected capacity change from 0 to 128
[  301.322176][T16205] syz.3.4639: attempt to access beyond end of device
[  301.322176][T16205] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  301.373306][T16209] 9pnet_fd: Insufficient options for proto=fd
[  301.422538][T16211] siw: device registration error -23
[  301.573948][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.619138][T16221] loop1: detected capacity change from 0 to 512
[  301.631088][T16221] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  301.653799][T16223] loop3: detected capacity change from 0 to 512
[  301.661869][T16221] EXT4-fs (loop1): 1 truncate cleaned up
[  301.667922][T16221] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.699344][T16223] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  301.712606][T16213] loop2: detected capacity change from 0 to 128
[  301.719464][T16223] EXT4-fs (loop3): orphan cleanup on readonly fs
[  301.755642][T16223] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4647: Failed to acquire dquot type 1
[  301.801446][T16223] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4647: bg 0: block 40: padding at end of block bitmap is not set
[  301.861261][T16223] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  301.899169][T16223] EXT4-fs (loop3): 1 truncate cleaned up
[  301.905773][T16223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  301.912472][T16233] netlink: 'syz.4.4649': attribute type 13 has an invalid length.
[  301.955232][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.993525][T16233] gretap0: refused to change device tx_queue_len
[  302.000042][T16233] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  302.005668][T16241] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.024727][T16241] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.061632][T11309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.092623][T16245] loop3: detected capacity change from 0 to 1024
[  302.101011][T16245] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  302.110949][T16245] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  302.122252][T16245] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  302.133357][T16245] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #5: comm syz.3.4654: unexpected bad inode w/o EXT4_IGET_BAD
[  302.147501][T16245] EXT4-fs (loop3): no journal found
[  302.152852][T16245] EXT4-fs (loop3): can't get journal size
[  302.159464][T16245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  302.242818][   T39] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  302.597361][T16257] loop1: detected capacity change from 0 to 1024
[  302.606937][T16257] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.690727][T16260] ==================================================================
[  302.698919][T16260] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  302.707195][T16260] 
[  302.709513][T16260] write to 0xffff888106176138 of 4 bytes by task 16257 on cpu 1:
[  302.717235][T16260]  writeback_single_inode+0x14f/0x3f0
[  302.722608][T16260]  sync_inode_metadata+0x5c/0x90
[  302.727555][T16260]  generic_buffers_fsync_noflush+0xd8/0x120
[  302.733472][T16260]  ext4_sync_file+0x1ff/0x6c0
[  302.738186][T16260]  vfs_fsync_range+0x116/0x130
[  302.742971][T16260]  ext4_buffered_write_iter+0x358/0x3c0
[  302.748632][T16260]  ext4_file_write_iter+0x383/0xf20
[  302.753852][T16260]  iter_file_splice_write+0x5f1/0x980
[  302.759248][T16260]  direct_splice_actor+0x160/0x2c0
[  302.764377][T16260]  splice_direct_to_actor+0x302/0x670
[  302.769765][T16260]  do_splice_direct+0xd7/0x150
[  302.774548][T16260]  do_sendfile+0x398/0x660
[  302.778974][T16260]  __x64_sys_sendfile64+0x110/0x150
[  302.784196][T16260]  x64_sys_call+0xfbd/0x2dc0
[  302.788806][T16260]  do_syscall_64+0xc9/0x1c0
[  302.793329][T16260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.799237][T16260] 
[  302.801565][T16260] read to 0xffff888106176138 of 4 bytes by task 16260 on cpu 0:
[  302.809252][T16260]  __mark_inode_dirty+0x198/0x7e0
[  302.814299][T16260]  ext4_write_inline_data_end+0x3c4/0x5d0
[  302.820029][T16260]  ext4_write_end+0x3eb/0x770
[  302.824714][T16260]  generic_perform_write+0x33c/0x4a0
[  302.830009][T16260]  ext4_buffered_write_iter+0x1ed/0x3c0
[  302.835576][T16260]  ext4_file_write_iter+0x383/0xf20
[  302.840793][T16260]  iter_file_splice_write+0x5f1/0x980
[  302.846175][T16260]  direct_splice_actor+0x160/0x2c0
[  302.851297][T16260]  splice_direct_to_actor+0x302/0x670
[  302.856680][T16260]  do_splice_direct+0xd7/0x150
[  302.861452][T16260]  do_sendfile+0x398/0x660
[  302.865878][T16260]  __x64_sys_sendfile64+0x110/0x150
[  302.871094][T16260]  x64_sys_call+0xfbd/0x2dc0
[  302.875695][T16260]  do_syscall_64+0xc9/0x1c0
[  302.880213][T16260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.886118][T16260] 
[  302.888439][T16260] value changed: 0x00000038 -> 0x00000002
[  302.894153][T16260] 
[  302.896473][T16260] Reported by Kernel Concurrency Sanitizer on:
[  302.902620][T16260] CPU: 0 UID: 0 PID: 16260 Comm: syz.1.4656 Not tainted 6.14.0-rc6-syzkaller-00016-g0fed89a961ea #0
[  302.913385][T16260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  302.923446][T16260] ==================================================================
[  302.949902][T16261] tmpfs: Unknown parameter 'kmem_cache_free'
[  303.007466][T16251] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.509100][T10923] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.