last executing test programs:

5m31.060888082s ago: executing program 1 (id=86):
socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$hid(0x5, 0x36, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, 0x0, &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

5m30.483861891s ago: executing program 1 (id=90):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x30)

5m30.331439603s ago: executing program 1 (id=93):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r1}, 0x18)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

5m29.89727157s ago: executing program 1 (id=96):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18812, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRES16=0x0, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES8], 0x1, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18060000003e082a0000000001181100000000000000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
listen(r2, 0x7)
write$binfmt_script(r2, &(0x7f0000000040), 0x4)
syz_emit_ethernet(0x72, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x64, 0xfffd, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x800, @private, @local, {[@cipso={0x86, 0x1d, 0x0, [{0x1, 0x7, "5e000000ff"}, {0x0, 0x2}, {0x0, 0xe, "9606053d0006ff00800000b6"}]}, @timestamp_addr={0x44, 0x14, 0xb0, 0x1, 0xa, [{@multicast1, 0xa6de}, {@loopback, 0xffff}]}]}}}}}}}, 0x0)
epoll_pwait(r2, &(0x7f0000000280)=[{}, {}, {}], 0x3, 0x3, &(0x7f00000002c0)={[0xa]}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = dup(r3)
getsockname$packet(r4, 0x0, &(0x7f0000000300))
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r5 = syz_clone(0xa9202340, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
ptrace(0x10, r5)
ptrace$pokeuser(0x6, r5, 0x358, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)

5m29.83330422s ago: executing program 1 (id=100):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="380000001800090300000000000000000a8080000000"], 0x38}}, 0x1000c848)
socket(0x5, 0x1, 0x40000)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b06000000000000000000000020000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$setown(r2, 0x402, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x0)
process_madvise(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2, 0x10, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r5 = syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ff}, 0x0, 0xe, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x89f2, &(0x7f0000000080))
syz_open_procfs$pagemap(r5, &(0x7f0000000180))
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

5m29.544435325s ago: executing program 1 (id=106):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@data_ordered}, {@nogrpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@norecovery}, {@data_writeback}, {@orlov}, {@nogrpid}, {@commit={'commit', 0x3d, 0xc487}}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
move_pages(0x0, 0x9, &(0x7f00000003c0)=[&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil], &(0x7f0000000580)=[0x10, 0xcff, 0x5, 0xc29a, 0x3786, 0x6], &(0x7f00000005c0)=[0x0], 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12141, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000030000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r5}, &(0x7f0000000480), &(0x7f00000004c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1000000000000}, 0x18)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x2}, 0x1c)
close(r6)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000680)={[{@init_itable_val}, {@user_xattr}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x439, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7aQlfZBQlUfTAoHyiHgkTVpKD1xAIHEACQkO4RiStApxG9QEiVYRBIR6RZW4VxyR+As4wQUBJySucEeVKpRLS09Ga+8mtmOnSerEBf9+0iYzO2PNfN4de3bHG0DXGkr/JBEHIuKPiOivZusrDFX/3VpZmvpnZWkqiXL53b+TSr2bK0tTedX8dfvzTE9E4cskjjZpd+HS5bnJUmnmYpYfXTz/0ejCpcsvzp6fPDdzbubC+Jkzp06OvXx6/KW2xJnGdXPw0/ljR958/+rbUxNXP/jluySPvyGONhnaqPDpcrnNzXXWwZp00tPBjrAlxeowjd7K+O+PYqwdvP5444uOdg7YUeVyufxQ6+LlMvA/lkSnewB0Rv5Fn17/5tsuTT3uCTderV4ApXHfyrZqSU8Usjq9Dde37TQUERPLt6+lW+zMfQgAgDo/pPOfF5rN/wpRe1/o/mwNZSAiHoiIQxFxOiIOR8SDEZW6D0fEI1tsv3GRZP38p3B9W4FtUjr/eyVb26qf/+WzvxgoZrmDlfh7k7OzpZkT2XsyHL170/zYBm38+PrvX7UqW53/zT0TsXz7Wtp+PhfM+nG9Z2/9a6YnFyfvJuZaNz6PGOxpFn+yuhKQRMSRiBjcZhuzz317rFVZ7fx3omn8G2jDOlP5m4hnq8d/ORrizyUbr0+O3helmROj+Vmx3q+/XXmnVft3FX8bpMd/X9PzfzX+gaR2vXZh621c+XNvy7I7x9/8/N+TvFe375PJxcWLYxF7kreqna7dP95Qb3ytfhr/8PHm4/9QrL0TRyMiPYkfjYjHIuLxrO9PRMSTEXF8g/h/fu2pD7cf/85K45/e0vFfS+yJxj3NE8W5n76va3RgK/Gnx/9UJTWc7dnM599m+rW9sxkAAAD+ewoRcSCSwshqulAYGan+hv9w7CuU5hcWnz87//GF6eozAgPRW8jvdPXX3A8dyy7r8/x4Q/5kdt/462JfJT8yNV+a7nTw0OX2txj/qb+Kne4dsOM8rwXdy/iH7mX8Q/cy/qF7NRn/fZ3oB7D7mn3/f9aBfgC7r2H8W/aDLuL6H7qX8Q/dy/iHrrTQF3d+SF5CYl0iCvdENyR2KNHpTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID2+DcAAP//NTzkEw==")
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0xfe37, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100d0000000fbdbdf25010000001800018014000200e1ea4db41df9a1cfae66b5b9f69ec076"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000840)='./file0/file0\x00', &(0x7f00000007c0), &(0x7f0000000800)=ANY=[@ANYRES8=r1], 0x15, 0x2)

5m29.544011005s ago: executing program 32 (id=106):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@data_ordered}, {@nogrpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@norecovery}, {@data_writeback}, {@orlov}, {@nogrpid}, {@commit={'commit', 0x3d, 0xc487}}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
move_pages(0x0, 0x9, &(0x7f00000003c0)=[&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil], &(0x7f0000000580)=[0x10, 0xcff, 0x5, 0xc29a, 0x3786, 0x6], &(0x7f00000005c0)=[0x0], 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12141, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000030000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r5}, &(0x7f0000000480), &(0x7f00000004c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1000000000000}, 0x18)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x2}, 0x1c)
close(r6)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000680)={[{@init_itable_val}, {@user_xattr}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x439, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7aQlfZBQlUfTAoHyiHgkTVpKD1xAIHEACQkO4RiStApxG9QEiVYRBIR6RZW4VxyR+As4wQUBJySucEeVKpRLS09Ga+8mtmOnSerEBf9+0iYzO2PNfN4de3bHG0DXGkr/JBEHIuKPiOivZusrDFX/3VpZmvpnZWkqiXL53b+TSr2bK0tTedX8dfvzTE9E4cskjjZpd+HS5bnJUmnmYpYfXTz/0ejCpcsvzp6fPDdzbubC+Jkzp06OvXx6/KW2xJnGdXPw0/ljR958/+rbUxNXP/jluySPvyGONhnaqPDpcrnNzXXWwZp00tPBjrAlxeowjd7K+O+PYqwdvP5444uOdg7YUeVyufxQ6+LlMvA/lkSnewB0Rv5Fn17/5tsuTT3uCTderV4ApXHfyrZqSU8Usjq9Dde37TQUERPLt6+lW+zMfQgAgDo/pPOfF5rN/wpRe1/o/mwNZSAiHoiIQxFxOiIOR8SDEZW6D0fEI1tsv3GRZP38p3B9W4FtUjr/eyVb26qf/+WzvxgoZrmDlfh7k7OzpZkT2XsyHL170/zYBm38+PrvX7UqW53/zT0TsXz7Wtp+PhfM+nG9Z2/9a6YnFyfvJuZaNz6PGOxpFn+yuhKQRMSRiBjcZhuzz317rFVZ7fx3omn8G2jDOlP5m4hnq8d/ORrizyUbr0+O3helmROj+Vmx3q+/XXmnVft3FX8bpMd/X9PzfzX+gaR2vXZh621c+XNvy7I7x9/8/N+TvFe375PJxcWLYxF7kreqna7dP95Qb3ytfhr/8PHm4/9QrL0TRyMiPYkfjYjHIuLxrO9PRMSTEXF8g/h/fu2pD7cf/85K45/e0vFfS+yJxj3NE8W5n76va3RgK/Gnx/9UJTWc7dnM599m+rW9sxkAAAD+ewoRcSCSwshqulAYGan+hv9w7CuU5hcWnz87//GF6eozAgPRW8jvdPXX3A8dyy7r8/x4Q/5kdt/462JfJT8yNV+a7nTw0OX2txj/qb+Kne4dsOM8rwXdy/iH7mX8Q/cy/qF7NRn/fZ3oB7D7mn3/f9aBfgC7r2H8W/aDLuL6H7qX8Q/dy/iHrrTQF3d+SF5CYl0iCvdENyR2KNHpTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID2+DcAAP//NTzkEw==")
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0xfe37, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100d0000000fbdbdf25010000001800018014000200e1ea4db41df9a1cfae66b5b9f69ec076"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000840)='./file0/file0\x00', &(0x7f00000007c0), &(0x7f0000000800)=ANY=[@ANYRES8=r1], 0x15, 0x2)

4.277352015s ago: executing program 0 (id=4049):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001480)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x67}, {@in6=@empty, 0x4d0, 0x32}, @in=@dev, {0xfffffffffffffffd}, {0x0, 0x200000000, 0x0, 0x100000}, {}, 0x70bd26, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r5 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r6, 0x8957)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r9 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r9, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x3, 0x81]}, @SEG6_ATTR_DST={0x14, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040100}, 0x24000000)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000240)=0x3ff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
close_range(r5, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

4.182056477s ago: executing program 0 (id=4051):
syz_emit_ethernet(0x7a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6015"], 0x0)
readv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)

4.175418297s ago: executing program 0 (id=4052):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000240), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x42800, 0x55007}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x48}, @IFLA_BR_MCAST_STARTUP_QUERY_CNT={0x8, 0x1d, 0x8}, @IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x3}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0xe}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f00000005c0)='<', 0x1, 0x805, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r4, 0x8905, &(0x7f0000000000))
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10000000000)
semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0xfff9}], 0x1, 0x0)
semtimedop(0x0, &(0x7f0000000040), 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000010000000000000000418000000000000cd9200000000002b8aca71b26079aa8aabe47ea5568e4da11e91726358e7f1f2"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYBLOB="e765360b5aed05a4766a57d4dae093a815c426db0743540da552c2c10703ab3aa1b5fa44f3fd39860c75eca88a45705e31ea91bb96de369ee02023b22b1ce8bbb7c2d5b7817d74e3cdd5df20e8aac13979171edec0d4ef07dc5b", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000440)='module_request\x00', r5}, 0x18)
unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00')
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
syz_genetlink_get_family_id$nl802154(&(0x7f0000000880), 0xffffffffffffffff)

3.560740736s ago: executing program 4 (id=4064):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000240), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x42800, 0x55007}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x48}, @IFLA_BR_MCAST_STARTUP_QUERY_CNT={0x8, 0x1d, 0x8}, @IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x3}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0xe}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f00000005c0)='<', 0x1, 0x805, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r4, 0x8905, &(0x7f0000000000))
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10000000000)
r5 = semget$private(0x0, 0x2, 0x209)
semtimedop(r5, &(0x7f0000000080)=[{0x0, 0xfff9}], 0x1, 0x0)
semctl$IPC_RMID(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000010000000000000000418000000000000cd9200000000002b8aca71b26079aa8aabe47ea5568e4da11e91726358e7f1f2"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYBLOB="e765360b5aed05a4766a57d4dae093a815c426db0743540da552c2c10703ab3aa1b5fa44f3fd39860c75eca88a45705e31ea91bb96de369ee02023b22b1ce8bbb7c2d5b7817d74e3cdd5df20e8aac13979171edec0d4ef07dc5b", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000440)='module_request\x00', r6}, 0x18)
unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00')
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

3.28692583s ago: executing program 0 (id=4073):
syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
dup2(r1, r2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

2.60862232s ago: executing program 2 (id=4079):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
syz_clone3(&(0x7f00000006c0)={0x192142100, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2.60823068s ago: executing program 4 (id=4080):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x84}}, 0x20050800)

2.574707161s ago: executing program 2 (id=4081):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(0xffffffffffffffff, 0x6)
socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)

2.572609411s ago: executing program 4 (id=4082):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0xffffffffffffffde, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000080)})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x757, &(0x7f0000000f80)="$eJzs3c9rHFUcAPDvbJKmptXkIGj1EhA0ULoxNbYKHioeRLBQ0LPtstmGmt1syW5KEwJaRPAiqCdBLz37o968+uOq/4UHaamaFiseJDKb2XTb7KabNsmi+/nAa9+bmc2b77yZeW93hpkA+tZ4+k8u4lBEfJREjGbTk4gYauQGI06sL3drdaWYpiTW1t74PWksc3N1pRgtn0kdyAqPR8QP70cczm2ut7a0PFcol0sLWXmyXjk/WVtaPnKuUpgtzZbmj01NTx89/vzxYzsX6J8/Lx+89vGrz3x94u/3Hrvy4Y9JnIiD2ezWOHbKeIxn22Qo3YR3eGWnK+uxpNcrwH1JD82B9aM8DsVoDDRyAMD/2TsRsQYA9JlE/w8Afab5O8DN1ZViM/X2F4m9df3liNi/Hn/z+ub6nMHsmt3+xnXQkZvJHVdGkogY24H6xyPi82/f+jJNsUvXIQHaefdSRJwZG998/k823bOwXc92scz4XWXnP9g736Xjnxfajf9yG+OfaDP+GW5z7N6Pex//uas7UE1H15+MeKnl3rZbLfFnxgay0sONMd9QcvZcuZSe2x6JiIkYGk7LU1vUMXHjnxud5rWO//745O0v0vrT/28vkbs6OHznZ2YK9cKDxNzq+qWIJwbbxZ9stH/SYfx7qss6Xnvxg886zUvjT+Ntps3x7661yxFPt23/23e0JVvenzjZ2B0mmztFG9/88ulIp/pb2z9Naf3N7wJ7IW3/ka3jH0ta79esbb+Ony6Pft9p3r3jb7//70vebOT3ZdMuFur1hamIfcnrm6cfvf3ZrPxQZMun8U881f7432r/T78Tnuky/sFrv311//HvrjT+mW21//YzV27NDXSqv7v2n27kJrIp3Zz/ul3BB9l2AAAAAAAAAAAAAAAAAAAAAAAAANCtXEQcjCSX38jncvn8+ju8H42RXLlaqx8+W12cn4nGu7LHYijXfNTlaMvzUKey5+E3y0fvKj/X8kTBtJwvVsszPY4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJoOdHj/f+rX4V6vHQCwa/b3egUAgD2n/weA/qP/B4D+o/8HgP6j/weA/qP/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJedOnkyTWt/ra4U0/LMhaXFueqFIzOl2ly+sljMF6sL5/Oz1epsuZQvViv3+nvlavX8dMwvXpysl2r1ydrS8ulKdXG+fvpcpTBbOl0a2pOoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGB7akvLc4VyubQgIyMjs5Hp9ZkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L/h3wAAAP//HxYpBQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r4, 0x8, 0x0, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x44)

2.513229181s ago: executing program 2 (id=4083):
syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
dup2(r1, r2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
shmdt(0x0)
r6 = request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVin:Dd', 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r7, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
getsockopt$inet_sctp_SCTP_MAXSEG(r7, 0x84, 0xd, &(0x7f0000000140), &(0x7f0000000180)=0x4)
gettid()
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1d5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r8, 0x0)
request_key(&(0x7f0000000200)='ceph\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)='syzkaller\x00', r6)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)

2.286977695s ago: executing program 4 (id=4085):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d0300470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b720000000000000000000000000000005214e7febdbc00"], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="0800000000000000007a000000000000181100003016ee2e05f919ae1c88051d352b3c6860e85af777fc6b44584d9f61bccf57f90ba1b067ffe0d52e0effb2da0c0d", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r5], 0x90}}, 0x0)

1.889980591s ago: executing program 4 (id=4091):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000240), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x42800, 0x55007}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x48}, @IFLA_BR_MCAST_STARTUP_QUERY_CNT={0x8, 0x1d, 0x8}, @IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x3}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0xe}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f00000005c0)='<', 0x1, 0x805, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r4, 0x8905, &(0x7f0000000000))
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10000000000)
r5 = semget$private(0x0, 0x2, 0x209)
semtimedop(r5, &(0x7f0000000080)=[{0x0, 0xfff9}], 0x1, 0x0)
semctl$IPC_RMID(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000010000000000000000418000000000000cd9200000000002b8aca71b26079aa8aabe47ea5568e4da11e91726358e7f1f2"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYBLOB="e765360b5aed05a4766a57d4dae093a815c426db0743540da552c2c10703ab3aa1b5fa44f3fd39860c75eca88a45705e31ea91bb96de369ee02023b22b1ce8bbb7c2d5b7817d74e3cdd5df20e8aac13979171edec0d4ef07dc5b", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000440)='module_request\x00', r6}, 0x18)
unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00')
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

1.826298632s ago: executing program 5 (id=4093):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(0xffffffffffffffff, 0x6)
socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)

1.767755003s ago: executing program 5 (id=4095):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0xffffffffffffffde, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x757, &(0x7f0000000f80)="$eJzs3c9rHFUcAPDvbJKmptXkIGj1EhA0ULoxNbYKHioeRLBQ0LPtstmGmt1syW5KEwJaRPAiqCdBLz37o968+uOq/4UHaamaFiseJDKb2XTb7KabNsmi+/nAa9+bmc2b77yZeW93hpkA+tZ4+k8u4lBEfJREjGbTk4gYauQGI06sL3drdaWYpiTW1t74PWksc3N1pRgtn0kdyAqPR8QP70cczm2ut7a0PFcol0sLWXmyXjk/WVtaPnKuUpgtzZbmj01NTx89/vzxYzsX6J8/Lx+89vGrz3x94u/3Hrvy4Y9JnIiD2ezWOHbKeIxn22Qo3YR3eGWnK+uxpNcrwH1JD82B9aM8DsVoDDRyAMD/2TsRsQYA9JlE/w8Afab5O8DN1ZViM/X2F4m9df3liNi/Hn/z+ub6nMHsmt3+xnXQkZvJHVdGkogY24H6xyPi82/f+jJNsUvXIQHaefdSRJwZG998/k823bOwXc92scz4XWXnP9g736Xjnxfajf9yG+OfaDP+GW5z7N6Pex//uas7UE1H15+MeKnl3rZbLfFnxgay0sONMd9QcvZcuZSe2x6JiIkYGk7LU1vUMXHjnxud5rWO//745O0v0vrT/28vkbs6OHznZ2YK9cKDxNzq+qWIJwbbxZ9stH/SYfx7qss6Xnvxg886zUvjT+Ntps3x7661yxFPt23/23e0JVvenzjZ2B0mmztFG9/88ulIp/pb2z9Naf3N7wJ7IW3/ka3jH0ta79esbb+Ony6Pft9p3r3jb7//70vebOT3ZdMuFur1hamIfcnrm6cfvf3ZrPxQZMun8U881f7432r/T78Tnuky/sFrv311//HvrjT+mW21//YzV27NDXSqv7v2n27kJrIp3Zz/ul3BB9l2AAAAAAAAAAAAAAAAAAAAAAAAANCtXEQcjCSX38jncvn8+ju8H42RXLlaqx8+W12cn4nGu7LHYijXfNTlaMvzUKey5+E3y0fvKj/X8kTBtJwvVsszPY4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJoOdHj/f+rX4V6vHQCwa/b3egUAgD2n/weA/qP/B4D+o/8HgP6j/weA/qP/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJedOnkyTWt/ra4U0/LMhaXFueqFIzOl2ly+sljMF6sL5/Oz1epsuZQvViv3+nvlavX8dMwvXpysl2r1ydrS8ulKdXG+fvpcpTBbOl0a2pOoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGB7akvLc4VyubQgIyMjs5Hp9ZkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L/h3wAAAP//HxYpBQ==")
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r3, 0x8, 0x0, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x100000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x44)

1.606227316s ago: executing program 0 (id=4096):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001480)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x67}, {@in6=@empty, 0x4d0, 0x32}, @in=@dev, {0xfffffffffffffffd}, {0x0, 0x200000000, 0x0, 0x100000}, {}, 0x70bd26, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r5 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r5, 0x8957)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r6 = accept4(r5, 0x0, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r6)
sendmsg$SEG6_CMD_SET_TUNSRC(r6, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r8, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x3, 0x81]}, @SEG6_ATTR_DST={0x14, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040100}, 0x24000000)

878.726446ms ago: executing program 5 (id=4097):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001480)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x67}, {@in6=@empty, 0x4d0, 0x32}, @in=@dev, {0xfffffffffffffffd}, {0x0, 0x200000000, 0x0, 0x100000}, {}, 0x70bd26, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r5 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r6, 0x8957)
socket$inet_dccp(0x2, 0x6, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r9 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r7)
sendmsg$SEG6_CMD_SET_TUNSRC(r7, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r9, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x3, 0x81]}, @SEG6_ATTR_DST={0x14, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040100}, 0x24000000)
ioctl$sock_SIOCGSKNS(r7, 0x894c, &(0x7f0000000240)=0x3ff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r7)
close_range(r5, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

828.807047ms ago: executing program 3 (id=4098):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x18)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4f9309", 0x14, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)

774.371018ms ago: executing program 4 (id=4099):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
r5 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r4, {0x0, 0xfffc}, {}, {0x4, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)
close(r0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r6, 0x6)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r8 = accept(r0, 0x0, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0xc, 0x10, &(0x7f0000000e40)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5, 0x0, 0x1, 0x4, 0x4, 0xf69f}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @multicast2}, 0x0, 0x4, 0x1, 0x2}}, 0x26)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)
recvfrom(r7, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x3e8, 0x0, 0x0)

765.126808ms ago: executing program 3 (id=4100):
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x1, 0x3}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
setreuid(0xee00, 0x0)
io_submit(0x0, 0x0, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f00000000c0))
unshare(0x24040000)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r5}, 0x18)
r6 = fsmount(r4, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r6, &(0x7f0000000140)='./file0\x00')
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
fcntl$setlease(r7, 0x400, 0x0)
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8, &(0x7f0000000300)={[{@fat=@nocase}]}, 0x1, 0x246, &(0x7f0000000580)="$eJzs3c1qK2UYB/DXnJ42p3JOuxJ044tudDNovYIgLYgBpTaiLoQpTTUkJmUmYCKCXbvyIlwVl+4Ecemmd+GuCNJVV46k6Uf6IVpJO6n9/aDMU/6Z4RleJjwTyOTgo+++aG/nyXbaD5VqDHPh191wFMJyqIRHYey5k23luJ4Pk3bD69/3D7/94ONP3q3V66vrMa7VNt5aiTE+e/nnL7/+4ZVf+s9/+OOznxbC/vKnB3+s/Lb/wv6LB39ufN7KYyuP3V4/pnGz1+unm51m3Grl7STG9ztFURSjwzezC/l2p7ezM4xpd+vp4k7WzPOYdoex3RzGfi/2s2FMP0tb3ZgkSXy6GPgnjb319bRWdhfcriyrpaNr+cmVpLFXSkMAQKmuzv/hTuf/0dGumf+bad6MrW5+ef6vBvP/FE3O/3NlN8MtybLa43By/V5k/gcAAAAAAAAAAAAAgPvgqCiWiqJYOt2e/i2EEKohhNP/r+5ZLaNdpuy/rz//B9b/Ybv5+n9TZrtM2cQXd6sh/L47aAwa4+04X3unvvpGPLZ8vtfhYNB4dJa/Oc7jxfxxWDzJV67N58Nrr47zUfb2e/VL+ZOwdfunDwAAAA9CEs9ce3+fJH+Xj6uJzwcu3b/PhZc8UgoAAABmQj78qp12Os3sXxTzN3nxHRWV4x8JKr2Ne10szEYbipkqyn5nAgAApu186C+7EwAAAAAAAAAAAAAAAAAAAHi47uJxYmWfIwAAAAAAAAAAAAAAAAAAAAAAzJq/AgAA//+vk/+a")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

556.698272ms ago: executing program 5 (id=4101):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001480)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x67}, {@in6=@empty, 0x4d0, 0x32}, @in=@dev, {0xfffffffffffffffd}, {0x0, 0x200000000, 0x0, 0x100000}, {}, 0x70bd26, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r5 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(0xffffffffffffffff, 0x8957)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r7 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r9 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r7)
sendmsg$SEG6_CMD_SET_TUNSRC(r7, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r9, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x3, 0x81]}, @SEG6_ATTR_DST={0x14, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040100}, 0x24000000)
close_range(r5, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

556.449932ms ago: executing program 3 (id=4102):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)

507.063122ms ago: executing program 3 (id=4103):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x1, 0x2, 0x2e, 0xfffffffffffff801})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1}, &(0x7f0000000040), &(0x7f00000001c0)=r0}, 0x20)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3018e58, &(0x7f0000000180)={[{@jqfmt_vfsv1}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@debug}, {@lazytime}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0xfffffffffdfffffd}, 0x18)
r2 = fspick(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)

469.857693ms ago: executing program 5 (id=4104):
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/188, 0xbc, 0xdf0e}}], 0x1800, 0x2002, 0x0)
close(r0)

421.270553ms ago: executing program 2 (id=4105):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}}, @NFT_MSG_NEWSET={0x40, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x7c}}, 0x20050800)

278.693686ms ago: executing program 5 (id=4106):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x40015)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x2000000, &(0x7f0000000080), 0x1, 0x45f, &(0x7f0000001300)="$eJzs3MtrXNUfAPDvvZO0vz6TX62PPtRoFYOPpEmrduFCRcGFguCmLmOSltppI00EW4pWkboRpOBeXAr+Ba50I+pKcKt7KRTpxioII3fm3syjM9MknWRi5/OB25xz75mc851zz8y59/QmgIE1lv2TROyMiF8jYqSWbS4wVvtx4/rF2b+uX5xNolJ544+kWu7P6xdni6LF63bkmfE0Iv04iQNt6l08f+H0TLk8fy7PTy6deWdy8fyFp06dmTk5f3L+7PSxY0ePTD37zPTTPYnz/1lb97+/cHDfK29eeW32+JW3fvw6KeJvieM2VfL3YaxboUcrlR5VtznsakgnQ31sCKtSioisu4ar438kSlHvvJF4+aO+Ng5YV5Vch8OXKsAdLIl+twDoj+KLPrv+LbaNm33037UXahdAWdw38q12ZCjSqF0YDbdc3/bSWEQcv/T3F9kWvb0PAQDQ1rfZ/OfJdvO/NO5pKLc7XxsazddS9kTEXRGxNyLujqiWvTci7ltl/a2LJJ/ubp3/pFfXFNgKZfO/5/K1reb5X1oUGS3luV3VzHBy4lR5/nD+nozH8NYsP9Wlju9e+uWzTsca53/ZltVfzAXzdlwd2tr8mrmZpZnbibnRtQ8j9g+1iz9ZXglIImJfROxfYx2nHv/qYKdjrfFXkm6/6fnmbA/WmSpfRjxW6/9L0RJ/Iem+Pjn5vyjPH54szoqb/fTz5dc71X/r/l9fWf9vb3v+L8c/mjSu1y6uvo7Lv33S8ZpmYk3nf33HlvznezNLS+emIrYkr9Ya3bh/uv7aIl+Uz+IfP9R+/O+J+jtxICKyk/j+iHggIh7M++6hiHg4Ig51if+HFx95u9OxzdD/cy39P9pcpKX/64kt0bqnfaJ0+vtvmn9jPbmyz7+j1dR4vif//Pun2wr6Stq1trMZAAAA/nvSiNgZSTqxnE7TiYna/+HfG9vT8sLi0hMnFt49O1d7RmA0htPiTlftfnDtfuhUfllf5Kdb8kfy+8afl7ZV8xOzC+W5fgcPA25Hh/Gf+b3U79YB687zWjC4jH8YXMY/DC7jHwZX8QdAGmzrV1uAjdXu+/+DerIyspGNATZUy/i37AcDxPU/DC7jHwZX4/jv+vw9cCdZ3Ba3fkheQuKmRKR5ovj22CwNW0siWedRsLPfAa4+0ecPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB75NwAA//8p2uPf")
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0xffff9a75, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)={0x2c, 0x0, 0x1, 0xd0, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bond_slave_1\x00', <r9=>0x0})
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000000)={r9, 0x11, 0x2, @broadcast}, 0x10)
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000040)={r9, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {}, {}, {0x0, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d, r1}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x18)
r11 = socket(0x10, 0x3, 0x0)
connect$netlink(r11, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r11, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
sendmsg$can_raw(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f0000000580)=@canfd={{0x1}, 0xf6, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000004e2f9663a918fa1efd9b0b"}, 0x48}, 0xee, 0x0, 0x0, 0x40041}, 0x0)

175.754007ms ago: executing program 2 (id=4107):
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

161.605947ms ago: executing program 3 (id=4108):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x18)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone3(&(0x7f00000006c0)={0x192142100, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

148.952438ms ago: executing program 2 (id=4109):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000240), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x42800, 0x55007}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x48}, @IFLA_BR_MCAST_STARTUP_QUERY_CNT={0x8, 0x1d, 0x8}, @IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x3}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0xe}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f00000005c0)='<', 0x1, 0x805, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r4, 0x8905, &(0x7f0000000000))
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10000000000)
r5 = semget$private(0x0, 0x2, 0x209)
semtimedop(r5, &(0x7f0000000080)=[{0x0, 0xfff9}], 0x1, 0x0)
semctl$IPC_RMID(r5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000010000000000000000418000000000000cd9200000000002b8aca71b26079aa8aabe47ea5568e4da11e91726358e7f1f2"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYBLOB="e765360b5aed05a4766a57d4dae093a815c426db0743540da552c2c10703ab3aa1b5fa44f3fd39860c75eca88a45705e31ea91bb96de369ee02023b22b1ce8bbb7c2d5b7817d74e3cdd5df20e8aac13979171edec0d4ef07dc5b", @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000440)='module_request\x00', r6}, 0x18)
unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00')
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

17.879409ms ago: executing program 0 (id=4110):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
pselect6(0x40, &(0x7f0000000100)={0x9, 0xd000001, 0x0, 0xfffffffffffffffc, 0x401, 0x0, 0x200, 0x7}, 0x0, 0x0, 0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0xfffe, 0xffffffffffffffff, &(0x7f00000001c0)='m', 0x1}])
io_uring_setup(0x1d7e, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x200040, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = inotify_init1(0x80000)
inotify_add_watch(r4, &(0x7f0000000400)='.\x00', 0xa4000021)
read(r4, 0x0, 0x0)
close(r4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")

0s ago: executing program 3 (id=4111):
syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

kernel console output (not intermixed with test programs):


[  334.481426][T16034]  </TASK>
[  334.481434][T16034] memory: usage 307200kB, limit 307200kB, failcnt 1658
[  334.714726][T16034] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  334.722702][T16034] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  334.730030][T16034] Memory cgroup stats for /syz3:
[  334.730692][T16034] cache 0
[  334.738615][T16034] rss 0
[  334.741399][T16034] shmem 0
[  334.744337][T16034] mapped_file 0
[  334.747899][T16034] dirty 0
[  334.750842][T16034] writeback 0
[  334.754133][T16034] workingset_refault_anon 593
[  334.758851][T16034] workingset_refault_file 1479
[  334.763672][T16034] swap 196608
[  334.767010][T16034] swapcached 4096
[  334.770769][T16034] pgpgin 316219
[  334.774237][T16034] pgpgout 316218
[  334.777829][T16034] pgfault 396722
[  334.781373][T16034] pgmajfault 373
[  334.784908][T16034] inactive_anon 4096
[  334.788820][T16034] active_anon 0
[  334.792345][T16034] inactive_file 0
[  334.796023][T16034] active_file 0
[  334.799480][T16034] unevictable 0
[  334.802989][T16034] hierarchical_memory_limit 314572800
[  334.808396][T16034] hierarchical_memsw_limit 9223372036854771712
[  334.814667][T16034] total_cache 0
[  334.818169][T16034] total_rss 0
[  334.821533][T16034] total_shmem 0
[  334.825036][T16034] total_mapped_file 0
[  334.829083][T16034] total_dirty 0
[  334.832552][T16034] total_writeback 0
[  334.836452][T16034] total_workingset_refault_anon 593
[  334.841711][T16034] total_workingset_refault_file 1479
[  334.847082][T16034] total_swap 196608
[  334.850894][T16034] total_swapcached 4096
[  334.855130][T16034] total_pgpgin 316219
[  334.859131][T16034] total_pgpgout 316218
[  334.863352][T16034] total_pgfault 396722
[  334.867442][T16034] total_pgmajfault 373
[  334.871582][T16034] total_inactive_anon 4096
[  334.876017][T16034] total_active_anon 0
[  334.880001][T16034] total_inactive_file 0
[  334.884199][T16034] total_active_file 0
[  334.888228][T16034] total_unevictable 0
[  334.892220][T16034] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3448,pid=16034,uid=0
[  334.906936][T16034] Memory cgroup out of memory: Killed process 16034 (syz.3.3448) total-vm:95760kB, anon-rss:916kB, file-rss:21932kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  334.965169][   T29] kauditd_printk_skb: 487 callbacks suppressed
[  334.965184][   T29] audit: type=1326 audit(1742694787.607:26112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16062 comm="syz.2.3460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7fc00000
[  335.020098][T16075] loop0: detected capacity change from 0 to 2048
[  335.085481][T16075]  loop0: p1 < > p4
[  335.089893][T16075] loop0: p4 size 8388608 extends beyond EOD, truncated
[  335.109331][T16083] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3467'.
[  335.190503][T16085] loop4: detected capacity change from 0 to 8192
[  335.307201][   T29] audit: type=1326 audit(1742694787.967:26113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.331495][T16095] netlink: 'syz.0.3471': attribute type 10 has an invalid length.
[  335.339520][T16095] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3471'.
[  335.341478][   T29] audit: type=1326 audit(1742694787.967:26114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.372338][   T29] audit: type=1326 audit(1742694787.967:26115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.396087][   T29] audit: type=1326 audit(1742694787.967:26116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.419683][   T29] audit: type=1326 audit(1742694787.997:26117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.443387][   T29] audit: type=1326 audit(1742694787.997:26118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.467023][   T29] audit: type=1326 audit(1742694787.997:26119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.491939][   T29] audit: type=1326 audit(1742694788.017:26120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.515646][   T29] audit: type=1326 audit(1742694788.077:26121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16093 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  335.582331][T16103] loop5: detected capacity change from 0 to 2048
[  335.618202][T16103] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.3474: bad orphan inode 8192
[  335.681221][T16108] bridge6: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  335.693396][T16108] futex_wake_op: syz.4.3475 tries to shift op by -1; fix this program
[  335.780500][T16113] bridge11: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  335.792508][T16113] futex_wake_op: syz.5.3477 tries to shift op by -1; fix this program
[  336.058976][T16125] loop2: detected capacity change from 0 to 8192
[  336.182331][T16131] netlink: 'syz.0.3483': attribute type 10 has an invalid length.
[  336.190403][T16131] __nla_validate_parse: 1 callbacks suppressed
[  336.190417][T16131] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3483'.
[  336.242451][T16133] loop3: detected capacity change from 0 to 8192
[  336.398388][T16146] loop2: detected capacity change from 0 to 128
[  336.406063][T16146] FAT-fs (loop2): Directory bread(block 3236) failed
[  336.412870][T16146] FAT-fs (loop2): Directory bread(block 3237) failed
[  336.419961][T16146] FAT-fs (loop2): Directory bread(block 3238) failed
[  336.426917][T16146] FAT-fs (loop2): Directory bread(block 3239) failed
[  336.433643][T16146] FAT-fs (loop2): Directory bread(block 3240) failed
[  336.441153][T16146] FAT-fs (loop2): Directory bread(block 3241) failed
[  336.447942][T16146] FAT-fs (loop2): Directory bread(block 3242) failed
[  336.464252][T16146] FAT-fs (loop2): Directory bread(block 3243) failed
[  336.472660][T16146] FAT-fs (loop2): Directory bread(block 3236) failed
[  336.479766][T16146] FAT-fs (loop2): Directory bread(block 3237) failed
[  336.493054][T16151] loop3: detected capacity change from 0 to 512
[  336.529912][T16151] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.3493: corrupted inode contents
[  336.559505][T16151] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #3: comm syz.3.3493: mark_inode_dirty error
[  336.559811][T16153] loop2: detected capacity change from 0 to 2048
[  336.579476][T16151] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.3493: corrupted inode contents
[  336.591790][T16151] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #3: comm syz.3.3493: mark_inode_dirty error
[  336.603357][T16153] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.603422][T16151] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3493: Failed to acquire dquot type 0
[  336.603960][T16151] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3493: corrupted inode contents
[  336.640042][T16151] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #16: comm syz.3.3493: mark_inode_dirty error
[  336.653428][T16151] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3493: corrupted inode contents
[  336.675698][T16151] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.3493: mark_inode_dirty error
[  336.714805][T16151] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3493: corrupted inode contents
[  336.741563][T16151] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  336.760848][T16151] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3493: corrupted inode contents
[  336.782449][T16151] EXT4-fs error (device loop3): ext4_truncate:4240: inode #16: comm syz.3.3493: mark_inode_dirty error
[  336.793634][T16164] loop5: detected capacity change from 0 to 512
[  336.795977][T16151] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  336.811102][T16151] EXT4-fs (loop3): 1 truncate cleaned up
[  336.817718][T16151] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.818712][T16164] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3497: bg 0: block 35: padding at end of block bitmap is not set
[  336.853041][T16164] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  336.862361][T16164] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3497: invalid indirect mapped block 4294967295 (level 1)
[  336.889191][T16164] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3497: invalid indirect mapped block 4294967295 (level 2)
[  336.904477][T16164] EXT4-fs (loop5): 1 truncate cleaned up
[  337.016970][T16167] loop3: detected capacity change from 0 to 8192
[  337.134262][T16177] loop3: detected capacity change from 0 to 512
[  337.193769][T16177] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.3502: corrupted inode contents
[  337.242776][T16177] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #3: comm syz.3.3502: mark_inode_dirty error
[  337.269151][T16177] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.3502: corrupted inode contents
[  337.283224][T16177] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #3: comm syz.3.3502: mark_inode_dirty error
[  337.297807][T16177] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3502: Failed to acquire dquot type 0
[  337.326155][T16185] bridge12: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  337.341056][T16185] futex_wake_op: syz.5.3505 tries to shift op by -1; fix this program
[  337.350809][T16177] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3502: corrupted inode contents
[  337.369130][T16177] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #16: comm syz.3.3502: mark_inode_dirty error
[  337.380746][T16177] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3502: corrupted inode contents
[  337.413576][T16177] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.3502: mark_inode_dirty error
[  337.429165][T16177] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3502: corrupted inode contents
[  337.441778][T16177] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  337.454610][T16177] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3502: corrupted inode contents
[  337.468946][T16177] EXT4-fs error (device loop3): ext4_truncate:4240: inode #16: comm syz.3.3502: mark_inode_dirty error
[  337.482721][T16177] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  337.493676][T16177] EXT4-fs (loop3): 1 truncate cleaned up
[  337.500364][T16177] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.519591][T16189] loop0: detected capacity change from 0 to 512
[  337.530042][T16189] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  337.551344][T16189] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #17: comm syz.0.3507: corrupted in-inode xattr: invalid ea_ino
[  337.567174][T16193] loop4: detected capacity change from 0 to 2048
[  337.577628][T16189] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3507: couldn't read orphan inode 17 (err -117)
[  337.591686][T16193] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.640986][T16189] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3507'.
[  337.677662][T16200] loop3: detected capacity change from 0 to 512
[  337.749414][T16200] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.3509: corrupted inode contents
[  337.774782][T16200] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #3: comm syz.3.3509: mark_inode_dirty error
[  337.826726][T16200] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.3509: corrupted inode contents
[  337.904586][T16200] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #3: comm syz.3.3509: mark_inode_dirty error
[  337.924368][ T3592] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:12: bg 0: block 345: padding at end of block bitmap is not set
[  337.936178][T16200] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3509: Failed to acquire dquot type 0
[  337.961075][T16200] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3509: corrupted inode contents
[  337.973878][T16200] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #16: comm syz.3.3509: mark_inode_dirty error
[  337.985395][ T3592] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 586 with error 117
[  337.997997][ T3592] EXT4-fs (loop4): This should not happen!! Data will be lost
[  337.997997][ T3592] 
[  338.018955][T16200] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3509: corrupted inode contents
[  338.032089][T16200] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.3509: mark_inode_dirty error
[  338.046920][T16200] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3509: corrupted inode contents
[  338.060312][T16200] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  338.070865][T16200] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.3509: corrupted inode contents
[  338.084016][T16200] EXT4-fs error (device loop3): ext4_truncate:4240: inode #16: comm syz.3.3509: mark_inode_dirty error
[  338.101676][T16215] loop0: detected capacity change from 0 to 164
[  338.119353][T16215] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  338.124471][T16200] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  338.137821][T16215] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  338.148350][T16200] EXT4-fs (loop3): 1 truncate cleaned up
[  338.154505][T16200] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  338.216133][T16220] loop2: detected capacity change from 0 to 512
[  338.230239][T16220] EXT4-fs: Ignoring removed nobh option
[  338.268734][T16220] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  338.287756][T16220] EXT4-fs (loop2): failed to open journal device unknown-block(8,0) -16
[  338.484479][T16229] netlink: 'syz.3.3517': attribute type 10 has an invalid length.
[  338.492454][T16229] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3517'.
[  338.571752][T16234] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3521'.
[  338.589435][T16235] loop4: detected capacity change from 0 to 512
[  338.607157][T16235] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3520: bg 0: block 35: padding at end of block bitmap is not set
[  338.645191][T16235] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  338.666361][T16235] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3520: invalid indirect mapped block 4294967295 (level 1)
[  338.680934][T16235] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3520: invalid indirect mapped block 4294967295 (level 2)
[  338.709073][T16247] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3524'.
[  338.712928][T16244] bridge13: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  338.718077][T16247] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3524'.
[  338.730950][T16244] futex_wake_op: syz.5.3525 tries to shift op by -1; fix this program
[  338.736940][T16247] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3524'.
[  338.756679][T16235] EXT4-fs (loop4): 1 truncate cleaned up
[  338.759604][T16247] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3524'.
[  338.762875][T16235] EXT4-fs mount: 24 callbacks suppressed
[  338.762891][T16235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.809726][T16250] netlink: 'syz.0.3526': attribute type 10 has an invalid length.
[  338.817634][T16250] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3526'.
[  338.840671][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.879798][T16253] loop4: detected capacity change from 0 to 2048
[  338.900947][T16253] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.3527: bad orphan inode 8192
[  338.912445][T16253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.925394][T16256] loop0: detected capacity change from 0 to 512
[  338.932385][T16256] EXT4-fs: Ignoring removed nobh option
[  338.942945][T16256] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  338.952501][T16256] EXT4-fs (loop0): failed to open journal device unknown-block(8,0) -16
[  339.031865][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.137833][T16278] loop0: detected capacity change from 0 to 2048
[  339.167831][T16278] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.180348][T16278] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.230327][T16293] loop4: detected capacity change from 0 to 164
[  339.253792][T16293] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  339.264781][T16293] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  339.335008][T16297] netlink: 'syz.2.3532': attribute type 10 has an invalid length.
[  339.343047][T16297] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3532'.
[  339.356411][T16297] batman_adv: batadv0: Adding interface: veth1_vlan
[  339.363677][T16297] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.393950][T16297] batman_adv: batadv0: Interface activated: veth1_vlan
[  339.445518][T16106] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  339.471514][   T51] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  339.484290][   T51] EXT4-fs (loop0): This should not happen!! Data will be lost
[  339.484290][   T51] 
[  339.498492][T16300] dccp_close: ABORT with 132 bytes unread
[  339.571200][   T51] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 1891 with error 28
[  339.584004][   T51] EXT4-fs (loop0): This should not happen!! Data will be lost
[  339.584004][   T51] 
[  339.593924][   T51] EXT4-fs (loop0): Total free blocks count 0
[  339.599982][   T51] EXT4-fs (loop0): Free/Dirty block details
[  339.605985][   T51] EXT4-fs (loop0): free_blocks=0
[  339.610948][   T51] EXT4-fs (loop0): dirty_blocks=1904
[  339.616271][   T51] EXT4-fs (loop0): Block reservation details
[  339.655009][T16311] netlink: 'syz.5.3538': attribute type 10 has an invalid length.
[  339.663450][T16313] netlink: 'syz.2.3537': attribute type 10 has an invalid length.
[  339.681378][T16311] batman_adv: batadv0: Adding interface: veth1_vlan
[  339.688049][T16311] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.733160][T16309] loop3: detected capacity change from 0 to 8192
[  339.737600][T16311] batman_adv: batadv0: Interface activated: veth1_vlan
[  339.802699][T16318] loop3: detected capacity change from 0 to 512
[  339.810856][T16320] futex_wake_op: syz.0.3540 tries to shift op by -1; fix this program
[  339.822225][T16318] EXT4-fs: Ignoring removed nobh option
[  339.834096][T16318] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  339.843583][T16318] EXT4-fs (loop3): failed to open journal device unknown-block(8,0) -16
[  339.852477][T16323] dccp_close: ABORT with 132 bytes unread
[  339.950248][T16331] loop0: detected capacity change from 0 to 2048
[  339.994906][   T29] kauditd_printk_skb: 637 callbacks suppressed
[  339.994924][   T29] audit: type=1326 audit(1742694792.647:26753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.029032][T16331] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.030320][   T29] audit: type=1326 audit(1742694792.687:26754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.043827][T16331] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.064738][   T29] audit: type=1326 audit(1742694792.687:26755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.064793][   T29] audit: type=1326 audit(1742694792.687:26756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.123403][   T29] audit: type=1326 audit(1742694792.777:26757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.127669][T16345] netlink: 'syz.5.3544': attribute type 10 has an invalid length.
[  340.147153][   T29] audit: type=1326 audit(1742694792.777:26758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe61533bad0 code=0x7ffc0000
[  340.178711][   T29] audit: type=1326 audit(1742694792.777:26759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.206540][   T29] audit: type=1326 audit(1742694792.867:26760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.230395][   T29] audit: type=1326 audit(1742694792.867:26761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.254031][   T29] audit: type=1326 audit(1742694792.867:26762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16338 comm="syz.3.3545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61533d169 code=0x7ffc0000
[  340.299485][T16339] bridge5: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  340.311873][T16347] futex_wake_op: syz.3.3545 tries to shift op by -1; fix this program
[  340.344787][T14646] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.480951][T16366] loop2: detected capacity change from 0 to 512
[  340.488205][T16366] EXT4-fs: Ignoring removed nobh option
[  340.494492][T16368] netlink: 'syz.4.3551': attribute type 10 has an invalid length.
[  340.497825][T16366] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  340.515725][T16366] EXT4-fs (loop2): failed to open journal device unknown-block(8,0) -16
[  340.591462][T16375] loop0: detected capacity change from 0 to 164
[  340.617197][T16375] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  340.631576][T16375] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  340.649641][T16381] loop2: detected capacity change from 0 to 1024
[  340.656388][T16381] EXT4-fs: Ignoring removed bh option
[  340.662378][T16381] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  340.671449][T16381] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  340.682347][T16381] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  340.691706][T16381] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 2: comm syz.2.3560: lblock 2 mapped to illegal pblock 2 (length 1)
[  340.706527][T16384] netlink: 'syz.4.3559': attribute type 10 has an invalid length.
[  340.706566][T16381] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 48: comm syz.2.3560: lblock 0 mapped to illegal pblock 48 (length 1)
[  340.728633][T16381] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3560: Failed to acquire dquot type 0
[  340.743068][T16381] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  340.752897][T16381] EXT4-fs error (device loop2): ext4_evict_inode:256: inode #11: comm syz.2.3560: mark_inode_dirty error
[  340.767529][T16381] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  340.778022][T16381] EXT4-fs (loop2): 1 orphan inode deleted
[  340.790180][T16381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.802528][ T3663] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:67: lblock 1 mapped to illegal pblock 1 (length 1)
[  340.817683][ T3663] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:67: Failed to release dquot type 0
[  340.848000][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.859593][ T3611] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:28: lblock 1 mapped to illegal pblock 1 (length 1)
[  340.874481][ T3611] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:28: Failed to release dquot type 0
[  340.886482][T14000] EXT4-fs error (device loop2): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  340.900565][T14000] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  340.910660][T14000] EXT4-fs error (device loop2): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  341.004556][T16399] netlink: 'syz.2.3562': attribute type 10 has an invalid length.
[  341.032249][T16398] loop4: detected capacity change from 0 to 512
[  341.044191][T16398] EXT4-fs: Ignoring removed nobh option
[  341.050584][T16398] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  341.064536][T16398] EXT4-fs (loop4): failed to open journal device unknown-block(8,0) -16
[  341.100287][T16401] loop3: detected capacity change from 0 to 512
[  341.114959][T16401] EXT4-fs: Ignoring removed nobh option
[  341.122388][T16401] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  341.131649][T16403] loop2: detected capacity change from 0 to 2048
[  341.131718][T16401] EXT4-fs (loop3): failed to open journal device unknown-block(8,0) -16
[  341.161920][T16403] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3568: bad orphan inode 8192
[  341.189167][T16403] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.228293][T16414] loop4: detected capacity change from 0 to 1024
[  341.234960][T16414] EXT4-fs: Ignoring removed bh option
[  341.241737][T16414] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  341.252363][T16414] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  341.265474][T16416] bridge6: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  341.279781][T16414] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  341.300615][T16416] futex_wake_op: syz.3.3573 tries to shift op by -1; fix this program
[  341.309487][T16414] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 2: comm syz.4.3572: lblock 2 mapped to illegal pblock 2 (length 1)
[  341.325937][T16414] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 48: comm syz.4.3572: lblock 0 mapped to illegal pblock 48 (length 1)
[  341.344030][T16414] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.3572: Failed to acquire dquot type 0
[  341.356251][T16414] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  341.385224][T16414] EXT4-fs error (device loop4): ext4_evict_inode:256: inode #11: comm syz.4.3572: mark_inode_dirty error
[  341.397474][T16414] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  341.408381][T16414] EXT4-fs (loop4): 1 orphan inode deleted
[  341.414909][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.424871][T16414] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.425846][ T3592] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  341.471092][T16428] __nla_validate_parse: 12 callbacks suppressed
[  341.471109][T16428] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3576'.
[  341.489176][ T3592] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:12: Failed to release dquot type 0
[  341.505260][ T3375] IPVS: starting estimator thread 0...
[  341.534284][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.545735][ T3592] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  341.570502][ T3592] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:12: Failed to release dquot type 0
[  341.605149][T16432] IPVS: using max 2400 ests per chain, 120000 per kthread
[  341.612426][T13643] EXT4-fs error (device loop4): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  341.635469][T13643] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  341.663375][T13643] EXT4-fs error (device loop4): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  341.750942][T16454] loop2: detected capacity change from 0 to 512
[  341.760765][T16454] EXT4-fs: Ignoring removed nobh option
[  341.814428][T16454] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  341.859035][T16454] EXT4-fs (loop2): failed to open journal device unknown-block(8,0) -16
[  342.099942][T16479] loop2: detected capacity change from 0 to 2048
[  342.130064][T16480] loop4: detected capacity change from 0 to 164
[  342.140113][T16480] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  342.140241][T16479] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3586: bad orphan inode 8192
[  342.159236][T16480] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  342.178695][T16479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.203304][T16484] loop3: detected capacity change from 0 to 1024
[  342.228888][T16484] EXT4-fs: Ignoring removed bh option
[  342.234654][T16484] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  342.247448][T16484] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  342.259808][T16484] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  342.270060][T16484] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 2: comm syz.3.3587: lblock 2 mapped to illegal pblock 2 (length 1)
[  342.286851][T16484] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 48: comm syz.3.3587: lblock 0 mapped to illegal pblock 48 (length 1)
[  342.302665][T16484] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3587: Failed to acquire dquot type 0
[  342.315764][T16484] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  342.327384][T16484] EXT4-fs error (device loop3): ext4_evict_inode:256: inode #11: comm syz.3.3587: mark_inode_dirty error
[  342.328065][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.348459][T16484] EXT4-fs warning (device loop3): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  342.360738][T16484] EXT4-fs (loop3): 1 orphan inode deleted
[  342.369277][T16484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.381477][ T3600] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:18: lblock 1 mapped to illegal pblock 1 (length 1)
[  342.401742][ T3600] EXT4-fs error (device loop3): ext4_release_dquot:6950: comm kworker/u8:18: Failed to release dquot type 0
[  342.413528][   T10] IPVS: starting estimator thread 0...
[  342.424501][T16490] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3588'.
[  342.437038][T16488] futex_wake_op: syz.0.3589 tries to shift op by -1; fix this program
[  342.459319][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.468799][ T3663] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:67: lblock 1 mapped to illegal pblock 1 (length 1)
[  342.483848][ T3663] EXT4-fs error (device loop3): ext4_release_dquot:6950: comm kworker/u8:67: Failed to release dquot type 0
[  342.498664][T14983] EXT4-fs error (device loop3): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  342.511913][T16489] IPVS: using max 2208 ests per chain, 110400 per kthread
[  342.520472][T14983] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  342.535778][T14983] EXT4-fs error (device loop3): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  342.549044][T16492] loop2: detected capacity change from 0 to 8192
[  342.571540][T16492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3591'.
[  342.580627][T16492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3591'.
[  342.597222][T16492] team0: entered promiscuous mode
[  342.602309][T16492] team_slave_0: entered promiscuous mode
[  342.608065][T16492] team_slave_1: entered promiscuous mode
[  342.629679][T16492] bond0: entered promiscuous mode
[  342.634845][T16492] bond_slave_0: entered promiscuous mode
[  342.640618][T16492] bond_slave_1: entered promiscuous mode
[  342.651045][T16492] 8021q: adding VLAN 0 to HW filter on device hsr1
[  342.712529][T16503] loop3: detected capacity change from 0 to 512
[  342.734179][T16503] EXT4-fs: Ignoring removed nobh option
[  342.755288][T16503] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  342.764651][T16503] EXT4-fs (loop3): failed to open journal device unknown-block(8,0) -16
[  342.779557][T16509] bridge14: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  342.832478][T16509] futex_wake_op: syz.5.3597 tries to shift op by -1; fix this program
[  342.870982][T16514] loop3: detected capacity change from 0 to 2048
[  342.909303][T16514] EXT4-fs error (device loop3): ext4_orphan_get:1415: comm syz.3.3598: bad orphan inode 8192
[  342.920217][T16523] netlink: 'syz.4.3599': attribute type 10 has an invalid length.
[  342.928236][T16523] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3599'.
[  342.943762][T16514] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.061559][T16540] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3604'.
[  343.226614][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.237754][T16561] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3606'.
[  343.279114][T16564] loop4: detected capacity change from 0 to 512
[  343.290699][T16564] EXT4-fs: Ignoring removed nobh option
[  343.299070][T16564] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  343.326809][T16564] EXT4-fs (loop4): failed to open journal device unknown-block(8,0) -16
[  343.421659][T16575] loop2: detected capacity change from 0 to 2048
[  343.447557][T16575] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3611: bad orphan inode 8192
[  343.460130][T16575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.560381][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.601598][T16589] loop4: detected capacity change from 0 to 2048
[  343.608470][T16587] loop3: detected capacity change from 0 to 2048
[  343.640149][T16587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.655527][T16589] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.664371][T16587] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.678692][T16602] validate_nla: 1 callbacks suppressed
[  343.678708][T16602] netlink: 'syz.2.3616': attribute type 10 has an invalid length.
[  343.687644][T16589] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.692073][T16602] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3616'.
[  343.728479][T16604] loop5: detected capacity change from 0 to 1024
[  343.744471][T16604] EXT4-fs: Ignoring removed bh option
[  343.750692][T16604] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  343.887662][T16609] loop2: detected capacity change from 0 to 512
[  343.889176][T16604] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  343.894863][T16609] EXT4-fs: Ignoring removed nobh option
[  343.913380][T16609] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  343.927592][T16604] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  343.938158][T16609] EXT4-fs (loop2): failed to open journal device unknown-block(8,0) -16
[  344.015954][T16604] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 2: comm syz.5.3620: lblock 2 mapped to illegal pblock 2 (length 1)
[  344.033071][T16616] futex_wake_op: syz.2.3624 tries to shift op by -1; fix this program
[  344.042482][T16604] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 48: comm syz.5.3620: lblock 0 mapped to illegal pblock 48 (length 1)
[  344.057980][T16617] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3623'.
[  344.067109][T16617] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3623'.
[  344.076237][T16604] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3620: Failed to acquire dquot type 0
[  344.104147][T16604] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  344.124358][T16604] EXT4-fs error (device loop5): ext4_evict_inode:256: inode #11: comm syz.5.3620: mark_inode_dirty error
[  344.135972][T16604] EXT4-fs warning (device loop5): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  344.146624][T16604] EXT4-fs (loop5): 1 orphan inode deleted
[  344.152929][T16604] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.166197][ T3663] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:67: lblock 1 mapped to illegal pblock 1 (length 1)
[  344.181707][ T3663] EXT4-fs error (device loop5): ext4_release_dquot:6950: comm kworker/u8:67: Failed to release dquot type 0
[  344.195656][    T9] IPVS: starting estimator thread 0...
[  344.201871][T16604] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  344.247204][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.256398][ T3600] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:18: lblock 1 mapped to illegal pblock 1 (length 1)
[  344.271042][ T3600] EXT4-fs error (device loop5): ext4_release_dquot:6950: comm kworker/u8:18: Failed to release dquot type 0
[  344.285009][T14358] EXT4-fs error (device loop5): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  344.285228][T16619] IPVS: using max 2064 ests per chain, 103200 per kthread
[  344.300820][T14358] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  344.323524][T14358] EXT4-fs error (device loop5): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  344.395868][T16627] bridge15: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  344.408966][T16627] futex_wake_op: syz.5.3628 tries to shift op by -1; fix this program
[  344.566144][T16638] netlink: 'syz.2.3631': attribute type 10 has an invalid length.
[  344.590422][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.600367][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.642311][T16640] gretap0: entered promiscuous mode
[  344.649565][T16640] gretap0: left promiscuous mode
[  344.680306][T16642] loop4: detected capacity change from 0 to 8192
[  344.693468][T16642] team0: entered promiscuous mode
[  344.698678][T16642] team_slave_0: entered promiscuous mode
[  344.704444][T16642] team_slave_1: entered promiscuous mode
[  344.711724][T16642] bond0: entered promiscuous mode
[  344.716892][T16642] bond_slave_0: entered promiscuous mode
[  344.723662][T16642] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  344.731293][T16642] Cannot create hsr debugfs directory
[  344.737320][T16642] 8021q: adding VLAN 0 to HW filter on device hsr1
[  344.753120][T16644] bridge7: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  344.766513][T16644] futex_wake_op: syz.3.3634 tries to shift op by -1; fix this program
[  344.801035][T16646] loop4: detected capacity change from 0 to 512
[  344.813446][T16646] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  344.832877][T16646] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #17: comm syz.4.3635: corrupted in-inode xattr: invalid ea_ino
[  344.849967][T16646] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3635: couldn't read orphan inode 17 (err -117)
[  344.862617][T16646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.982005][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.015482][T16659] loop0: detected capacity change from 0 to 8192
[  345.143227][T16669] loop0: detected capacity change from 0 to 2048
[  345.150129][T16670] netlink: 'syz.4.3642': attribute type 10 has an invalid length.
[  345.170737][T16669] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.182939][T16669] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.256007][T16676] loop4: detected capacity change from 0 to 164
[  345.274124][T16676] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  345.289272][   T29] kauditd_printk_skb: 904 callbacks suppressed
[  345.289291][   T29] audit: type=1326 audit(1742694797.947:27651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.314001][T16676] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  345.342797][   T29] audit: type=1326 audit(1742694797.947:27652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.366502][   T29] audit: type=1326 audit(1742694797.947:27653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.390303][   T29] audit: type=1326 audit(1742694797.947:27654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.414015][   T29] audit: type=1326 audit(1742694797.967:27655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.437701][   T29] audit: type=1326 audit(1742694797.967:27656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.461415][   T29] audit: type=1326 audit(1742694797.967:27657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.485111][   T29] audit: type=1326 audit(1742694797.967:27658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.508766][   T29] audit: type=1326 audit(1742694797.967:27659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.532404][   T29] audit: type=1326 audit(1742694797.967:27660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16668 comm="syz.0.3643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  345.568294][T16679] loop5: detected capacity change from 0 to 8192
[  345.646162][T16683] gretap0: entered promiscuous mode
[  345.653486][T16683] gretap0: left promiscuous mode
[  345.668054][T16689] loop3: detected capacity change from 0 to 512
[  345.669208][T16679] bond0: entered promiscuous mode
[  345.679590][T16679] bond_slave_0: entered promiscuous mode
[  345.685381][T16679] bond_slave_1: entered promiscuous mode
[  345.691410][T16689] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  345.703509][T16679] bond0: left promiscuous mode
[  345.708442][T16679] bond_slave_0: left promiscuous mode
[  345.714028][T16679] bond_slave_1: left promiscuous mode
[  345.722425][T16689] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #17: comm syz.3.3651: corrupted in-inode xattr: invalid ea_ino
[  345.767768][T16689] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3651: couldn't read orphan inode 17 (err -117)
[  345.781473][T16689] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.904598][T16702] netlink: 'syz.2.3654': attribute type 10 has an invalid length.
[  345.942315][T16704] bridge16: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  345.976851][T16704] futex_wake_op: syz.5.3656 tries to shift op by -1; fix this program
[  345.988137][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.075682][T14646] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.108548][T16716] netlink: 'syz.4.3659': attribute type 10 has an invalid length.
[  346.119329][T16712] loop3: detected capacity change from 0 to 2048
[  346.130920][T16717] bridge7: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  346.145168][T16717] futex_wake_op: syz.0.3660 tries to shift op by -1; fix this program
[  346.159827][T16712] EXT4-fs error (device loop3): ext4_orphan_get:1415: comm syz.3.3657: bad orphan inode 8192
[  346.189953][T16712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.243292][T16724] loop2: detected capacity change from 0 to 512
[  346.277757][T16724] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3662: bg 0: block 35: padding at end of block bitmap is not set
[  346.302970][T16724] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  346.312570][T16724] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.3662: invalid indirect mapped block 4294967295 (level 1)
[  346.329536][T16724] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.3662: invalid indirect mapped block 4294967295 (level 2)
[  346.345425][T16724] EXT4-fs (loop2): 1 truncate cleaned up
[  346.351536][T16724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.384653][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.441144][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.508170][T16749] loop3: detected capacity change from 0 to 512
[  346.534531][T16749] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3666: bg 0: block 35: padding at end of block bitmap is not set
[  346.575642][T16749] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  346.604136][T16749] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3666: invalid indirect mapped block 4294967295 (level 1)
[  346.622382][T16749] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3666: invalid indirect mapped block 4294967295 (level 2)
[  346.640518][T16749] EXT4-fs (loop3): 1 truncate cleaned up
[  346.649362][T16749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  346.726853][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.811010][T16782] netlink: 'syz.3.3671': attribute type 10 has an invalid length.
[  346.818982][T16782] __nla_validate_parse: 16 callbacks suppressed
[  346.818995][T16782] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3671'.
[  346.848897][T16785] loop2: detected capacity change from 0 to 512
[  346.905696][T16785] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.3675: corrupted inode contents
[  346.919879][T16785] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #3: comm syz.2.3675: mark_inode_dirty error
[  346.934621][T16785] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.3675: corrupted inode contents
[  346.948026][T16785] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.3675: mark_inode_dirty error
[  346.960005][T16785] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3675: Failed to acquire dquot type 0
[  346.981712][T16785] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3675: corrupted inode contents
[  346.994601][T16785] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #16: comm syz.2.3675: mark_inode_dirty error
[  347.007582][T16785] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3675: corrupted inode contents
[  347.020043][T16785] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.3675: mark_inode_dirty error
[  347.034224][T16785] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3675: corrupted inode contents
[  347.055674][T16785] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  347.068091][T16785] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3675: corrupted inode contents
[  347.110223][T16785] EXT4-fs error (device loop2): ext4_truncate:4240: inode #16: comm syz.2.3675: mark_inode_dirty error
[  347.134485][T16785] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  347.169304][T16803] loop3: detected capacity change from 0 to 512
[  347.170842][T16785] EXT4-fs (loop2): 1 truncate cleaned up
[  347.182274][T16785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.196540][T16785] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.206485][T16806] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3681'.
[  347.216043][T16806] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3681'.
[  347.225389][T16806] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3681'.
[  347.238105][T16803] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3682: bg 0: block 35: padding at end of block bitmap is not set
[  347.245568][T16806] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3681'.
[  347.281253][T16803] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  347.327811][T16803] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3682: invalid indirect mapped block 4294967295 (level 1)
[  347.344858][T16803] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3682: invalid indirect mapped block 4294967295 (level 2)
[  347.348549][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.375283][T16803] EXT4-fs (loop3): 1 truncate cleaned up
[  347.386941][T16803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.462389][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.508646][T16828] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3689'.
[  347.517662][T16828] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3689'.
[  347.526700][T16828] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3689'.
[  347.540913][T16825] bridge8: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  347.574512][T16825] futex_wake_op: syz.3.3690 tries to shift op by -1; fix this program
[  347.611335][T16828] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3689'.
[  347.652889][T16833] loop0: detected capacity change from 0 to 8192
[  347.903579][T16845] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3698'.
[  348.121011][T16861] loop0: detected capacity change from 0 to 8192
[  348.433507][T16890] loop0: detected capacity change from 0 to 164
[  348.464352][T16890] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  348.480547][T16888] loop4: detected capacity change from 0 to 512
[  348.494797][T16888] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  348.510693][T16890] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  348.521956][T16897] bridge17: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  348.534209][T16897] futex_wake_op: syz.5.3720 tries to shift op by -1; fix this program
[  348.551011][T16895] loop2: detected capacity change from 0 to 8192
[  348.564786][T16888] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #17: comm syz.4.3716: corrupted in-inode xattr: invalid ea_ino
[  348.579042][T16888] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3716: couldn't read orphan inode 17 (err -117)
[  348.595515][T16888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.768439][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.834915][T16918] bridge7: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  348.846561][T16918] futex_wake_op: syz.4.3726 tries to shift op by -1; fix this program
[  349.003827][T16931] loop2: detected capacity change from 0 to 8192
[  349.054902][T16938] loop2: detected capacity change from 0 to 512
[  349.062125][T16938] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  349.074846][T16938] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #17: comm syz.2.3735: corrupted in-inode xattr: invalid ea_ino
[  349.091983][T16938] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.3735: couldn't read orphan inode 17 (err -117)
[  349.104993][T16938] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.132537][T16938] bond0: (slave bond_slave_1): Releasing backup interface
[  349.141311][T16938] bond_slave_1 (unregistering): left promiscuous mode
[  349.286014][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.480784][T16962] loop2: detected capacity change from 0 to 8192
[  349.510559][T16958] loop0: detected capacity change from 0 to 8192
[  349.545194][T16958] bond0: entered promiscuous mode
[  349.550363][T16958] bond_slave_0: entered promiscuous mode
[  349.578912][T16958] bond0: left promiscuous mode
[  349.583751][T16958] bond_slave_0: left promiscuous mode
[  349.592433][T16973] futex_wake_op: syz.2.3750 tries to shift op by -1; fix this program
[  349.731869][T16985] bridge8: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  349.758455][T16985] futex_wake_op: syz.0.3754 tries to shift op by -1; fix this program
[  349.790358][T16992] netlink: 'syz.5.3753': attribute type 10 has an invalid length.
[  349.910392][T16996] loop2: detected capacity change from 0 to 8192
[  349.954284][T17011] bridge9: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  349.983823][T17011] futex_wake_op: syz.3.3765 tries to shift op by -1; fix this program
[  349.999239][T17006] loop4: detected capacity change from 0 to 2048
[  350.024801][T17015] futex_wake_op: syz.2.3766 tries to shift op by -1; fix this program
[  350.076008][T17006]  loop4: p1 < > p4
[  350.080582][T17006] loop4: p4 size 8388608 extends beyond EOD, truncated
[  350.153327][T17022] loop5: detected capacity change from 0 to 512
[  350.165527][T17022] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3767: bg 0: block 35: padding at end of block bitmap is not set
[  350.185837][T17022] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  350.198188][T17022] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3767: invalid indirect mapped block 4294967295 (level 1)
[  350.213095][T17022] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3767: invalid indirect mapped block 4294967295 (level 2)
[  350.228295][T17022] EXT4-fs (loop5): 1 truncate cleaned up
[  350.236734][T17022] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.264649][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.274975][T17028] loop4: detected capacity change from 0 to 128
[  350.300229][T17028] FAT-fs (loop4): Directory bread(block 3236) failed
[  350.332156][T17028] FAT-fs (loop4): Directory bread(block 3237) failed
[  350.339907][T17028] FAT-fs (loop4): Directory bread(block 3238) failed
[  350.348829][T17028] FAT-fs (loop4): Directory bread(block 3239) failed
[  350.356192][T17028] FAT-fs (loop4): Directory bread(block 3240) failed
[  350.363411][T17028] FAT-fs (loop4): Directory bread(block 3241) failed
[  350.370294][T17028] FAT-fs (loop4): Directory bread(block 3242) failed
[  350.377372][T17028] FAT-fs (loop4): Directory bread(block 3243) failed
[  350.390106][T17028] FAT-fs (loop4): Directory bread(block 3236) failed
[  350.393055][T17038] loop2: detected capacity change from 0 to 512
[  350.398111][T17028] FAT-fs (loop4): Directory bread(block 3237) failed
[  350.417652][T17038] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.3774: corrupted inode contents
[  350.439576][T17038] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #3: comm syz.2.3774: mark_inode_dirty error
[  350.452750][T17038] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.3774: corrupted inode contents
[  350.475712][T17038] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.3774: mark_inode_dirty error
[  350.490557][T17038] __quota_error: 430 callbacks suppressed
[  350.490611][T17038] Quota error (device loop2): write_blk: dquota write failed
[  350.504150][T17038] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  350.517429][T17038] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3774: Failed to acquire dquot type 0
[  350.536134][T17044] loop5: detected capacity change from 0 to 8192
[  350.544974][T17038] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3774: corrupted inode contents
[  350.563243][T17038] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #16: comm syz.2.3774: mark_inode_dirty error
[  350.584613][   T29] audit: type=1326 audit(1742694803.237:28089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.602639][T17046] loop4: detected capacity change from 0 to 2048
[  350.611100][T17048] futex_wake_op: syz.0.3778 tries to shift op by -1; fix this program
[  350.615034][T17038] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3774: corrupted inode contents
[  350.639503][   T29] audit: type=1326 audit(1742694803.277:28090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.649418][T17038] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.3774: mark_inode_dirty error
[  350.663408][   T29] audit: type=1326 audit(1742694803.277:28091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.675512][T17038] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3774: corrupted inode contents
[  350.698356][   T29] audit: type=1326 audit(1742694803.277:28092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.734010][   T29] audit: type=1326 audit(1742694803.277:28093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.757704][   T29] audit: type=1326 audit(1742694803.277:28094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.781319][   T29] audit: type=1326 audit(1742694803.277:28095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.805196][   T29] audit: type=1326 audit(1742694803.277:28096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17047 comm="syz.0.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f439cfad169 code=0x7ffc0000
[  350.833404][T17046] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.845712][T17038] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  350.858179][T17046] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.860452][T17038] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3774: corrupted inode contents
[  350.881193][T17038] EXT4-fs error (device loop2): ext4_truncate:4240: inode #16: comm syz.2.3774: mark_inode_dirty error
[  350.902681][T17038] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  350.923431][T17038] EXT4-fs (loop2): 1 truncate cleaned up
[  350.929882][T17038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.947483][T17038] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.983197][T17055] loop0: detected capacity change from 0 to 2048
[  351.010382][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.021813][T17055]  loop0: p1 < > p4
[  351.027365][T17055] loop0: p4 size 8388608 extends beyond EOD, truncated
[  351.051094][ T3000]  loop0: p1 < > p4
[  351.057071][ T3000] loop0: p4 size 8388608 extends beyond EOD, truncated
[  351.242591][T17076] loop2: detected capacity change from 0 to 2048
[  351.268951][T17076] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3788: bad orphan inode 8192
[  351.283796][T17076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.321939][ T3581] udevd[3581]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  351.341447][T17083] futex_wake_op: syz.5.3790 tries to shift op by -1; fix this program
[  351.398774][ T3694] udevd[3694]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  351.427819][ T3663] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:67: bg 0: block 345: padding at end of block bitmap is not set
[  351.457413][ T3663] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[  351.470118][ T3663] EXT4-fs (loop4): This should not happen!! Data will be lost
[  351.470118][ T3663] 
[  351.529706][T14000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.554443][T17081] loop3: detected capacity change from 0 to 8192
[  351.679616][T17091] bridge8: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  351.691747][T17091] futex_wake_op: syz.2.3791 tries to shift op by -1; fix this program
[  351.711428][T17095] loop5: detected capacity change from 0 to 512
[  351.846335][T17095] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #3: comm syz.5.3795: corrupted inode contents
[  351.858504][T17095] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #3: comm syz.5.3795: mark_inode_dirty error
[  351.871149][T17095] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #3: comm syz.5.3795: corrupted inode contents
[  351.884422][T17095] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #3: comm syz.5.3795: mark_inode_dirty error
[  351.899889][T17095] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3795: Failed to acquire dquot type 0
[  351.914416][T17095] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3795: corrupted inode contents
[  351.930236][T17095] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #16: comm syz.5.3795: mark_inode_dirty error
[  351.994313][T17095] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3795: corrupted inode contents
[  352.101329][ T3600] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 1670 with error 117
[  352.114308][ T3600] EXT4-fs (loop4): This should not happen!! Data will be lost
[  352.114308][ T3600] 
[  352.142717][T17095] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #16: comm syz.5.3795: mark_inode_dirty error
[  352.184200][T17095] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3795: corrupted inode contents
[  352.249808][T17095] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  352.263642][T17108] __nla_validate_parse: 17 callbacks suppressed
[  352.263659][T17108] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3799'.
[  352.274842][T17095] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3795: corrupted inode contents
[  352.291041][T17095] EXT4-fs error (device loop5): ext4_truncate:4240: inode #16: comm syz.5.3795: mark_inode_dirty error
[  352.303203][T17095] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  352.304048][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.319472][T17095] EXT4-fs (loop5): 1 truncate cleaned up
[  352.327637][T17095] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.343604][T17095] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.370713][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.432570][T17110] loop4: detected capacity change from 0 to 2048
[  352.475553][T17110]  loop4: p1 < > p4
[  352.480396][T17110] loop4: p4 size 8388608 extends beyond EOD, truncated
[  352.498732][T17115] loop0: detected capacity change from 0 to 2048
[  352.545943][T17115]  loop0: p1 < > p4
[  352.550435][T17115] loop0: p4 size 8388608 extends beyond EOD, truncated
[  352.567195][ T3000]  loop0: p1 < > p4
[  352.571531][ T3000] loop0: p4 size 8388608 extends beyond EOD, truncated
[  352.706164][T17132] loop4: detected capacity change from 0 to 512
[  352.717297][T17128] loop2: detected capacity change from 0 to 8192
[  352.726268][T17132] EXT4-fs: Ignoring removed nobh option
[  352.732502][T17132] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  352.743890][T17137] netlink: 'syz.3.3807': attribute type 10 has an invalid length.
[  352.751801][T17137] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3807'.
[  352.771014][T17132] EXT4-fs (loop4): failed to open journal device unknown-block(8,0) -16
[  352.792671][T17139] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3810'.
[  352.801833][T17139] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3810'.
[  352.810914][T17139] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3810'.
[  352.822401][T17136] netlink: 'syz.0.3809': attribute type 10 has an invalid length.
[  352.830377][T17136] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3809'.
[  352.841955][T17139] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3810'.
[  352.880768][T17143] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3811'.
[  353.009369][T17155] futex_atomic_op_inuser: 1 callbacks suppressed
[  353.009387][T17155] futex_wake_op: syz.2.3815 tries to shift op by -1; fix this program
[  353.066219][T17160] bridge8: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  353.081702][T17160] futex_wake_op: syz.4.3819 tries to shift op by -1; fix this program
[  353.149675][T17166] loop5: detected capacity change from 0 to 2048
[  353.179143][T17166] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.3821: bad orphan inode 8192
[  353.183585][T17170] loop2: detected capacity change from 0 to 512
[  353.192682][T17166] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.196283][T17170] EXT4-fs: Ignoring removed nobh option
[  353.340527][T17170] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  353.401295][T17170] EXT4-fs (loop2): failed to open journal device unknown-block(8,0) -16
[  353.504643][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.776208][T17193] netlink: 'syz.5.3823': attribute type 10 has an invalid length.
[  353.784064][T17193] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3823'.
[  353.823252][T17202] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3824'.
[  353.958638][T17209] loop2: detected capacity change from 0 to 8192
[  354.043480][T17224] futex_wake_op: syz.3.3832 tries to shift op by -1; fix this program
[  354.109394][T17236] loop4: detected capacity change from 0 to 512
[  354.116306][T17236] EXT4-fs: Ignoring removed nobh option
[  354.123136][T17236] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  354.132461][T17236] EXT4-fs (loop4): failed to open journal device unknown-block(8,0) -16
[  354.902975][T17264] loop2: detected capacity change from 0 to 8192
[  354.940892][T17268] futex_wake_op: syz.5.3848 tries to shift op by -1; fix this program
[  355.016768][T17270] loop2: detected capacity change from 0 to 8192
[  355.189111][T17284] loop3: detected capacity change from 0 to 2048
[  355.208896][T17284] EXT4-fs error (device loop3): ext4_orphan_get:1415: comm syz.3.3855: bad orphan inode 8192
[  355.235582][T17284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.342746][T17294] loop4: detected capacity change from 0 to 8192
[  355.371931][T17306] loop5: detected capacity change from 0 to 1024
[  355.382045][T17306] EXT4-fs: Ignoring removed bh option
[  355.404904][T17306] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  355.418027][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.452305][T17306] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  355.487421][T17306] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  355.491163][T17322] futex_wake_op: syz.4.3863 tries to shift op by -1; fix this program
[  355.495629][   T29] kauditd_printk_skb: 640 callbacks suppressed
[  355.495645][   T29] audit: type=1326 audit(1742694808.147:28735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.495682][   T29] audit: type=1326 audit(1742694808.147:28736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.558333][   T29] audit: type=1326 audit(1742694808.147:28737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.561887][T17306] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 2: comm syz.5.3861: lblock 2 mapped to illegal pblock 2 (length 1)
[  355.582038][   T29] audit: type=1326 audit(1742694808.147:28738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.582074][   T29] audit: type=1326 audit(1742694808.147:28739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.582107][   T29] audit: type=1326 audit(1742694808.147:28740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.607112][T17306] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  355.619496][   T29] audit: type=1326 audit(1742694808.147:28741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.666625][   T29] audit: type=1326 audit(1742694808.147:28742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.709013][T17306] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 48: comm syz.5.3861: lblock 0 mapped to illegal pblock 48 (length 1)
[  355.722020][   T29] audit: type=1326 audit(1742694808.147:28743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17320 comm="syz.4.3863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d59e7d169 code=0x7ffc0000
[  355.761024][T17306] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3861: Failed to acquire dquot type 0
[  355.772674][T17306] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  355.783441][T17306] EXT4-fs error (device loop5): ext4_evict_inode:256: inode #11: comm syz.5.3861: mark_inode_dirty error
[  355.794856][T17306] EXT4-fs warning (device loop5): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  355.807512][T17306] EXT4-fs (loop5): 1 orphan inode deleted
[  355.813849][T17306] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.827533][ T3601] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:19: lblock 1 mapped to illegal pblock 1 (length 1)
[  355.843386][ T3601] EXT4-fs error (device loop5): ext4_release_dquot:6950: comm kworker/u8:19: Failed to release dquot type 0
[  355.928198][T17306] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  356.033643][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.259374][T17351] bridge9: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  356.357419][T17355] bridge9: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  356.373910][ T3611] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:28: lblock 1 mapped to illegal pblock 1 (length 1)
[  356.390706][T17351] futex_wake_op: syz.2.3869 tries to shift op by -1; fix this program
[  356.400950][ T3611] EXT4-fs error (device loop5): ext4_release_dquot:6950: comm kworker/u8:28: Failed to release dquot type 0
[  356.412597][T17353] loop0: detected capacity change from 0 to 8192
[  356.414248][T17355] futex_wake_op: syz.4.3871 tries to shift op by -1; fix this program
[  356.428477][T14358] EXT4-fs error (device loop5): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  356.442551][T14358] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  356.454204][T14358] EXT4-fs error (device loop5): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  356.502154][T17361] bridge10: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  356.513833][T17361] futex_wake_op: syz.2.3872 tries to shift op by -1; fix this program
[  356.718780][T17372] futex_wake_op: syz.0.3875 tries to shift op by -1; fix this program
[  356.809595][T17374] loop3: detected capacity change from 0 to 2048
[  356.856032][T17374]  loop3: p1 < > p4
[  356.861169][T17374] loop3: p4 size 8388608 extends beyond EOD, truncated
[  356.906472][T17384] netlink: 'syz.0.3879': attribute type 10 has an invalid length.
[  357.082031][T17391] loop0: detected capacity change from 0 to 8192
[  357.213334][T17393] loop4: detected capacity change from 0 to 8192
[  357.238555][T17395] loop0: detected capacity change from 0 to 2048
[  357.269757][T17395] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  357.399528][ T3601] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:19: bg 0: block 345: padding at end of block bitmap is not set
[  357.455370][ T3601] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 116 with error 117
[  357.468099][ T3601] EXT4-fs (loop0): This should not happen!! Data will be lost
[  357.468099][ T3601] 
[  357.483698][T17410] futex_wake_op: syz.4.3887 tries to shift op by -1; fix this program
[  357.671231][T17421] loop4: detected capacity change from 0 to 2048
[  357.693352][T17421] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.3893: bad orphan inode 8192
[  357.787015][T17428] bridge18: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  357.889680][T17432] bridge10: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  358.292743][T17437] loop0: detected capacity change from 0 to 8192
[  358.453073][T17443] bridge11: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  358.467760][T17443] futex_atomic_op_inuser: 3 callbacks suppressed
[  358.467778][T17443] futex_wake_op: syz.2.3899 tries to shift op by -1; fix this program
[  358.567674][T17447] __nla_validate_parse: 8 callbacks suppressed
[  358.567688][T17447] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3900'.
[  358.583049][T17447] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3900'.
[  358.592034][T17447] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3900'.
[  358.601046][T17447] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3900'.
[  358.701707][T17454] futex_wake_op: syz.4.3903 tries to shift op by -1; fix this program
[  358.740642][T17452] loop5: detected capacity change from 0 to 2048
[  358.807428][T17452]  loop5: p1 < > p4
[  358.814571][T17452] loop5: p4 size 8388608 extends beyond EOD, truncated
[  358.824537][T17466] loop4: detected capacity change from 0 to 2048
[  358.843949][T17468] futex_wake_op: syz.0.3908 tries to shift op by -1; fix this program
[  358.890487][T17466] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.3907: bad orphan inode 8192
[  358.936699][T17475] loop3: detected capacity change from 0 to 8192
[  358.993702][T17478] bridge19: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  359.011822][T17478] futex_wake_op: syz.5.3911 tries to shift op by -1; fix this program
[  359.194225][T17487] bridge10: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  359.221258][T17489] bridge11: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  359.229309][T17487] futex_wake_op: syz.4.3915 tries to shift op by -1; fix this program
[  359.240155][T17489] futex_wake_op: syz.3.3914 tries to shift op by -1; fix this program
[  359.361282][T17496] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3916'.
[  359.370423][T17496] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3916'.
[  359.379443][T17496] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3916'.
[  359.388415][T17496] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3916'.
[  359.693626][T17498] futex_wake_op: syz.0.3917 tries to shift op by -1; fix this program
[  359.880494][T17511] bridge9: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  359.892527][T17511] futex_wake_op: syz.0.3922 tries to shift op by -1; fix this program
[  360.390534][T17522] bridge11: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  360.409892][T17522] futex_wake_op: syz.4.3926 tries to shift op by -1; fix this program
[  360.429316][T17520] loop3: detected capacity change from 0 to 8192
[  360.495257][T17527] futex_wake_op: syz.2.3927 tries to shift op by -1; fix this program
[  360.505521][   T29] kauditd_printk_skb: 675 callbacks suppressed
[  360.505538][   T29] audit: type=1326 audit(1742694813.157:29416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.2.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  360.535391][   T29] audit: type=1326 audit(1742694813.157:29417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.2.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  360.559265][   T29] audit: type=1326 audit(1742694813.157:29418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.2.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  360.583867][   T29] audit: type=1326 audit(1742694813.167:29419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.2.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  360.607584][   T29] audit: type=1326 audit(1742694813.167:29420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.2.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  360.631513][   T29] audit: type=1326 audit(1742694813.167:29421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.2.3927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  360.723724][   T29] audit: type=1326 audit(1742694813.377:29422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17532 comm="syz.5.3928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  360.747524][   T29] audit: type=1326 audit(1742694813.377:29423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17532 comm="syz.5.3928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  360.782771][   T29] audit: type=1326 audit(1742694813.407:29424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17532 comm="syz.5.3928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  360.806581][   T29] audit: type=1326 audit(1742694813.407:29425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17532 comm="syz.5.3928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  360.868472][T17540] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3931'.
[  360.923271][T17544] loop3: detected capacity change from 0 to 8192
[  360.933370][T17544] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3930'.
[  360.947080][T17544] bond0: entered promiscuous mode
[  360.952182][T17544] bond_slave_0: entered promiscuous mode
[  360.962053][T17544] bond0: left promiscuous mode
[  360.966899][T17544] bond_slave_0: left promiscuous mode
[  361.245369][T17563] bridge10: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  361.384362][T17565] loop4: detected capacity change from 0 to 8192
[  361.631797][T17571] loop2: detected capacity change from 0 to 2048
[  361.680025][T17571] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.710293][T17579] loop3: detected capacity change from 0 to 2048
[  361.728852][T17579] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.823056][ T3592] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:12: bg 0: block 345: padding at end of block bitmap is not set
[  361.868643][ T3645] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:51: bg 0: block 345: padding at end of block bitmap is not set
[  361.889723][ T3592] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 193 with error 117
[  361.902341][ T3592] EXT4-fs (loop3): This should not happen!! Data will be lost
[  361.902341][ T3592] 
[  361.923690][ T3645] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 425 with error 117
[  361.936296][ T3645] EXT4-fs (loop2): This should not happen!! Data will be lost
[  361.936296][ T3645] 
[  362.063439][T17590] loop5: detected capacity change from 0 to 512
[  362.097163][T17590] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #3: comm syz.5.3946: corrupted inode contents
[  362.110428][T17590] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #3: comm syz.5.3946: mark_inode_dirty error
[  362.138055][T17590] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #3: comm syz.5.3946: corrupted inode contents
[  362.154685][T17590] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #3: comm syz.5.3946: mark_inode_dirty error
[  362.172178][T17590] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3946: Failed to acquire dquot type 0
[  362.184974][T17590] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3946: corrupted inode contents
[  362.231888][T17590] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #16: comm syz.5.3946: mark_inode_dirty error
[  362.272259][T17590] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3946: corrupted inode contents
[  362.290968][T17590] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #16: comm syz.5.3946: mark_inode_dirty error
[  362.309472][T17590] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3946: corrupted inode contents
[  362.325284][T17590] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  362.335660][T17590] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #16: comm syz.5.3946: corrupted inode contents
[  362.348146][T17590] EXT4-fs error (device loop5): ext4_truncate:4240: inode #16: comm syz.5.3946: mark_inode_dirty error
[  362.379530][T17590] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  362.392618][T17590] EXT4-fs (loop5): 1 truncate cleaned up
[  362.401539][T17590] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.429146][T17605] loop0: detected capacity change from 0 to 164
[  362.438328][T17605] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  362.442327][T17604] bridge12: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  362.447545][T17605] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  362.770888][T17621] loop5: detected capacity change from 0 to 1024
[  362.780007][T17619] loop3: detected capacity change from 0 to 8192
[  362.791243][T17621] EXT4-fs: Ignoring removed bh option
[  362.800910][T17621] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  362.814693][T17621] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  362.827735][T17621] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  362.837447][T17621] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 2: comm syz.5.3955: lblock 2 mapped to illegal pblock 2 (length 1)
[  362.852660][T17621] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 48: comm syz.5.3955: lblock 0 mapped to illegal pblock 48 (length 1)
[  362.867493][T17621] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3955: Failed to acquire dquot type 0
[  362.882782][T17621] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  362.901872][T17621] EXT4-fs error (device loop5): ext4_evict_inode:256: inode #11: comm syz.5.3955: mark_inode_dirty error
[  362.914205][T17625] loop2: detected capacity change from 0 to 1024
[  362.915134][T17621] EXT4-fs warning (device loop5): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  362.932440][T17621] EXT4-fs (loop5): 1 orphan inode deleted
[  362.938687][T17625] EXT4-fs: Ignoring removed bh option
[  362.944704][T17625] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  362.953900][T17625] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  362.955609][T17621] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  362.965537][T17625] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  362.983631][T17625] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 2: comm syz.2.3956: lblock 2 mapped to illegal pblock 2 (length 1)
[  362.997818][T17625] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 48: comm syz.2.3956: lblock 0 mapped to illegal pblock 48 (length 1)
[  363.012387][T17625] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3956: Failed to acquire dquot type 0
[  363.023949][ T3663] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:67: lblock 1 mapped to illegal pblock 1 (length 1)
[  363.039467][ T3663] EXT4-fs error (device loop5): ext4_release_dquot:6950: comm kworker/u8:67: Failed to release dquot type 0
[  363.040269][T17625] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  363.062252][T14358] EXT4-fs error (device loop5): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  363.075193][T17625] EXT4-fs error (device loop2): ext4_evict_inode:256: inode #11: comm syz.2.3956: mark_inode_dirty error
[  363.076310][T17625] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  363.089817][T14358] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  363.096839][T17625] EXT4-fs (loop2): 1 orphan inode deleted
[  363.122080][T14358] EXT4-fs error (device loop5): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  363.133468][ T3645] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:51: lblock 1 mapped to illegal pblock 1 (length 1)
[  363.155027][ T3645] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:51: Failed to release dquot type 0
[  363.195048][T17625] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  363.198717][T17628] bridge12: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  363.271303][ T3611] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:28: lblock 1 mapped to illegal pblock 1 (length 1)
[  363.296896][ T3611] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:28: Failed to release dquot type 0
[  363.312883][T17637] loop0: detected capacity change from 0 to 512
[  363.319505][T14000] EXT4-fs error (device loop2): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  363.334502][T14000] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  363.346720][T14000] EXT4-fs error (device loop2): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  363.374443][T17637] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #3: comm syz.0.3961: corrupted inode contents
[  363.409173][T17637] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #3: comm syz.0.3961: mark_inode_dirty error
[  363.430021][T17637] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #3: comm syz.0.3961: corrupted inode contents
[  363.442481][T17637] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #3: comm syz.0.3961: mark_inode_dirty error
[  363.454121][T17637] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3961: Failed to acquire dquot type 0
[  363.467659][T17637] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #16: comm syz.0.3961: corrupted inode contents
[  363.480754][T17637] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #16: comm syz.0.3961: mark_inode_dirty error
[  363.493644][T17637] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #16: comm syz.0.3961: corrupted inode contents
[  363.506907][T17637] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #16: comm syz.0.3961: mark_inode_dirty error
[  363.518467][T17637] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #16: comm syz.0.3961: corrupted inode contents
[  363.530878][T17637] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  363.541321][T17637] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #16: comm syz.0.3961: corrupted inode contents
[  363.553656][T17637] EXT4-fs error (device loop0): ext4_truncate:4240: inode #16: comm syz.0.3961: mark_inode_dirty error
[  363.564829][T17648] loop4: detected capacity change from 0 to 2048
[  363.570235][T17637] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  363.580528][T17637] EXT4-fs (loop0): 1 truncate cleaned up
[  363.593600][T17637] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.616952][T17648]  loop4: p1 < > p4
[  363.624688][T17648] loop4: p4 size 8388608 extends beyond EOD, truncated
[  363.628202][T17654] __nla_validate_parse: 10 callbacks suppressed
[  363.628222][T17654] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3966'.
[  363.647309][T17654] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3966'.
[  363.656305][T17654] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3966'.
[  363.668453][T17654] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3966'.
[  363.678949][ T3000]  loop4: p1 < > p4
[  363.684094][ T3000] loop4: p4 size 8388608 extends beyond EOD, truncated
[  363.773034][T17659] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3969'.
[  363.782159][T17659] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3969'.
[  363.791332][T17659] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3969'.
[  363.814514][T17659] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3969'.
[  363.845032][T17658] loop0: detected capacity change from 0 to 8192
[  364.044027][T17675] loop4: detected capacity change from 0 to 164
[  364.063320][T17675] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  364.074598][T17674] loop2: detected capacity change from 0 to 2048
[  364.077520][T17675] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  364.129278][T17674] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3977: bad orphan inode 8192
[  364.190097][T17686] loop2: detected capacity change from 0 to 512
[  364.221943][T17686] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.3979: corrupted inode contents
[  364.234989][T17686] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #3: comm syz.2.3979: mark_inode_dirty error
[  364.248208][T17686] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.3979: corrupted inode contents
[  364.286680][T17686] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.3979: mark_inode_dirty error
[  364.309475][T17686] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3979: Failed to acquire dquot type 0
[  364.321592][T17686] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3979: corrupted inode contents
[  364.343924][T17686] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #16: comm syz.2.3979: mark_inode_dirty error
[  364.356933][T17703] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3983'.
[  364.365974][T17703] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3983'.
[  364.366202][T17686] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3979: corrupted inode contents
[  364.393013][T17686] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.3979: mark_inode_dirty error
[  364.399688][T17706] netlink: 'syz.0.3982': attribute type 10 has an invalid length.
[  364.413082][T17686] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3979: corrupted inode contents
[  364.437073][T17686] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  364.453665][T17708] bridge20: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  364.466066][T17708] futex_atomic_op_inuser: 6 callbacks suppressed
[  364.466084][T17708] futex_wake_op: syz.5.3986 tries to shift op by -1; fix this program
[  364.483730][T17686] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.3979: corrupted inode contents
[  364.498272][T17686] EXT4-fs error (device loop2): ext4_truncate:4240: inode #16: comm syz.2.3979: mark_inode_dirty error
[  364.509851][T17686] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  364.521597][T17686] EXT4-fs (loop2): 1 truncate cleaned up
[  364.528100][T17686] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.610099][T17713] loop0: detected capacity change from 0 to 8192
[  364.823820][T17725] loop0: detected capacity change from 0 to 512
[  364.833754][T17725] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  364.848039][T17725] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #17: comm syz.0.3992: corrupted in-inode xattr: invalid ea_ino
[  364.862522][T17725] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3992: couldn't read orphan inode 17 (err -117)
[  365.085001][T17745] loop0: detected capacity change from 0 to 128
[  365.094058][T17745] FAT-fs (loop0): Directory bread(block 3236) failed
[  365.104271][T17745] FAT-fs (loop0): Directory bread(block 3237) failed
[  365.117857][T17745] FAT-fs (loop0): Directory bread(block 3238) failed
[  365.144418][T17745] FAT-fs (loop0): Directory bread(block 3239) failed
[  365.151887][T17745] FAT-fs (loop0): Directory bread(block 3240) failed
[  365.162433][T17745] FAT-fs (loop0): Directory bread(block 3241) failed
[  365.164234][T17749] bridge13: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  365.169280][T17745] FAT-fs (loop0): Directory bread(block 3242) failed
[  365.182688][T17749] futex_wake_op: syz.4.4000 tries to shift op by -1; fix this program
[  365.188406][T17745] FAT-fs (loop0): Directory bread(block 3243) failed
[  365.209959][T17745] FAT-fs (loop0): Directory bread(block 3236) failed
[  365.216785][T17745] FAT-fs (loop0): Directory bread(block 3237) failed
[  365.279823][T17752] loop3: detected capacity change from 0 to 8192
[  365.372182][T17755] loop0: detected capacity change from 0 to 8192
[  365.469884][T17761] netlink: 'syz.0.4004': attribute type 10 has an invalid length.
[  365.682551][   T29] kauditd_printk_skb: 518 callbacks suppressed
[  365.682569][   T29] audit: type=1326 audit(1742694818.337:29931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.712654][   T29] audit: type=1326 audit(1742694818.337:29932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.736421][   T29] audit: type=1326 audit(1742694818.337:29933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.758315][T17785] loop5: detected capacity change from 0 to 8192
[  365.760668][   T29] audit: type=1326 audit(1742694818.417:29934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.790182][   T29] audit: type=1326 audit(1742694818.417:29935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.841034][T17782] bridge12: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  365.878094][T17782] futex_wake_op: syz.2.4013 tries to shift op by -1; fix this program
[  365.895195][   T29] audit: type=1326 audit(1742694818.467:29936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.918971][   T29] audit: type=1326 audit(1742694818.467:29937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.942633][   T29] audit: type=1326 audit(1742694818.467:29938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  365.966293][   T29] audit: type=1326 audit(1742694818.467:29939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f497153bad0 code=0x7ffc0000
[  365.988410][T17788] loop0: detected capacity change from 0 to 8192
[  365.989917][   T29] audit: type=1326 audit(1742694818.467:29940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  366.514986][T17813] loop0: detected capacity change from 0 to 2048
[  366.559292][T17813] EXT4-fs error (device loop0): ext4_orphan_get:1415: comm syz.0.4023: bad orphan inode 8192
[  366.599816][T17817] loop4: detected capacity change from 0 to 8192
[  366.608402][T17821] loop2: detected capacity change from 0 to 2048
[  366.642116][T17821] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.4026: bad orphan inode 8192
[  366.684532][T17827] bridge13: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  366.696511][T17827] futex_wake_op: syz.3.4027 tries to shift op by -1; fix this program
[  366.731646][T17829] loop4: detected capacity change from 0 to 512
[  366.755564][T17829] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  366.770161][T17829] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #17: comm syz.4.4028: corrupted in-inode xattr: invalid ea_ino
[  366.784320][T17829] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.4028: couldn't read orphan inode 17 (err -117)
[  366.972116][T17849] loop5: detected capacity change from 0 to 8192
[  366.990840][T17842] loop2: detected capacity change from 0 to 8192
[  367.027459][T17861] loop0: detected capacity change from 0 to 164
[  367.038091][T17861] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  367.056300][T17861] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  367.270557][T17881] bridge14: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  367.283252][T17881] futex_wake_op: syz.4.4036 tries to shift op by -1; fix this program
[  367.370038][T17887] netlink: 'syz.5.4038': attribute type 10 has an invalid length.
[  367.477396][T17897] netlink: 'syz.2.4040': attribute type 10 has an invalid length.
[  367.587876][T17900] loop3: detected capacity change from 0 to 8192
[  367.648801][T17900] dummy0: entered promiscuous mode
[  367.658086][T17900] team0: entered promiscuous mode
[  367.663154][T17900] team_slave_0: entered promiscuous mode
[  367.669352][T17900] team_slave_1: entered promiscuous mode
[  367.680424][T17900] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  367.688269][T17900] Cannot create hsr debugfs directory
[  367.943704][T17917] netlink: 'syz.0.4049': attribute type 10 has an invalid length.
[  367.965551][T17922] loop2: detected capacity change from 0 to 512
[  367.977588][T17922] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.4050: corrupted inode contents
[  367.998824][T17922] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #3: comm syz.2.4050: mark_inode_dirty error
[  368.019677][T17922] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #3: comm syz.2.4050: corrupted inode contents
[  368.033509][T17922] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.4050: mark_inode_dirty error
[  368.047739][T17922] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4050: Failed to acquire dquot type 0
[  368.052564][T17929] bridge11: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  368.062090][T17922] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.4050: corrupted inode contents
[  368.082189][T17922] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #16: comm syz.2.4050: mark_inode_dirty error
[  368.094451][T17922] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.4050: corrupted inode contents
[  368.100009][T17929] futex_wake_op: syz.0.4052 tries to shift op by -1; fix this program
[  368.116216][T17922] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.4050: mark_inode_dirty error
[  368.128425][T17922] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.4050: corrupted inode contents
[  368.142388][T17922] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  368.155610][T17922] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #16: comm syz.2.4050: corrupted inode contents
[  368.168960][T17922] EXT4-fs error (device loop2): ext4_truncate:4240: inode #16: comm syz.2.4050: mark_inode_dirty error
[  368.180489][T17922] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  368.192508][T17922] EXT4-fs (loop2): 1 truncate cleaned up
[  368.202464][T17922] ext4 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  368.301476][T17936] loop3: detected capacity change from 0 to 2048
[  368.343921][T17936]  loop3: p1 < > p4
[  368.350408][T17946] loop4: detected capacity change from 0 to 2048
[  368.357415][T17936] loop3: p4 size 8388608 extends beyond EOD, truncated
[  368.372081][T17949] loop2: detected capacity change from 0 to 164
[  368.376028][T17946] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.4059: bad orphan inode 8192
[  368.390098][T17949] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  368.390890][ T3000]  loop3: p1 < > p4
[  368.402292][T17949] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  368.403638][ T3000] loop3: p4 size 8388608 extends beyond EOD, truncated
[  368.448531][T17953] netlink: 'syz.5.4061': attribute type 10 has an invalid length.
[  368.581656][T17971] netlink: 'syz.5.4062': attribute type 10 has an invalid length.
[  368.668139][T17978] bridge15: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  368.693403][T17978] futex_wake_op: syz.4.4064 tries to shift op by -1; fix this program
[  368.928657][T18013] netlink: 'syz.3.4072': attribute type 10 has an invalid length.
[  368.936645][T18013] __nla_validate_parse: 24 callbacks suppressed
[  368.936660][T18013] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4072'.
[  368.968722][T18012] loop0: detected capacity change from 0 to 2048
[  368.991661][T18012] EXT4-fs mount: 34 callbacks suppressed
[  368.991734][T18012] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.010143][T18012] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.393352][T18030] loop3: detected capacity change from 0 to 512
[  369.411684][ T3611] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:28: bg 0: block 345: padding at end of block bitmap is not set
[  369.461945][ T3611] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 982 with error 117
[  369.470313][T18030] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.4077: corrupted inode contents
[  369.474608][ T3611] EXT4-fs (loop0): This should not happen!! Data will be lost
[  369.474608][ T3611] 
[  369.519429][T18030] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #3: comm syz.3.4077: mark_inode_dirty error
[  369.553450][T18030] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #3: comm syz.3.4077: corrupted inode contents
[  369.584108][T18030] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #3: comm syz.3.4077: mark_inode_dirty error
[  369.619302][T18030] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4077: Failed to acquire dquot type 0
[  369.642719][T18030] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.4077: corrupted inode contents
[  369.662238][T18030] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #16: comm syz.3.4077: mark_inode_dirty error
[  369.682508][T18042] loop4: detected capacity change from 0 to 2048
[  369.691566][T18030] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.4077: corrupted inode contents
[  369.714287][T18030] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.4077: mark_inode_dirty error
[  369.751963][T18042] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.4082: bad orphan inode 8192
[  369.763049][T18030] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.4077: corrupted inode contents
[  369.774061][T18045] loop2: detected capacity change from 0 to 2048
[  369.791073][T18042] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.808034][T18030] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  369.835025][T18030] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #16: comm syz.3.4077: corrupted inode contents
[  369.856542][T18053] netlink: 'syz.5.4084': attribute type 10 has an invalid length.
[  369.864478][T18053] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4084'.
[  369.876437][T18045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.903946][T13643] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.913960][T18030] EXT4-fs error (device loop3): ext4_truncate:4240: inode #16: comm syz.3.4077: mark_inode_dirty error
[  369.923964][T18045] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.928109][T18030] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  369.948399][T18030] EXT4-fs (loop3): 1 truncate cleaned up
[  369.954420][T18030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.979874][T18030] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.011789][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.062770][T18059] bridge21: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  370.100373][T18059] futex_wake_op: syz.5.4087 tries to shift op by -1; fix this program
[  370.164357][T18057] loop4: detected capacity change from 0 to 8192
[  370.183884][T18065] netlink: 'syz.5.4089': attribute type 10 has an invalid length.
[  370.191884][T18065] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4089'.
[  370.207285][T18057] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4085'.
[  370.216325][T18057] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4085'.
[  370.372886][T18074] bridge16: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  370.410827][T18074] futex_wake_op: syz.4.4091 tries to shift op by -1; fix this program
[  370.564290][T18085] loop5: detected capacity change from 0 to 2048
[  370.591741][T18085] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.4095: bad orphan inode 8192
[  370.595308][T14646] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.730859][   T29] kauditd_printk_skb: 625 callbacks suppressed
[  370.730876][   T29] audit: type=1326 audit(1742694823.367:30562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18044 comm="syz.2.4083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  370.760865][   T29] audit: type=1326 audit(1742694823.367:30563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18044 comm="syz.2.4083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497153d169 code=0x7ffc0000
[  370.798784][T18085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.045942][   T29] audit: type=1326 audit(1742694823.527:30564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb6c692bad0 code=0x7ffc0000
[  371.069767][   T29] audit: type=1326 audit(1742694823.527:30565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fb6c692beb7 code=0x7ffc0000
[  371.093369][   T29] audit: type=1326 audit(1742694823.527:30566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb6c692bad0 code=0x7ffc0000
[  371.117003][   T29] audit: type=1326 audit(1742694823.537:30567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  371.140679][   T29] audit: type=1326 audit(1742694823.537:30568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  371.161818][ T3611] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:28: bg 0: block 345: padding at end of block bitmap is not set
[  371.164374][   T29] audit: type=1326 audit(1742694823.537:30569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  371.181567][ T3611] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[  371.202278][   T29] audit: type=1326 audit(1742694823.537:30570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  371.202323][   T29] audit: type=1326 audit(1742694823.537:30571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18082 comm="syz.5.4095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6c692d169 code=0x7ffc0000
[  371.215042][ T3611] EXT4-fs (loop2): This should not happen!! Data will be lost
[  371.215042][ T3611] 
[  371.338989][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.364094][T18099] netlink: 'syz.0.4096': attribute type 10 has an invalid length.
[  371.372023][T18099] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4096'.
[  371.453992][T18104] loop3: detected capacity change from 0 to 128
[  371.466840][T18104] FAT-fs (loop3): Directory bread(block 3236) failed
[  371.473666][T18104] FAT-fs (loop3): Directory bread(block 3237) failed
[  371.482413][T18104] FAT-fs (loop3): Directory bread(block 3238) failed
[  371.493180][T18104] FAT-fs (loop3): Directory bread(block 3239) failed
[  371.502415][T18104] FAT-fs (loop3): Directory bread(block 3240) failed
[  371.511137][T18104] FAT-fs (loop3): Directory bread(block 3241) failed
[  371.520183][T18107] netlink: 'syz.5.4097': attribute type 10 has an invalid length.
[  371.528073][T18107] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4097'.
[  371.540904][T18104] FAT-fs (loop3): Directory bread(block 3242) failed
[  371.556581][T18104] FAT-fs (loop3): Directory bread(block 3243) failed
[  371.577578][T18104] FAT-fs (loop3): Directory bread(block 3236) failed
[  371.592122][T18104] FAT-fs (loop3): Directory bread(block 3237) failed
[  371.660425][T18112] netlink: 'syz.5.4101': attribute type 10 has an invalid length.
[  371.668467][T18112] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4101'.
[  371.709190][T18115] loop3: detected capacity change from 0 to 1024
[  371.721818][T18115] EXT4-fs: Ignoring removed bh option
[  371.737244][T18115] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  371.748899][T18115] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  371.771406][  T344] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 2048 with error 117
[  371.773119][T18115] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0000]
[  371.784293][  T344] EXT4-fs (loop2): This should not happen!! Data will be lost
[  371.784293][  T344] 
[  371.808819][  T344] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3081 with max blocks 1024 with error 28
[  371.821691][  T344] EXT4-fs (loop2): This should not happen!! Data will be lost
[  371.821691][  T344] 
[  371.831415][  T344] EXT4-fs (loop2): Total free blocks count 0
[  371.837424][  T344] EXT4-fs (loop2): Free/Dirty block details
[  371.843329][  T344] EXT4-fs (loop2): free_blocks=0
[  371.849613][T18115] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 2: comm syz.3.4103: lblock 2 mapped to illegal pblock 2 (length 1)
[  371.863816][T18115] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 48: comm syz.3.4103: lblock 0 mapped to illegal pblock 48 (length 1)
[  371.878316][T18115] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.4103: Failed to acquire dquot type 0
[  371.889777][T18115] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  371.907753][T18115] EXT4-fs error (device loop3): ext4_evict_inode:256: inode #11: comm syz.3.4103: mark_inode_dirty error
[  371.924184][T18115] EXT4-fs warning (device loop3): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  371.934655][T18115] EXT4-fs (loop3): 1 orphan inode deleted
[  371.940726][T18115] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.955216][  T344] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  371.969630][T18122] loop5: detected capacity change from 0 to 512
[  371.972036][  T344] EXT4-fs error (device loop3): ext4_release_dquot:6950: comm kworker/u8:6: Failed to release dquot type 0
[  371.994820][T18122] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  372.000111][T18115] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  372.026418][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.036071][T14983] EXT4-fs error (device loop3): __ext4_get_inode_loc:4435: comm syz-executor: Invalid inode table block 1 in block_group 0
[  372.048992][T18122] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #17: comm syz.5.4106: corrupted in-inode xattr: invalid ea_ino
[  372.063577][T18122] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.4106: couldn't read orphan inode 17 (err -117)
[  372.063705][T14983] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  372.086321][T14983] EXT4-fs error (device loop3): ext4_quota_off:7194: inode #3: comm syz-executor: mark_inode_dirty error
[  372.100145][T18122] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.124061][T18129] bridge13: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  372.135827][T18122] bond_slave_1: entered promiscuous mode
[  372.152146][T18122] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4106'.
[  372.153505][T18129] futex_wake_op: syz.2.4109 tries to shift op by -1; fix this program
[  372.178467][T18122] bond0: (slave bond_slave_1): Releasing backup interface
[  372.187413][T18122] bond_slave_1 (unregistering): left promiscuous mode
[  372.203601][T18138] ==================================================================
[  372.211714][T18138] BUG: KCSAN: data-race in fsnotify_detach_mark / inotify_handle_inode_event
[  372.220506][T18138] 
[  372.222831][T18138] write to 0xffff888104563bd4 of 4 bytes by task 18131 on cpu 0:
[  372.230552][T18138]  fsnotify_detach_mark+0xba/0x160
[  372.235681][T18138]  fsnotify_clear_marks_by_group+0x30c/0x4d0
[  372.241677][T18138]  fsnotify_destroy_group+0x55/0x190
[  372.246974][T18138]  inotify_release+0x1f/0x30
[  372.251582][T18138]  __fput+0x2ac/0x640
[  372.255582][T18138]  ____fput+0x1c/0x30
[  372.259581][T18138]  task_work_run+0x13a/0x1a0
[  372.264202][T18138]  syscall_exit_to_user_mode+0xa8/0x120
[  372.269810][T18138]  do_syscall_64+0xd6/0x1c0
[  372.274359][T18138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.280271][T18138] 
[  372.282599][T18138] read to 0xffff888104563bd4 of 4 bytes by task 18138 on cpu 1:
[  372.290234][T18138]  inotify_handle_inode_event+0x313/0x3c0
[  372.295974][T18138]  fsnotify_handle_inode_event+0x1bd/0x220
[  372.301791][T18138]  fsnotify+0x105a/0x1260
[  372.306128][T18138]  __fsnotify_parent+0x2aa/0x340
[  372.311073][T18138]  vfs_open+0x1a0/0x1e0
[  372.315256][T18138]  path_openat+0x1ae0/0x1fc0
[  372.319859][T18138]  do_filp_open+0x107/0x230
[  372.324379][T18138]  do_sys_openat2+0xab/0x120
[  372.328983][T18138]  __x64_sys_openat+0xf3/0x120
[  372.333753][T18138]  x64_sys_call+0x2b30/0x2dc0
[  372.338448][T18138]  do_syscall_64+0xc9/0x1c0
[  372.342972][T18138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.348880][T18138] 
[  372.351204][T18138] value changed: 0x00000033 -> 0x00000030
[  372.356919][T18138] 
[  372.359251][T18138] Reported by Kernel Concurrency Sanitizer on:
[  372.365403][T18138] CPU: 1 UID: 0 PID: 18138 Comm: syz.0.4110 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  372.376173][T18138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  372.386233][T18138] ==================================================================
[  372.444181][T18141] loop3: detected capacity change from 0 to 2048
[  372.450788][T18138] loop0: detected capacity change from 0 to 2048
[  372.487266][T18141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.499834][T18141] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  372.504381][T18138]  loop0: p1 < > p4
[  372.516887][T18138] loop0: p4 size 8388608 extends beyond EOD, truncated
[  372.558697][T14358] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.677183][ T3611] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:28: bg 0: block 345: padding at end of block bitmap is not set
[  372.700382][ T3611] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 461 with error 117
[  372.713071][ T3611] EXT4-fs (loop3): This should not happen!! Data will be lost
[  372.713071][ T3611] 
[  373.104880][ T3663] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 477 with max blocks 2 with error 117
[  373.117445][ T3663] EXT4-fs (loop3): This should not happen!! Data will be lost
[  373.117445][ T3663] 
[  373.130369][T14983] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.