last executing test programs:

2.297855995s ago: executing program 2 (id=7762):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0xfffd, 0x0, 0x1, 0x40000008, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYRES16=r7], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
pipe2$9p(&(0x7f00000000c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d0dbad08006d11f12edbaa68313", @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',noextend,\x00'])
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2, 0x63}}}, 0x30)

2.297559366s ago: executing program 4 (id=7763):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)

1.430280158s ago: executing program 4 (id=7771):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

1.400111649s ago: executing program 2 (id=7772):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3, 0x0, 0x8}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

1.34065436s ago: executing program 2 (id=7775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
execve(&(0x7f0000000640)='./file0\x00', &(0x7f0000000ac0)={[&(0x7f0000000680)='net/kcm\x00', &(0x7f0000000880)='\x00', &(0x7f00000008c0)='/]!\x00', &(0x7f0000000900)='\x00', &(0x7f0000000940)='GPL\x00', &(0x7f0000000980)='\\\'%\x00', &(0x7f00000009c0)='-:@(]\x00', &(0x7f0000000a00)='\\\'!\x00', &(0x7f0000000a40)='kmem_cache_free\x00', &(0x7f0000000a80)='net/kcm\x00']}, &(0x7f0000001d40)={[&(0x7f0000000b40)=')}\x00', &(0x7f0000000b80)='net/kcm\x00', &(0x7f0000001c00)='!{$*\x00', &(0x7f0000001c40)='$$.:\x00', &(0x7f0000001c80)='^#^\'.[,:)\x00', &(0x7f0000001cc0)='net/kcm\x00']})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001e00)={'wg2\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f00)={0x6, 0x4, &(0x7f0000001d80)=ANY=[@ANYBLOB="00a500000000ee0000b8f08000100000009500"/29], &(0x7f0000001dc0)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e40)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001e80)=[{0x2, 0x4, 0xa, 0xc}, {0x4, 0x2, 0xd}, {0x4, 0x2, 0x1, 0xc5b94a25ecb8502c}, {0x4, 0x3, 0xe, 0x7}, {0x1, 0x4, 0xf, 0x6}], 0x10, 0x9}, 0x94)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000080)=@unlock_all, 0xb)
r3 = epoll_create1(0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
close(r1)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000300)=[{0x50, 0xff, 0x0, 0x6}, {0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r5, 0x40047440, &(0x7f0000000340)=0x3)
write$ppp(r5, &(0x7f0000000200)="4176adc3a0", 0x5)
r6 = socket(0x40000000015, 0x5, 0x0)
clock_gettime(0x3, &(0x7f0000002080)={<r7=>0x0, <r8=>0x0})
accept4$tipc(r6, 0x0, &(0x7f0000002200), 0x80800)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
r10 = accept$packet(r6, &(0x7f0000002240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002280)=0x14)
setsockopt$packet_int(r10, 0x107, 0xc, &(0x7f0000001400)=0x3d70, 0x4)
pselect6(0x40, &(0x7f0000001fc0)={0x2, 0x100000001, 0x1, 0x10, 0x5, 0x40, 0x2000000084, 0x1000000}, &(0x7f0000002000)={0xe, 0x0, 0x2, 0x74, 0xfffe, 0x5, 0x1ff, 0x7fffffffffffffff}, &(0x7f0000002040)={0x9, 0x4, 0x8000, 0xfff, 0x32, 0x4, 0x5, 0x1}, &(0x7f00000020c0)={r7, r8+60000000}, &(0x7f0000002140)={&(0x7f0000002180)={[0xdf]}, 0x8})
fsopen(&(0x7f00000022c0)='fusectl\x00', 0x1)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xa0028000})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11, 0x0, 0xfffffffffffffffd}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')

1.280951261s ago: executing program 4 (id=7776):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYRES64=r2], 0x20)

1.202255562s ago: executing program 2 (id=7778):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
add_key$fscrypt_provisioning(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000000c0)={0x1, 0x0, @b}, 0x48, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r2, 0xee00, 0x0)
keyctl$chown(0x4, r2, 0x0, 0x0)

1.143005153s ago: executing program 2 (id=7779):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b70300000000000085000000750000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

1.142591993s ago: executing program 4 (id=7780):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_devices(r3, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.142271462s ago: executing program 4 (id=7781):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)

812.823647ms ago: executing program 2 (id=7783):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0xfffd, 0x0, 0x1, 0x40000008, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYRES16=r7], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
pipe2$9p(&(0x7f00000000c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d0dbad08006d11f12edbaa68313", @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',noextend,\x00'])
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2, 0x63}}}, 0x30)

583.268351ms ago: executing program 3 (id=7786):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

515.464332ms ago: executing program 0 (id=7787):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3, 0x0, 0x8}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

464.357033ms ago: executing program 0 (id=7788):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

413.664734ms ago: executing program 0 (id=7789):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
execve(&(0x7f0000000640)='./file0\x00', &(0x7f0000000ac0)={[&(0x7f0000000680)='net/kcm\x00', &(0x7f0000000880)='\x00', &(0x7f00000008c0)='/]!\x00', &(0x7f0000000900)='\x00', &(0x7f0000000940)='GPL\x00', &(0x7f0000000980)='\\\'%\x00', &(0x7f00000009c0)='-:@(]\x00', &(0x7f0000000a00)='\\\'!\x00', &(0x7f0000000a40)='kmem_cache_free\x00', &(0x7f0000000a80)='net/kcm\x00']}, &(0x7f0000001d40)={[&(0x7f0000000b40)=')}\x00', &(0x7f0000000b80)='net/kcm\x00', &(0x7f0000001c00)='!{$*\x00', &(0x7f0000001c40)='$$.:\x00', &(0x7f0000001c80)='^#^\'.[,:)\x00', &(0x7f0000001cc0)='net/kcm\x00', 0x0]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001e00)={'wg2\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f00)={0x6, 0x4, &(0x7f0000001d80)=ANY=[@ANYBLOB="00a500000000ee0000b8f08000100000009500"/29], &(0x7f0000001dc0)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e40)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001e80)=[{0x2, 0x4, 0xa, 0xc}, {0x4, 0x2, 0xd}, {0x4, 0x2, 0x1, 0xc5b94a25ecb8502c}, {0x4, 0x3, 0xe, 0x7}, {0x1, 0x4, 0xf, 0x6}], 0x10, 0x9}, 0x94)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000080)=@unlock_all, 0xb)
r3 = epoll_create1(0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
close(r1)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000300)=[{0x50, 0xff, 0x0, 0x6}, {0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r5, 0x40047440, &(0x7f0000000340)=0x3)
write$ppp(r5, &(0x7f0000000200)="4176adc3a0", 0x5)
r6 = socket(0x40000000015, 0x5, 0x0)
clock_gettime(0x3, &(0x7f0000002080)={<r7=>0x0, <r8=>0x0})
accept4$tipc(r6, 0x0, &(0x7f0000002200), 0x80800)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
r10 = accept$packet(r6, &(0x7f0000002240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002280)=0x14)
setsockopt$packet_int(r10, 0x107, 0xc, &(0x7f0000001400)=0x3d70, 0x4)
pselect6(0x40, &(0x7f0000001fc0)={0x2, 0x100000001, 0x1, 0x10, 0x5, 0x40, 0x2000000084, 0x1000000}, &(0x7f0000002000)={0xe, 0x0, 0x2, 0x74, 0xfffe, 0x5, 0x1ff, 0x7fffffffffffffff}, &(0x7f0000002040)={0x9, 0x4, 0x8000, 0xfff, 0x32, 0x4, 0x5, 0x1}, &(0x7f00000020c0)={r7, r8+60000000}, &(0x7f0000002140)={&(0x7f0000002180)={[0xdf]}, 0x8})
fsopen(&(0x7f00000022c0)='fusectl\x00', 0x1)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xa0028000})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11, 0x0, 0xfffffffffffffffd}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')

413.366443ms ago: executing program 3 (id=7790):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r2, 0xee00, 0x0)
keyctl$chown(0x4, r2, 0x0, 0x0)

412.868714ms ago: executing program 1 (id=7791):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYRES64=r2], 0x20)

370.756114ms ago: executing program 3 (id=7792):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="180000", @ANYRES32, @ANYRES64=r0], 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
listen(r2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x21014, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000000906010200000000004e2200020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000003}, 0x80)

370.039344ms ago: executing program 3 (id=7793):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b7030000000000008500000075000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

328.584785ms ago: executing program 0 (id=7794):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10000, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@grpid}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@mblk_io_submit}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1d4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
creat(0x0, 0x9c)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x208, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8, 0x0, {0x200003ae, 0x7f00}}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x268)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
r2 = open(&(0x7f0000000180)='./file2\x00', 0x4000, 0x0)
preadv2(r2, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
open_tree(0xffffffffffffffff, &(0x7f00000009c0)='./file0/file0\x00', 0x1)
getdents64(r0, &(0x7f00000001c0)=""/48, 0x30)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
rename(&(0x7f0000000100)='.\x00', &(0x7f0000000140)='./file0\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r7}, &(0x7f0000000880), &(0x7f00000008c0)=r6}, 0x20)

328.207615ms ago: executing program 3 (id=7795):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_devices(r3, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

312.501665ms ago: executing program 3 (id=7796):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)

230.591686ms ago: executing program 1 (id=7797):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x33, 0x1, 0x0, 0x0, 0x0, 0xa, 0x510, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x8000000000000001, 0x8}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x8000000000000002}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0x1}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[], 0xfe, 0x677, &(0x7f0000000c00)="$eJzs3UtvG9fdx/HfUNT1AYwHbREYhmOd2A0goy5NUrECwV2UHQ6lSUkOMUMV0ipwYykwTDmt7QK1Nqk2vQDtG+gumyz6Igp0nXXfQJcFgnZXoBsWc+NFnBFp3ew234+Q8HDOf+b85+I5GpFzRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZdL5crlppue2fX5LPrvtc6pT5e2rzuxoW7U9uVrPA/LS3pejzp+neG1e+E/7utm/G7m1oKX5Z09H/v/P/DbxcL6fynJHQWet0Fvnh19PRRr7f//Gyt9a2zzHcpJjJRYYa5tpy2G3huq7blGDfwzObGRvn+diMwDbfpBHtB12kZ23cKXc83a/ZdU9ncXDdOac/baW/Va00nnfjh96vl8ob5aDHZ/fc/KgX2tttsuu2tKCasDmMWB0eIU2sZc/Ckt78+LckwqDJLUHVaULVcrVYq1Wpl48Hmgw/L5eLEhPIJmogYHrRvz87HVbqgMzdwfoWw//+bJTW1pLZ2tCuT+WOrLl+eWjn1ibT/f/++c2q7o/1/2stfH1bfUNT/34rf3crr/3NyMTLRDFk1Vs70s/280Csd6akeqaee9vX8Ypa7enEZXu7PllSUXAXy5KqlmrbkyCRTjDa1oQ2V9bG21VAgo4ZcNeUo0J4CdeWoFe0TX45q6sqTL6M12boro4o2tal1GTkqaU+edtTWluqq6V/9fv9AT6Ltvn5KjkqDKrMEFQfH4GRQXv//08/jOV6v/8f/nsGxM0MM8Mb1k+v/fHNZE1cvLyMAAAAAAHDRrOiv71b02f27kvpquE2n/KbTAgAAAAAAFyj65P9m+DIflt6VlXP937/63AAAAAAAwMWwonvsLEkr0Zf6reGdULN8CSDz5gAAAAAAAPB2iT7/v7Ug9aOh1VZlvdb1PwAAAAAA+C/w25Ex9ovpGLv99GP9gqSgs2j9+R+L8uet487ud63DWlhTO0xiJr4B0G3csIqKB+qNxutdkBS9s52bVjI+cDIIphUP7Ct9fTBtrH/LP5HAwlz654uMBK4djSSwUUze6fd6L455L2n38VFBUU3cykrDbTol22s+rKhWu1boOrvdXzx78kvJH6znwZPefumTz3qPo1yOw0nHh2Een4+lU5iWy8tovIXonousNV5WI23yd+3WihW1W07Xf061w8JoQ7Ot/691O465vRK/rhyle0DWr5JCpRTtsuHaR6NDWMMsKifXPGtH5GSxFGVxJ465s3Ynfknzi/fC0vfmpGppch/4o1lUR7OYvi2sf05siylZhMfCepjFX8IF5WSx/npZTOwRAHhTDoa9UDSI+eQY+yf73Yyz3HLymnuWm967/3C8lZd/7Mc3HM5JRfUXk+6ln9+vKDyjr8VhC/Eo7sUbGWf0ctKvLCnnjF4+R+8WtvWn4TOQkqfVJDXFQRb/7vf7DytRu3840at+Ec7wRW67QbM6F27C+y8PfxYNgB/6dP/T/WfV6vpG+YNy+UFV89FqJC/0PQCADNOfsTMesTTszwZ99weDq+rHf38/Lo31u98afKWgpE/0mXp6rHvpIwRWs9tdGfkawr3Jq9YwNvqtYzy2onu5V3VRXzoSWx3EziudZfz3hWHs+mXvBgAArtTtKf3wyf4/69r9XnrdvXYj87p7vC8/+YTgvNjKFW8JAAC+ORz/a2ul+xvL993Ox5XNzUqtu+0Y37N/bHy3vuUYt911fHu71t5yTMf3up7tNU3H16JbdwIT7HQ6nt81Dc83HS9wd6Mnv5vk0e+B06q1u64ddJpOLXCM7bW7Nbtr6m5gm87Oj5pusO340cxBx7HdhmvXuq7XNoG3LNspGRM4zkigW3faXbfhhsW26fhuq+bvmZ94zZ2WY+pOYPtup+vFC0zbctsNz29Fiy2pf9qDDgEA+MZ48ero6aNeb//5KYVjxYX0+2hJ1VcZwQtZC3zDqwgAAE6glwYAAAAAAAAAAAAAAAAAAAAA4O03y/1/pxbSmwLTKfPKCJYGU35+baYlWxpO+fKv58rwDIXCySnJSLv96bN/FReKWTHLYWFBUi/d/KMxx1MTm8uYK6+wOtOaKi4UL34bLktZR8KlFX5wMH4cTsSElZlVi4OtWjz/P4eswrMvc6qmH1GL49tw4bQVHC8UJT1fOMcuuNrzEICr958AAAD//7gMOck=")
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0xf)
sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020300000b0000000000000000000000030006000000000002000000e000000100000000000000000200010000001c000000fb18000000000300050000000000020000007f0000010000000000000000010018"], 0x58}, 0x1, 0x7}, 0x0)

230.143236ms ago: executing program 4 (id=7798):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x88, 0x67, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x38}}, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r2, 0x20, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x181)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r5, r4, 0x0, 0x7ffff000)

186.206367ms ago: executing program 0 (id=7799):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3, 0x0, 0x8}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

149.000967ms ago: executing program 1 (id=7800):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

125.911318ms ago: executing program 1 (id=7801):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000008000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000c44185000000040000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x1, @perf_bp={0x0, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x2, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x5, 0x84)
socket$kcm(0x2, 0x5, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x204080, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x2, 0x88)
socket$kcm(0x29, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32=r2, @ANYRES64=r2], 0x20)

125.195048ms ago: executing program 0 (id=7802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESDEC, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800004900000000678af8ff00000000bfa200000000000007020000f8ffffffb7030000080000ffff"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4004881)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
openat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)={0x60cc0, 0xb, 0x4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, r2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x3, &(0x7f0000000580)=@framed={{0x18, 0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
unshare(0x26020480)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000002c0000000800000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x5, 0x4, 0x7, 0x0, r4}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffff, r5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
sync()

12.921709ms ago: executing program 1 (id=7803):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r2, 0xee00, 0x0)
keyctl$chown(0x4, r2, 0x0, 0x0)

0s ago: executing program 1 (id=7804):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
execve(&(0x7f0000000640)='./file0\x00', &(0x7f0000000ac0)={[&(0x7f0000000680)='net/kcm\x00', &(0x7f0000000880)='\x00', &(0x7f00000008c0)='/]!\x00', &(0x7f0000000900)='\x00', &(0x7f0000000940)='GPL\x00', &(0x7f0000000980)='\\\'%\x00', &(0x7f00000009c0)='-:@(]\x00', &(0x7f0000000a00)='\\\'!\x00', &(0x7f0000000a40)='kmem_cache_free\x00', &(0x7f0000000a80)='net/kcm\x00']}, &(0x7f0000001d40)={[&(0x7f0000000b40)=')}\x00', &(0x7f0000000b80)='net/kcm\x00', &(0x7f0000001c00)='!{$*\x00', &(0x7f0000001c40)='$$.:\x00', &(0x7f0000001c80)='^#^\'.[,:)\x00', &(0x7f0000001cc0)='net/kcm\x00', 0x0]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001e00)={'wg2\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f00)={0x6, 0x4, &(0x7f0000001d80)=ANY=[@ANYBLOB="00a500000000ee0000b8f08000100000009500"/29], &(0x7f0000001dc0)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e40)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001e80)=[{0x2, 0x4, 0xa, 0xc}, {0x4, 0x2, 0xd}, {0x4, 0x2, 0x1, 0xc5b94a25ecb8502c}, {0x4, 0x3, 0xe, 0x7}, {0x1, 0x4, 0xf, 0x6}], 0x10, 0x9}, 0x94)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000080)=@unlock_all, 0xb)
r3 = epoll_create1(0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
close(r1)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000300)=[{0x50, 0xff, 0x0, 0x6}, {0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r5, 0x40047440, &(0x7f0000000340)=0x3)
write$ppp(r5, &(0x7f0000000200)="4176adc3a0", 0x5)
r6 = socket(0x40000000015, 0x5, 0x0)
clock_gettime(0x3, &(0x7f0000002080)={<r7=>0x0, <r8=>0x0})
accept4$tipc(r6, 0x0, &(0x7f0000002200), 0x80800)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
r10 = accept$packet(r6, &(0x7f0000002240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002280)=0x14)
setsockopt$packet_int(r10, 0x107, 0xc, &(0x7f0000001400)=0x3d70, 0x4)
pselect6(0x40, &(0x7f0000001fc0)={0x2, 0x100000001, 0x1, 0x10, 0x5, 0x40, 0x2000000084, 0x1000000}, &(0x7f0000002000)={0xe, 0x0, 0x2, 0x74, 0xfffe, 0x5, 0x1ff, 0x7fffffffffffffff}, &(0x7f0000002040)={0x9, 0x4, 0x8000, 0xfff, 0x32, 0x4, 0x5, 0x1}, &(0x7f00000020c0)={r7, r8+60000000}, &(0x7f0000002140)={&(0x7f0000002180)={[0xdf]}, 0x8})
fsopen(&(0x7f00000022c0)='fusectl\x00', 0x1)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xa0028000})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11, 0x0, 0xfffffffffffffffd}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')

kernel console output (not intermixed with test programs):

loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  358.755087][T21279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.822555][T21279] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.6829: Allocating blocks 497-513 which overlap fs metadata
[  358.886172][T21279] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.6829: Allocating blocks 497-513 which overlap fs metadata
[  358.949632][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.025514][T21295] 9pnet_fd: Insufficient options for proto=fd
[  359.126925][   T29] kauditd_printk_skb: 362 callbacks suppressed
[  359.126941][   T29] audit: type=1326 audit(1752074705.906:48880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.198245][   T29] audit: type=1326 audit(1752074705.936:48881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.221942][   T29] audit: type=1326 audit(1752074705.936:48882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.245621][   T29] audit: type=1326 audit(1752074705.936:48883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.269284][   T29] audit: type=1326 audit(1752074705.936:48884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.292969][   T29] audit: type=1326 audit(1752074705.956:48885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.316562][   T29] audit: type=1326 audit(1752074705.956:48886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.340244][   T29] audit: type=1326 audit(1752074705.956:48887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.363856][   T29] audit: type=1326 audit(1752074705.956:48888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.387484][   T29] audit: type=1326 audit(1752074705.956:48889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21300 comm="syz.0.6836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  359.461838][T21313] 9pnet_fd: Insufficient options for proto=fd
[  359.509706][T21320] loop4: detected capacity change from 0 to 1024
[  359.517717][T21320] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  359.530205][T21320] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  359.530485][T21314] 9pnet_fd: Insufficient options for proto=fd
[  359.538523][T21320] EXT4-fs (loop4): orphan cleanup on readonly fs
[  359.553807][T21320] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  359.567788][T21314] loop2: detected capacity change from 0 to 1024
[  359.574857][T21314] EXT4-fs: Ignoring removed nobh option
[  359.580571][T21314] EXT4-fs: Ignoring removed nobh option
[  359.581918][T21320] EXT4-fs (loop4): Remounting filesystem read-only
[  359.589813][T21314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.592896][T21320] EXT4-fs (loop4): 1 truncate cleaned up
[  359.611465][T21320] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  359.637483][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.666666][T21328] pim6reg1: entered promiscuous mode
[  359.672020][T21328] pim6reg1: entered allmulticast mode
[  360.366940][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.736609][T21364] loop7: detected capacity change from 0 to 16384
[  360.755703][T21363] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  360.791930][T21363] loop4: detected capacity change from 0 to 1024
[  360.813822][T21363] EXT4-fs: Ignoring removed orlov option
[  360.833240][T21364] I/O error, dev loop7, sector 4864 op 0x0:(READ) flags 0x80700 phys_seg 6 prio class 0
[  360.869016][T21364] I/O error, dev loop7, sector 5120 op 0x0:(READ) flags 0x80700 phys_seg 21 prio class 0
[  360.891771][T21363] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.910831][T21364] I/O error, dev loop7, sector 4864 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  360.915618][T21370] netlink: 'syz.2.6859': attribute type 8 has an invalid length.
[  360.920334][T21364] Buffer I/O error on dev loop7, logical block 608, async page read
[  361.014082][T21370] loop2: detected capacity change from 0 to 512
[  361.149801][T21370] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  361.166693][T21370] EXT4-fs (loop2): mount failed
[  361.260460][T21385] 9pnet_fd: Insufficient options for proto=fd
[  361.267377][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.795238][T21403] netlink: 'syz.3.6873': attribute type 10 has an invalid length.
[  361.805338][T21403] __nla_validate_parse: 3 callbacks suppressed
[  361.805365][T21403] netlink: 156 bytes leftover after parsing attributes in process `syz.3.6873'.
[  361.867817][T21411] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6873'.
[  362.123240][T21357] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  362.133095][T21357] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  362.141624][T21357] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  362.150056][T21357] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  362.158493][T21357] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  362.166874][T21357] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  362.175253][T21357] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  362.183634][T21357] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  362.191981][T21357] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  362.200382][T21357] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  362.281711][T21357] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  362.297023][T21357] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  362.329777][T21434] netlink: 'syz.0.6885': attribute type 8 has an invalid length.
[  362.341095][T21435] loop4: detected capacity change from 0 to 128
[  362.359045][T21357] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  362.396342][T21357] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x800 phys_seg 96 prio class 0
[  362.496985][   T12] bio_check_eod: 104 callbacks suppressed
[  362.497000][   T12] kworker/u8:0: attempt to access beyond end of device
[  362.497000][   T12] loop4: rw=1, sector=137, nr_sectors = 8 limit=128
[  362.528332][T21447] netlink: 'syz.1.6891': attribute type 10 has an invalid length.
[  362.530589][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530589][T21435] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[  362.530712][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530712][T21435] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[  362.530756][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530756][T21435] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[  362.530797][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530797][T21435] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[  362.530886][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530886][T21435] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[  362.530926][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530926][T21435] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[  362.530966][T21435] syz.4.6886: attempt to access beyond end of device
[  362.530966][T21435] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[  362.531016][T21435] syz.4.6886: attempt to access beyond end of device
[  362.531016][T21435] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  362.531057][T21435] syz.4.6886: attempt to access beyond end of device
[  362.531057][T21435] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[  362.666376][T21447] netlink: 156 bytes leftover after parsing attributes in process `syz.1.6891'.
[  362.749412][T21452] loop4: detected capacity change from 0 to 512
[  362.778107][T21452] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  362.795651][T21452] EXT4-fs (loop4): mount failed
[  362.896879][T21457] 9pnet_fd: Insufficient options for proto=fd
[  362.923721][T21462] netlink: 'syz.1.6896': attribute type 8 has an invalid length.
[  362.931850][T21460] loop2: detected capacity change from 0 to 1024
[  362.940799][T21460] EXT4-fs: Ignoring removed orlov option
[  362.948746][T21460] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.134222][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.283448][T21479] netlink: 'syz.2.6903': attribute type 10 has an invalid length.
[  363.294710][T21479] netlink: 156 bytes leftover after parsing attributes in process `syz.2.6903'.
[  363.357100][T21486] 9pnet_fd: Insufficient options for proto=fd
[  363.399957][T21490] random: crng reseeded on system resumption
[  363.419547][T21490] loop2: detected capacity change from 0 to 1024
[  363.426792][T21490] EXT4-fs: Ignoring removed oldalloc option
[  363.433270][T21490] EXT4-fs: Ignoring removed orlov option
[  363.441988][T21490] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  363.474932][T21490] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.524456][T21490] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.6908: Allocating blocks 497-513 which overlap fs metadata
[  363.544344][T21490] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.6908: Allocating blocks 497-513 which overlap fs metadata
[  363.575977][T21496] netlink: 'syz.3.6909': attribute type 8 has an invalid length.
[  363.607657][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.720089][T21508] loop7: detected capacity change from 0 to 16384
[  363.736581][T21507] random: crng reseeded on system resumption
[  363.776933][T21507] loop2: detected capacity change from 0 to 1024
[  363.801757][T21507] EXT4-fs: Ignoring removed oldalloc option
[  363.808003][T21507] EXT4-fs: Ignoring removed orlov option
[  363.817315][T21507] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  363.870057][T21507] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.892110][T21498] I/O error, dev loop7, sector 2560 op 0x0:(READ) flags 0x80700 phys_seg 9 prio class 0
[  363.960724][T21507] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  363.981903][T21498] I/O error, dev loop7, sector 2816 op 0x0:(READ) flags 0x80700 phys_seg 9 prio class 0
[  364.059476][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.090905][T21521] loop2: detected capacity change from 0 to 128
[  364.095868][T21519] netlink: 'syz.0.6918': attribute type 10 has an invalid length.
[  364.106538][T21519] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6918'.
[  364.137738][   T29] kauditd_printk_skb: 2136 callbacks suppressed
[  364.137757][   T29] audit: type=1326 audit(1752074710.916:51022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  364.214259][   T29] audit: type=1326 audit(1752074710.916:51023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  364.238088][   T29] audit: type=1326 audit(1752074710.916:51024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  364.261837][   T29] audit: type=1326 audit(1752074710.936:51025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  364.285502][   T29] audit: type=1326 audit(1752074710.936:51026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  364.309285][   T29] audit: type=1326 audit(1752074710.936:51027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  364.333391][   T29] audit: type=1326 audit(1752074710.956:51028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  364.357019][   T29] audit: type=1326 audit(1752074710.956:51029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  364.380619][   T29] audit: type=1326 audit(1752074710.956:51030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.3.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  364.404220][   T29] audit: type=1326 audit(1752074710.956:51031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21524 comm="syz.0.6922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  364.475886][T21523] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6920'.
[  364.480470][T21534] netlink: 'syz.0.6923': attribute type 10 has an invalid length.
[  364.501147][T21534] veth0_macvtap: entered promiscuous mode
[  364.520492][T21534] team0: Device macvtap0 failed to register rx_handler
[  364.527871][T21534] veth0_macvtap: left promiscuous mode
[  364.553296][T21538] FAULT_INJECTION: forcing a failure.
[  364.553296][T21538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.566486][T21538] CPU: 0 UID: 0 PID: 21538 Comm: syz.3.6924 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  364.566521][T21538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  364.566537][T21538] Call Trace:
[  364.566545][T21538]  <TASK>
[  364.566559][T21538]  __dump_stack+0x1d/0x30
[  364.566584][T21538]  dump_stack_lvl+0xe8/0x140
[  364.566627][T21538]  dump_stack+0x15/0x1b
[  364.566648][T21538]  should_fail_ex+0x265/0x280
[  364.566686][T21538]  should_fail+0xb/0x20
[  364.566720][T21538]  should_fail_usercopy+0x1a/0x20
[  364.566822][T21538]  _copy_to_user+0x20/0xa0
[  364.566925][T21538]  simple_read_from_buffer+0xb5/0x130
[  364.566967][T21538]  proc_fail_nth_read+0x100/0x140
[  364.567081][T21538]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  364.567117][T21538]  vfs_read+0x1a0/0x6f0
[  364.567149][T21538]  ? __rcu_read_unlock+0x4f/0x70
[  364.567230][T21538]  ? __rcu_read_unlock+0x4f/0x70
[  364.567311][T21538]  ? __fget_files+0x184/0x1c0
[  364.567333][T21538]  ksys_read+0xda/0x1a0
[  364.567443][T21538]  __x64_sys_read+0x40/0x50
[  364.567515][T21538]  x64_sys_call+0x2d77/0x2fb0
[  364.567536][T21538]  do_syscall_64+0xd2/0x200
[  364.567600][T21538]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  364.567630][T21538]  ? clear_bhb_loop+0x40/0x90
[  364.567671][T21538]  ? clear_bhb_loop+0x40/0x90
[  364.567698][T21538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.567723][T21538] RIP: 0033:0x7f779c90d33c
[  364.567741][T21538] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  364.567793][T21538] RSP: 002b:00007f779af77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  364.567817][T21538] RAX: ffffffffffffffda RBX: 00007f779cb35fa0 RCX: 00007f779c90d33c
[  364.567833][T21538] RDX: 000000000000000f RSI: 00007f779af770a0 RDI: 0000000000000007
[  364.567910][T21538] RBP: 00007f779af77090 R08: 0000000000000000 R09: 0000000000000000
[  364.567926][T21538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.567942][T21538] R13: 0000000000000000 R14: 00007f779cb35fa0 R15: 00007ffd76826868
[  364.568034][T21538]  </TASK>
[  364.587988][T21537] loop4: detected capacity change from 0 to 512
[  364.810148][T21544] random: crng reseeded on system resumption
[  364.852257][T21546] random: crng reseeded on system resumption
[  364.886837][T21546] loop2: detected capacity change from 0 to 1024
[  364.962919][T21546] EXT4-fs: Ignoring removed oldalloc option
[  364.976615][T21546] EXT4-fs: Ignoring removed orlov option
[  364.992224][T21546] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  365.035859][T21546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.085583][T21537] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  365.124908][T21563] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.6929: Allocating blocks 497-513 which overlap fs metadata
[  365.158365][T21537] EXT4-fs (loop4): mount failed
[  365.256664][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.267165][T21571] netlink: 'syz.0.6937': attribute type 10 has an invalid length.
[  365.277634][T21571] veth0_macvtap: entered promiscuous mode
[  365.285711][T21571] team0: Device macvtap0 failed to register rx_handler
[  365.301126][T21571] veth0_macvtap: left promiscuous mode
[  365.316702][T21575] loop2: detected capacity change from 0 to 512
[  365.327053][T21572] 9pnet_fd: Insufficient options for proto=fd
[  365.342651][T21575] EXT4-fs: Ignoring removed mblk_io_submit option
[  365.350500][T21575] EXT4-fs: Ignoring removed mblk_io_submit option
[  365.359183][T21575] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  365.369922][T21575] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  365.380265][T21575] System zones: 1-12
[  365.384974][T21575] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.6938: corrupted in-inode xattr: e_value size too large
[  365.403278][T21575] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.6938: couldn't read orphan inode 15 (err -117)
[  365.431489][T21575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  365.488310][T21582] netlink: 14 bytes leftover after parsing attributes in process `syz.3.6940'.
[  365.525704][T21582] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6940'.
[  365.535167][T21584] loop4: detected capacity change from 0 to 128
[  365.701280][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.716145][T21590] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  365.778148][T21592] 9pnet_fd: Insufficient options for proto=fd
[  365.821790][T21595] loop4: detected capacity change from 0 to 1024
[  365.840786][T21595] EXT4-fs: Ignoring removed oldalloc option
[  365.858353][T21595] EXT4-fs: Ignoring removed orlov option
[  365.876470][T21595] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  365.908247][T21595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.949515][T21595] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  365.982034][T21607] netlink: 'syz.1.6949': attribute type 10 has an invalid length.
[  365.990594][T21607] netlink: 156 bytes leftover after parsing attributes in process `syz.1.6949'.
[  365.997781][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.004457][T21607] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6949'.
[  366.058360][T21609] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  366.077083][T21609] loop4: detected capacity change from 0 to 1024
[  366.085245][T21613] loop2: detected capacity change from 0 to 512
[  366.098315][T21609] EXT4-fs: Ignoring removed orlov option
[  366.112665][T21609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.127998][T21613] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  366.171748][T21613] EXT4-fs (loop2): mount failed
[  366.337269][T21620] 9pnet_fd: Insufficient options for proto=fd
[  366.419108][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.874093][T21647] netlink: 'syz.3.6963': attribute type 10 has an invalid length.
[  366.882323][T21647] netlink: 156 bytes leftover after parsing attributes in process `syz.3.6963'.
[  366.898427][T21647] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6963'.
[  367.242690][T21666] random: crng reseeded on system resumption
[  367.258491][T21661] netlink: 14 bytes leftover after parsing attributes in process `syz.3.6969'.
[  367.302007][T21661] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6969'.
[  367.350601][T21670] loop4: detected capacity change from 0 to 1024
[  367.372342][T21670] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  367.385900][T21670] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  367.403857][T21670] EXT4-fs (loop4): orphan cleanup on readonly fs
[  367.416609][T21670] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  367.432384][T21670] EXT4-fs (loop4): Remounting filesystem read-only
[  367.444829][T21670] EXT4-fs (loop4): 1 truncate cleaned up
[  367.451554][T21670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  367.518274][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.654379][T21678] 9pnet_fd: Insufficient options for proto=fd
[  367.681964][T21681] 9pnet_fd: Insufficient options for proto=fd
[  367.693260][T21683] netlink: 'syz.4.6977': attribute type 10 has an invalid length.
[  367.701816][T21683] netlink: 156 bytes leftover after parsing attributes in process `syz.4.6977'.
[  367.711508][T21685] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  367.734256][T21683] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6977'.
[  367.775044][T21687] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6979'.
[  368.262633][T21696] random: crng reseeded on system resumption
[  368.565627][T21708] netlink: 'syz.1.6989': attribute type 10 has an invalid length.
[  368.574245][T21708] netlink: 156 bytes leftover after parsing attributes in process `syz.1.6989'.
[  368.591213][T21708] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6989'.
[  368.627428][T21718] random: crng reseeded on system resumption
[  368.645556][T21718] loop4: detected capacity change from 0 to 1024
[  368.652542][T21718] EXT4-fs: Ignoring removed oldalloc option
[  368.659939][T21718] EXT4-fs: Ignoring removed orlov option
[  368.666836][T21718] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  368.694628][T21718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.720668][T21727] loop2: detected capacity change from 0 to 128
[  368.732906][T21725] random: crng reseeded on system resumption
[  368.782503][T21718] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.6993: Allocating blocks 497-513 which overlap fs metadata
[  368.797795][T21730] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.6993: Allocating blocks 497-513 which overlap fs metadata
[  368.889032][T19848] bio_check_eod: 332 callbacks suppressed
[  368.889050][T19848] kworker/u8:19: attempt to access beyond end of device
[  368.889050][T19848] loop2: rw=1, sector=137, nr_sectors = 8 limit=128
[  368.944254][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.953897][T19848] kworker/u8:19: attempt to access beyond end of device
[  368.953897][T19848] loop2: rw=1, sector=153, nr_sectors = 8 limit=128
[  368.970030][T19848] kworker/u8:19: attempt to access beyond end of device
[  368.970030][T19848] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[  368.984292][T19848] kworker/u8:19: attempt to access beyond end of device
[  368.984292][T19848] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[  369.005862][T21743] 9pnet_fd: Insufficient options for proto=fd
[  369.012470][T19848] kworker/u8:19: attempt to access beyond end of device
[  369.012470][T19848] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[  369.026842][T19848] kworker/u8:19: attempt to access beyond end of device
[  369.026842][T19848] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[  369.053889][T19848] kworker/u8:19: attempt to access beyond end of device
[  369.053889][T19848] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[  369.072297][T21746] random: crng reseeded on system resumption
[  369.093336][T21746] loop4: detected capacity change from 0 to 1024
[  369.100398][T21746] EXT4-fs: Ignoring removed oldalloc option
[  369.108362][T19848] kworker/u8:19: attempt to access beyond end of device
[  369.108362][T19848] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[  369.124454][T21746] EXT4-fs: Ignoring removed orlov option
[  369.131167][T21746] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  369.141619][T19848] kworker/u8:19: attempt to access beyond end of device
[  369.141619][T19848] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[  369.157106][   T29] kauditd_printk_skb: 952 callbacks suppressed
[  369.157120][   T29] audit: type=1326 audit(1752074715.936:51980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  369.186945][   T29] audit: type=1326 audit(1752074715.936:51981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  369.210465][   T29] audit: type=1326 audit(1752074715.936:51982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  369.234160][T19848] kworker/u8:19: attempt to access beyond end of device
[  369.234160][T19848] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[  369.248120][   T29] audit: type=1326 audit(1752074716.006:51983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  369.251917][T21746] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.271642][   T29] audit: type=1326 audit(1752074716.006:51984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  369.307741][   T29] audit: type=1326 audit(1752074716.006:51985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  369.331345][   T29] audit: type=1326 audit(1752074716.016:51986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  369.354908][   T29] audit: type=1326 audit(1752074716.016:51987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  369.378545][   T29] audit: type=1326 audit(1752074716.016:51988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  369.402178][   T29] audit: type=1326 audit(1752074716.026:51989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21736 comm="syz.3.7000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  369.505363][T21746] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.7002: Allocating blocks 497-513 which overlap fs metadata
[  369.537941][T21752] netlink: 'syz.2.7004': attribute type 10 has an invalid length.
[  369.559623][T21746] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.7002: Allocating blocks 497-513 which overlap fs metadata
[  369.575394][T21752] veth0_macvtap: left promiscuous mode
[  369.603038][T21752] veth0_macvtap: entered promiscuous mode
[  369.623821][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.640278][T21752] team0: Device macvtap0 failed to register rx_handler
[  369.648777][T21752] veth0_macvtap: left promiscuous mode
[  369.669564][T21755] netlink: 'syz.4.7005': attribute type 10 has an invalid length.
[  369.678183][T21755] netlink: 156 bytes leftover after parsing attributes in process `syz.4.7005'.
[  369.904941][T21773] loop2: detected capacity change from 0 to 1024
[  369.914465][T21773] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  369.928456][T21773] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  369.937996][T21773] EXT4-fs (loop2): orphan cleanup on readonly fs
[  369.946491][T21773] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  369.956107][T21773] EXT4-fs (loop2): Remounting filesystem read-only
[  369.962858][T21773] EXT4-fs (loop2): 1 truncate cleaned up
[  369.969372][T21773] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  370.026910][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.345769][T21788] netlink: 'syz.4.7017': attribute type 10 has an invalid length.
[  370.488455][T21790] netlink: 'syz.4.7018': attribute type 10 has an invalid length.
[  370.748457][T21802] random: crng reseeded on system resumption
[  370.961362][T21811] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  371.031252][T21813] 9pnet_fd: Insufficient options for proto=fd
[  371.081384][T21815] loop4: detected capacity change from 0 to 512
[  371.105400][T21815] EXT4-fs: Ignoring removed mblk_io_submit option
[  371.112019][T21815] EXT4-fs: Ignoring removed mblk_io_submit option
[  371.143196][T21815] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  371.164860][T21815] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  371.172999][T21815] System zones: 1-12
[  371.179467][T21815] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7029: corrupted in-inode xattr: e_value size too large
[  371.197928][T21815] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7029: couldn't read orphan inode 15 (err -117)
[  371.210765][T21815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.278350][T21826] netlink: 'syz.0.7030': attribute type 10 has an invalid length.
[  371.463825][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.508015][T21842] random: crng reseeded on system resumption
[  371.808913][T21859] loop2: detected capacity change from 0 to 512
[  371.845204][T21859] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  371.860393][T21859] EXT4-fs (loop2): mount failed
[  371.999264][T21867] 9pnet_fd: Insufficient options for proto=fd
[  372.368478][T21899] netlink: 'syz.0.7062': attribute type 10 has an invalid length.
[  372.377172][T21899] __nla_validate_parse: 6 callbacks suppressed
[  372.377220][T21899] netlink: 156 bytes leftover after parsing attributes in process `syz.0.7062'.
[  372.400272][T21899] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7062'.
[  372.446084][T21903] 9pnet_fd: Insufficient options for proto=fd
[  372.612002][T21914] loop4: detected capacity change from 0 to 512
[  372.624387][T21914] EXT4-fs: Ignoring removed mblk_io_submit option
[  372.642776][T21914] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7068: corrupted in-inode xattr: overlapping e_value 
[  372.664278][T21914] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7068: couldn't read orphan inode 15 (err -117)
[  372.709255][T21914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.738439][T21922] random: crng reseeded on system resumption
[  372.784061][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.828628][T21933] netlink: 'syz.3.7074': attribute type 10 has an invalid length.
[  372.838269][T21933] netlink: 156 bytes leftover after parsing attributes in process `syz.3.7074'.
[  372.849912][T21933] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7074'.
[  372.887506][T21935] 9pnet_fd: Insufficient options for proto=fd
[  372.917877][T21937] loop2: detected capacity change from 0 to 1024
[  372.930138][T21937] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  372.941529][T21937] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  372.951350][T21937] EXT4-fs (loop2): orphan cleanup on readonly fs
[  372.958201][T21937] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  372.967896][T21937] EXT4-fs (loop2): Remounting filesystem read-only
[  372.974573][T21937] EXT4-fs (loop2): 1 truncate cleaned up
[  372.985867][T21937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  373.013959][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.093293][T21949] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7079'.
[  373.106610][T21949] loop2: detected capacity change from 0 to 512
[  373.116672][T21951] netlink: 'syz.0.7081': attribute type 10 has an invalid length.
[  373.124720][T21951] veth0_macvtap: entered promiscuous mode
[  373.131405][T21951] team0: Device macvtap0 failed to register rx_handler
[  373.133723][T21949] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  373.153341][T21949] EXT4-fs (loop2): mount failed
[  373.155160][T21951] veth0_macvtap: left promiscuous mode
[  373.207654][T21959] netlink: 'syz.0.7084': attribute type 8 has an invalid length.
[  373.235930][T21947] 9pnet_fd: Insufficient options for proto=fd
[  373.248025][T21962] netlink: 'syz.3.7085': attribute type 10 has an invalid length.
[  373.256898][T21962] netlink: 156 bytes leftover after parsing attributes in process `syz.3.7085'.
[  373.267751][T21962] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7085'.
[  373.313746][T21967] 9pnet_fd: Insufficient options for proto=fd
[  373.390750][T21977] random: crng reseeded on system resumption
[  373.630912][T21984] netlink: 'syz.1.7095': attribute type 10 has an invalid length.
[  373.639646][T21984] veth0_macvtap: entered promiscuous mode
[  373.646821][T21984] team0: Device macvtap0 failed to register rx_handler
[  373.654111][T21984] veth0_macvtap: left promiscuous mode
[  373.695227][T21989] random: crng reseeded on system resumption
[  373.775144][T21990] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7097'.
[  373.784263][T21990] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7097'.
[  373.909800][T21992] netlink: 'syz.4.7098': attribute type 10 has an invalid length.
[  373.919061][T21992] netlink: 156 bytes leftover after parsing attributes in process `syz.4.7098'.
[  373.924474][T21994] loop2: detected capacity change from 0 to 512
[  373.937066][T21994] EXT4-fs: Ignoring removed mblk_io_submit option
[  373.944291][T21994] EXT4-fs: Ignoring removed mblk_io_submit option
[  373.952063][T21994] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  373.963899][T21994] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  373.972938][T21994] System zones: 1-12
[  373.981085][T21994] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7099: corrupted in-inode xattr: e_value size too large
[  374.003125][T21998] loop4: detected capacity change from 0 to 1024
[  374.010293][T21998] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  374.021003][T21994] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7099: couldn't read orphan inode 15 (err -117)
[  374.039441][T21998] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  374.049676][T21994] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.064727][T22001] 9pnet_fd: Insufficient options for proto=fd
[  374.072875][T21998] EXT4-fs (loop4): orphan cleanup on readonly fs
[  374.079743][T21998] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  374.090617][T21998] EXT4-fs (loop4): Remounting filesystem read-only
[  374.097709][T21998] EXT4-fs (loop4): 1 truncate cleaned up
[  374.108495][T21998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  374.145242][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.161493][T22009] random: crng reseeded on system resumption
[  374.206507][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.607142][   T29] kauditd_printk_skb: 913 callbacks suppressed
[  374.607156][   T29] audit: type=1326 audit(1752074721.386:52895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.640441][T22035] netlink: 'syz.0.7114': attribute type 8 has an invalid length.
[  374.702550][   T29] audit: type=1326 audit(1752074721.426:52896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.726399][   T29] audit: type=1326 audit(1752074721.426:52897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.750052][   T29] audit: type=1326 audit(1752074721.426:52898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.773731][   T29] audit: type=1326 audit(1752074721.426:52899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.797393][   T29] audit: type=1326 audit(1752074721.426:52900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.821009][   T29] audit: type=1326 audit(1752074721.426:52901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.844928][   T29] audit: type=1326 audit(1752074721.426:52902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.868603][   T29] audit: type=1326 audit(1752074721.426:52903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  374.892232][   T29] audit: type=1326 audit(1752074721.426:52904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22032 comm="syz.0.7114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  375.096635][T22048] loop2: detected capacity change from 0 to 1024
[  375.115708][T22048] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.131250][T22055] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  375.151974][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.776501][T22085] netlink: 'syz.1.7135': attribute type 8 has an invalid length.
[  376.144858][T22097] 9pnet_fd: Insufficient options for proto=fd
[  376.605291][T22102] SELinux: ebitmap: truncated map
[  376.611759][T22102] SELinux: failed to load policy
[  376.690195][T22106] netlink: 'syz.2.7143': attribute type 10 has an invalid length.
[  376.884441][T22128] random: crng reseeded on system resumption
[  376.908963][T22128] loop4: detected capacity change from 0 to 1024
[  376.917527][T22128] EXT4-fs: Ignoring removed oldalloc option
[  376.923783][T22128] EXT4-fs: Ignoring removed orlov option
[  376.930311][T22128] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  376.957262][T22128] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.982766][T22136] netlink: 'syz.2.7155': attribute type 8 has an invalid length.
[  377.006857][T22135] SELinux: ebitmap: truncated map
[  377.012519][T22136] loop2: detected capacity change from 0 to 512
[  377.013932][T22135] SELinux: failed to load policy
[  377.033512][T22128] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.7153: Allocating blocks 497-513 which overlap fs metadata
[  377.049981][T22136] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  377.066980][T22136] EXT4-fs (loop2): mount failed
[  377.102577][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.140749][T22146] random: crng reseeded on system resumption
[  377.161044][T22146] loop4: detected capacity change from 0 to 1024
[  377.167844][T22146] EXT4-fs: Ignoring removed oldalloc option
[  377.174730][T22146] EXT4-fs: Ignoring removed orlov option
[  377.181282][T22146] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  377.194510][T22146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.215311][T22146] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  377.246779][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.282081][T22156] random: crng reseeded on system resumption
[  377.554433][T22161] __nla_validate_parse: 6 callbacks suppressed
[  377.554452][T22161] netlink: 14 bytes leftover after parsing attributes in process `syz.4.7165'.
[  377.566751][T22164] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7166'.
[  377.579018][T22161] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7165'.
[  377.647241][T22165] 9pnet_fd: Insufficient options for proto=fd
[  377.819162][T22177] 9pnet_fd: Insufficient options for proto=fd
[  377.850943][T22180] netlink: 'syz.3.7173': attribute type 10 has an invalid length.
[  377.889883][T22184] loop2: detected capacity change from 0 to 1024
[  377.899840][T22186] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  377.921443][T22184] EXT4-fs: Ignoring removed oldalloc option
[  377.943644][T22184] EXT4-fs: Ignoring removed orlov option
[  377.953687][T22184] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  377.975299][T22184] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.018776][T22184] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  378.100553][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.157149][T22192] loop2: detected capacity change from 0 to 1024
[  378.164435][T22192] EXT4-fs: Ignoring removed oldalloc option
[  378.170499][T22192] EXT4-fs: Ignoring removed orlov option
[  378.178822][T22192] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  378.206867][T22192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.224367][T22192] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  378.254807][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.283917][T22198] loop2: detected capacity change from 0 to 512
[  378.290693][T22198] EXT4-fs: Ignoring removed mblk_io_submit option
[  378.299129][T22198] EXT4-fs: Ignoring removed mblk_io_submit option
[  378.306403][T22198] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  378.320045][T22198] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  378.339975][T22198] System zones: 1-12
[  378.344458][T22198] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7178: corrupted in-inode xattr: e_value size too large
[  378.360373][T22198] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7178: couldn't read orphan inode 15 (err -117)
[  378.374971][T22198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.394119][T22201] netlink: 'syz.4.7179': attribute type 10 has an invalid length.
[  378.403715][T22201] netlink: 156 bytes leftover after parsing attributes in process `syz.4.7179'.
[  378.420577][T22201] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7179'.
[  378.476518][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.548502][T22215] netlink: 'syz.4.7185': attribute type 10 has an invalid length.
[  378.620235][T22220] random: crng reseeded on system resumption
[  378.637686][T22220] loop4: detected capacity change from 0 to 1024
[  378.644913][T22220] EXT4-fs: Ignoring removed oldalloc option
[  378.651362][T22220] EXT4-fs: Ignoring removed orlov option
[  378.659451][T22220] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  378.675872][T22220] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.722687][T22220] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.7187: Allocating blocks 497-513 which overlap fs metadata
[  378.743160][T22220] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.7187: Allocating blocks 497-513 which overlap fs metadata
[  378.799911][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.900954][T22227] loop4: detected capacity change from 0 to 512
[  378.909163][T22227] EXT4-fs (loop4): orphan cleanup on readonly fs
[  378.916450][T22227] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  378.931075][T22227] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  378.943383][T22227] EXT4-fs (loop4): 1 truncate cleaned up
[  378.949717][T22227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  378.992300][T22227] +}[@ (22227) used greatest stack depth: 9384 bytes left
[  379.000069][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.026322][T22232] loop4: detected capacity change from 0 to 1024
[  379.033959][T22232] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  379.046759][T22232] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  379.054944][T22232] EXT4-fs (loop4): orphan cleanup on readonly fs
[  379.061751][T22232] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  379.073058][T22232] EXT4-fs (loop4): Remounting filesystem read-only
[  379.079619][T22232] EXT4-fs (loop4): 1 truncate cleaned up
[  379.086558][T22232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  379.114723][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.184752][T22240] netlink: 'syz.1.7194': attribute type 10 has an invalid length.
[  379.192672][T22240] netlink: 156 bytes leftover after parsing attributes in process `syz.1.7194'.
[  379.202077][T22240] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7194'.
[  379.245167][T22244] loop4: detected capacity change from 0 to 512
[  379.251857][T22244] EXT4-fs: Ignoring removed mblk_io_submit option
[  379.258526][T22244] EXT4-fs: Ignoring removed mblk_io_submit option
[  379.265364][T22244] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  379.275204][T22244] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  379.283343][T22244] System zones: 1-12
[  379.287551][T22244] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7195: corrupted in-inode xattr: e_value size too large
[  379.297452][T22249] netlink: 'syz.1.7198': attribute type 10 has an invalid length.
[  379.302354][T22244] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7195: couldn't read orphan inode 15 (err -117)
[  379.311515][T22249] veth0_macvtap: entered promiscuous mode
[  379.322669][T22244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.348213][T22249] team0: Device macvtap0 failed to register rx_handler
[  379.361527][T22252] random: crng reseeded on system resumption
[  379.370367][T22249] veth0_macvtap: left promiscuous mode
[  379.376843][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.386158][T22252] loop2: detected capacity change from 0 to 1024
[  379.393142][T22252] EXT4-fs: Ignoring removed oldalloc option
[  379.399290][T22252] EXT4-fs: Ignoring removed orlov option
[  379.411490][T22252] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  379.440370][T22259] 9pnet_fd: Insufficient options for proto=fd
[  379.441143][T22252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.520692][T22252] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.7199: Allocating blocks 497-513 which overlap fs metadata
[  379.537764][T22269] random: crng reseeded on system resumption
[  379.553989][T22269] loop4: detected capacity change from 0 to 1024
[  379.561225][T22269] EXT4-fs: Ignoring removed oldalloc option
[  379.567492][T22269] EXT4-fs: Ignoring removed orlov option
[  379.573680][T22269] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  379.585928][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.594679][T22269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.618102][T22269] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  379.667152][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.706480][   T29] kauditd_printk_skb: 1445 callbacks suppressed
[  379.706563][   T29] audit: type=1326 audit(1752074726.486:54345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.737869][   T29] audit: type=1326 audit(1752074726.486:54346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.761578][   T29] audit: type=1326 audit(1752074726.486:54347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.785229][   T29] audit: type=1326 audit(1752074726.486:54348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.809112][   T29] audit: type=1326 audit(1752074726.486:54349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.816812][T22286] netlink: 'syz.4.7209': attribute type 10 has an invalid length.
[  379.832780][   T29] audit: type=1326 audit(1752074726.486:54350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.832826][   T29] audit: type=1326 audit(1752074726.486:54351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.840628][T22286] netlink: 156 bytes leftover after parsing attributes in process `syz.4.7209'.
[  379.897241][   T29] audit: type=1326 audit(1752074726.486:54352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.912842][T22290] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7209'.
[  379.920964][   T29] audit: type=1326 audit(1752074726.526:54353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  379.921031][   T29] audit: type=1326 audit(1752074726.526:54354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22280 comm="syz.1.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a55e4e929 code=0x7ffc0000
[  380.026710][T22293] netlink: 'syz.2.7213': attribute type 10 has an invalid length.
[  380.035327][T22293] veth0_macvtap: entered promiscuous mode
[  380.046031][T22293] team0: Device macvtap0 failed to register rx_handler
[  380.053936][T22293] veth0_macvtap: left promiscuous mode
[  380.059648][T22295] loop4: detected capacity change from 0 to 1024
[  380.066855][T22295] EXT4-fs: Ignoring removed oldalloc option
[  380.073169][T22295] EXT4-fs: Ignoring removed orlov option
[  380.080895][T22295] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  380.116176][T22299] netlink: 5 bytes leftover after parsing attributes in process `syz.2.7215'.
[  380.127156][T22299] 0{X功: renamed from gretap0 (while UP)
[  380.135665][T22299] 0{X功: entered allmulticast mode
[  380.142199][T22299] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  380.181049][T22295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.225175][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.286894][T22305] 9pnet_fd: Insufficient options for proto=fd
[  380.347756][T22308] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  380.377604][T22311] loop4: detected capacity change from 0 to 1024
[  380.392649][T22311] EXT4-fs: Ignoring removed oldalloc option
[  380.400909][T22311] EXT4-fs: Ignoring removed orlov option
[  380.418934][T22311] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  380.446179][T22311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.474646][T22311] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  380.527440][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.543251][T22316] loop2: detected capacity change from 0 to 1024
[  380.562367][T22316] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  380.580840][T22316] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  380.596215][T22316] EXT4-fs (loop2): orphan cleanup on readonly fs
[  380.646673][T22316] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  380.662675][T22316] EXT4-fs (loop2): Remounting filesystem read-only
[  380.696681][T22316] EXT4-fs (loop2): 1 truncate cleaned up
[  380.703156][T22316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  380.732033][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.760683][T22323] loop4: detected capacity change from 0 to 512
[  380.784593][T22323] EXT4-fs: Ignoring removed mblk_io_submit option
[  380.792006][T22325] random: crng reseeded on system resumption
[  380.812515][T22323] EXT4-fs: Ignoring removed mblk_io_submit option
[  380.835082][T22325] loop2: detected capacity change from 0 to 1024
[  380.857362][T22323] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  380.875115][T22325] EXT4-fs: Ignoring removed oldalloc option
[  380.881127][T22325] EXT4-fs: Ignoring removed orlov option
[  380.907219][T22325] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  380.917611][T22323] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  380.936022][T22323] System zones: 1-12
[  380.946853][T22325] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.964508][T22323] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7224: corrupted in-inode xattr: e_value size too large
[  380.980384][T22323] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7224: couldn't read orphan inode 15 (err -117)
[  381.006209][T22323] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.084698][T22325] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.7226: Allocating blocks 497-513 which overlap fs metadata
[  381.175609][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.255224][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.415433][T22341] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  381.428196][T22341] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  381.453044][T22341] bond0 (unregistering): Released all slaves
[  381.472847][T22355] netlink: 'syz.4.7236': attribute type 10 has an invalid length.
[  381.572784][T22365] loop4: detected capacity change from 0 to 128
[  381.732325][T22378] validate_nla: 1 callbacks suppressed
[  381.732342][T22378] netlink: 'syz.1.7247': attribute type 10 has an invalid length.
[  381.748036][T22378] veth0_macvtap: entered promiscuous mode
[  381.757553][T22378] team0: Device macvtap0 failed to register rx_handler
[  381.766900][T22378] veth0_macvtap: left promiscuous mode
[  382.039685][T22385] netlink: 'syz.3.7250': attribute type 10 has an invalid length.
[  382.224663][T22389] 9pnet_fd: Insufficient options for proto=fd
[  382.263057][T22391] loop2: detected capacity change from 0 to 128
[  382.798877][T22413] netlink: 'syz.1.7262': attribute type 10 has an invalid length.
[  382.807371][T22413] __nla_validate_parse: 6 callbacks suppressed
[  382.807526][T22413] netlink: 156 bytes leftover after parsing attributes in process `syz.1.7262'.
[  382.894570][T22413] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7262'.
[  383.722629][T22436] netlink: 'syz.4.7272': attribute type 10 has an invalid length.
[  383.800313][T22442] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7274'.
[  383.855086][T22444] loop2: detected capacity change from 0 to 1024
[  383.877956][T22444] EXT4-fs: Ignoring removed oldalloc option
[  383.884888][T22444] EXT4-fs: Ignoring removed orlov option
[  383.891866][T22444] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  383.929915][T22444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.975345][T22444] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.7276: Allocating blocks 497-513 which overlap fs metadata
[  384.003081][T22455] netlink: 5 bytes leftover after parsing attributes in process `syz.1.7279'.
[  384.062838][T22455] 0{X功: renamed from gretap0 (while UP)
[  384.082703][T22455] 0{X功: entered allmulticast mode
[  384.088774][T22444] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.7276: Allocating blocks 497-513 which overlap fs metadata
[  384.114484][T22455] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  384.174791][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.247489][T22465] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  384.264222][T22463] loop2: detected capacity change from 0 to 1024
[  384.284312][T22463] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  384.295320][T22463] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  384.314513][T22463] EXT4-fs (loop2): orphan cleanup on readonly fs
[  384.331975][T22463] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  384.370238][T22463] EXT4-fs (loop2): Remounting filesystem read-only
[  384.396975][T22463] EXT4-fs (loop2): 1 truncate cleaned up
[  384.416792][T22463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  384.504806][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.679159][T22479] 9pnet_fd: Insufficient options for proto=fd
[  384.717659][T22481] loop2: detected capacity change from 0 to 1024
[  384.738524][T22481] EXT4-fs: Ignoring removed oldalloc option
[  384.752294][T22481] EXT4-fs: Ignoring removed orlov option
[  384.764264][T22481] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  384.797554][T22481] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.906158][T22490] random: crng reseeded on system resumption
[  384.931562][T22490] loop4: detected capacity change from 0 to 1024
[  384.953088][T22490] EXT4-fs: Ignoring removed oldalloc option
[  384.965557][T22490] EXT4-fs: Ignoring removed orlov option
[  385.050174][T22490] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  385.063793][T22481] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  385.107320][T22494] netlink: 5 bytes leftover after parsing attributes in process `syz.3.7294'.
[  385.115658][T22490] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.122291][T22494] 1{X功: renamed from 
30{X功 (while UP)
[  385.180469][T22494] A link change request failed with some changes committed already. Interface 
31{X功 may have been left with an inconsistent configuration, please check.
[  385.215716][T22501] loop2: detected capacity change from 0 to 1024
[  385.252569][T22501] EXT4-fs: Ignoring removed oldalloc option
[  385.258702][T22501] EXT4-fs: Ignoring removed orlov option
[  385.275717][T22501] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  385.352411][T22513] 9pnet_fd: Insufficient options for proto=fd
[  385.388982][   T29] kauditd_printk_skb: 362 callbacks suppressed
[  385.389001][   T29] audit: type=1326 audit(1752074732.166:54713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.419310][   T29] audit: type=1326 audit(1752074732.166:54714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.442975][   T29] audit: type=1326 audit(1752074732.166:54715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.466575][   T29] audit: type=1326 audit(1752074732.166:54716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.490040][   T29] audit: type=1326 audit(1752074732.166:54717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.513726][   T29] audit: type=1326 audit(1752074732.166:54718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.537558][   T29] audit: type=1326 audit(1752074732.166:54719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.574124][   T29] audit: type=1326 audit(1752074732.346:54720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22516 comm="syz.0.7305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.718127][T22529] loop2: detected capacity change from 0 to 1024
[  385.725697][T22529] EXT4-fs: Ignoring removed orlov option
[  385.733556][   T29] audit: type=1326 audit(1752074732.516:54721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22528 comm="syz.0.7310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  385.757205][   T29] audit: type=1326 audit(1752074732.516:54722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22528 comm="syz.0.7310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c924e929 code=0x7ffc0000
[  386.336114][T22552] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  386.350523][T22552] loop4: detected capacity change from 0 to 1024
[  386.357974][T22552] EXT4-fs: Ignoring removed orlov option
[  386.419352][T22557] loop2: detected capacity change from 0 to 1024
[  386.427583][T22557] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  386.440089][T22557] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  386.448443][T22557] EXT4-fs (loop2): orphan cleanup on readonly fs
[  386.456296][T22557] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  386.466661][T22557] EXT4-fs (loop2): Remounting filesystem read-only
[  386.476698][T22557] EXT4-fs (loop2): 1 truncate cleaned up
[  386.509940][T22561] loop2: detected capacity change from 0 to 512
[  386.516884][T22561] EXT4-fs: Ignoring removed mblk_io_submit option
[  386.523679][T22561] EXT4-fs: Ignoring removed mblk_io_submit option
[  386.530750][T22561] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  386.540309][T22561] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  386.563199][T22561] System zones: 1-12
[  386.585727][T22561] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7321: corrupted in-inode xattr: e_value size too large
[  386.603017][T22561] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7321: couldn't read orphan inode 15 (err -117)
[  387.220938][T22589] random: crng reseeded on system resumption
[  387.242099][T22591] loop2: detected capacity change from 0 to 1024
[  387.251080][T22589] loop4: detected capacity change from 0 to 1024
[  387.258219][T22589] EXT4-fs: Ignoring removed oldalloc option
[  387.282346][T22591] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  387.294380][T22589] EXT4-fs: Ignoring removed orlov option
[  387.301616][T22589] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  387.315146][T22591] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  387.341183][T22591] EXT4-fs (loop2): orphan cleanup on readonly fs
[  387.351214][T22591] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  387.362752][T22591] EXT4-fs (loop2): Remounting filesystem read-only
[  387.368496][T22598] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  387.369305][T22591] EXT4-fs (loop2): 1 truncate cleaned up
[  387.491812][T22589] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.7331: Allocating blocks 497-513 which overlap fs metadata
[  387.691915][T22608] loop2: detected capacity change from 0 to 512
[  387.712686][T22608] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.728037][T22608] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.747910][T22608] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  387.774776][T22608] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  387.792260][T22608] System zones: 1-12
[  387.898758][T22608] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7338: corrupted in-inode xattr: e_value size too large
[  387.982762][T22608] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7338: couldn't read orphan inode 15 (err -117)
[  388.713879][T22639] loop4: detected capacity change from 0 to 1024
[  388.720697][T22639] EXT4-fs: Ignoring removed oldalloc option
[  388.728053][T22639] EXT4-fs: Ignoring removed orlov option
[  388.734329][T22639] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  388.755575][T22644] netlink: 'syz.0.7352': attribute type 10 has an invalid length.
[  388.764584][T22644] netlink: 156 bytes leftover after parsing attributes in process `syz.0.7352'.
[  388.783919][T22647] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  388.801324][T22639] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  388.819302][T22644] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7352'.
[  388.941333][T22659] loop2: detected capacity change from 0 to 1024
[  388.951376][T22659] EXT4-fs: Ignoring removed orlov option
[  389.961696][T22688] loop2: detected capacity change from 0 to 1024
[  389.965416][T22678] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  389.992195][T22688] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  390.024551][T22688] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  390.065131][T22693] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22693 comm=syz.0.7369
[  390.082690][T22688] EXT4-fs (loop2): orphan cleanup on readonly fs
[  390.102616][T22688] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  390.133121][T22688] EXT4-fs (loop2): Remounting filesystem read-only
[  390.150592][T22688] EXT4-fs (loop2): 1 truncate cleaned up
[  390.394464][   T29] kauditd_printk_skb: 917 callbacks suppressed
[  390.394478][   T29] audit: type=1326 audit(1752074737.176:55634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  390.448177][   T29] audit: type=1326 audit(1752074737.216:55635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  390.472061][   T29] audit: type=1326 audit(1752074737.216:55636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  390.495733][   T29] audit: type=1326 audit(1752074737.216:55637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  390.519389][   T29] audit: type=1326 audit(1752074737.216:55638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  390.542912][   T29] audit: type=1326 audit(1752074737.216:55639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  390.566519][   T29] audit: type=1326 audit(1752074737.216:55640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  390.590080][   T29] audit: type=1326 audit(1752074737.216:55641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  390.613734][   T29] audit: type=1326 audit(1752074737.226:55642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  390.637315][   T29] audit: type=1326 audit(1752074737.226:55643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz.3.7373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  391.449479][T22747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22747 comm=syz.2.7392
[  391.467921][T22747] loop2: detected capacity change from 0 to 1024
[  391.506366][T22747] EXT4-fs: Ignoring removed orlov option
[  391.781336][T22764] netlink: 5 bytes leftover after parsing attributes in process `syz.0.7398'.
[  391.795243][T22764] 0{X功: renamed from gretap0
[  391.805361][T22764] 0{X功: entered allmulticast mode
[  391.818023][T22764] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  392.300571][T22786] loop2: detected capacity change from 0 to 1024
[  392.327418][T22787] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22787 comm=syz.1.7408
[  392.347009][T22786] EXT4-fs: Ignoring removed oldalloc option
[  392.370510][T22786] EXT4-fs: Ignoring removed orlov option
[  392.384639][T22786] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  392.422392][T22799] netlink: 5 bytes leftover after parsing attributes in process `syz.0.7413'.
[  392.441574][T22799] 1{X功: renamed from 
30{X功 (while UP)
[  392.459906][T22799] A link change request failed with some changes committed already. Interface 
31{X功 may have been left with an inconsistent configuration, please check.
[  392.940171][T22828] netlink: 5 bytes leftover after parsing attributes in process `syz.4.7425'.
[  392.953011][T22828] 0{X功: renamed from gretap0 (while UP)
[  392.961284][T22828] 0{X功: entered allmulticast mode
[  392.970814][T22830] 9pnet_fd: Insufficient options for proto=fd
[  392.970951][T22828] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  393.138167][T22842] loop2: detected capacity change from 0 to 1024
[  393.148563][T22842] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  393.193793][T22842] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  393.204014][T22842] EXT4-fs (loop2): orphan cleanup on readonly fs
[  393.214687][T22842] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  393.228781][T22842] EXT4-fs (loop2): Remounting filesystem read-only
[  393.235633][T22842] EXT4-fs (loop2): 1 truncate cleaned up
[  393.307519][T22850] loop2: detected capacity change from 0 to 1024
[  393.326072][T22850] EXT4-fs: Ignoring removed orlov option
[  393.566200][T22862] loop4: detected capacity change from 0 to 1024
[  393.602591][T22862] EXT4-fs: Ignoring removed oldalloc option
[  393.608649][T22862] EXT4-fs: Ignoring removed orlov option
[  393.626614][T22862] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  393.684142][T22867] netlink: 5 bytes leftover after parsing attributes in process `syz.1.7440'.
[  393.727534][T22867] 1{X功: renamed from 
30{X功 (while UP)
[  393.746877][T22867] A link change request failed with some changes committed already. Interface 
31{X功 may have been left with an inconsistent configuration, please check.
[  393.780457][T22870] 9pnet_fd: Insufficient options for proto=fd
[  393.794846][T22862] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  394.093926][T22897] loop2: detected capacity change from 0 to 1024
[  394.151488][T22897] EXT4-fs: Ignoring removed orlov option
[  394.889672][T22927] loop2: detected capacity change from 0 to 512
[  394.906042][T22929] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7465'.
[  394.924936][T22927] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  394.946679][T22927] EXT4-fs (loop2): mount failed
[  395.031484][T22939] netlink: 'syz.4.7468': attribute type 10 has an invalid length.
[  395.047499][T22936] 9pnet_fd: Insufficient options for proto=fd
[  395.160080][T22948] loop4: detected capacity change from 0 to 512
[  395.166861][T22948] EXT4-fs: Ignoring removed mblk_io_submit option
[  395.175478][T22948] EXT4-fs: Ignoring removed mblk_io_submit option
[  395.182762][T22948] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  395.191984][T22948] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  395.202572][T22948] System zones: 1-12
[  395.206964][T22948] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7472: corrupted in-inode xattr: e_value size too large
[  395.228159][T22948] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7472: couldn't read orphan inode 15 (err -117)
[  395.337797][T22954] random: crng reseeded on system resumption
[  395.353449][T22954] loop4: detected capacity change from 0 to 1024
[  395.360938][T22954] EXT4-fs: Ignoring removed oldalloc option
[  395.367383][T22954] EXT4-fs: Ignoring removed orlov option
[  395.373849][T22954] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  395.403225][T22954] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  395.406428][   T29] kauditd_printk_skb: 1899 callbacks suppressed
[  395.406446][   T29] audit: type=1326 audit(1752074742.186:57540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  395.448928][   T29] audit: type=1326 audit(1752074742.236:57541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  395.472566][   T29] audit: type=1326 audit(1752074742.236:57542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  395.496180][   T29] audit: type=1326 audit(1752074742.236:57543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  395.519687][   T29] audit: type=1326 audit(1752074742.236:57544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  395.543263][   T29] audit: type=1326 audit(1752074742.236:57545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.2.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff96ad958e7 code=0x7ffc0000
[  395.566885][   T29] audit: type=1326 audit(1752074742.236:57546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.2.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff96ad3ab19 code=0x7ffc0000
[  395.590507][   T29] audit: type=1326 audit(1752074742.236:57547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22926 comm="syz.2.7464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  395.614297][   T29] audit: type=1326 audit(1752074742.256:57548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  395.616352][T18773] EXT4-fs unmount: 39 callbacks suppressed
[  395.616460][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.637841][   T29] audit: type=1326 audit(1752074742.256:57549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22928 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  395.693421][T22959] loop4: detected capacity change from 0 to 1024
[  395.700746][T22959] EXT4-fs: Ignoring removed oldalloc option
[  395.725025][T22959] EXT4-fs: Ignoring removed orlov option
[  395.731449][T22959] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  395.762216][T22959] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  395.792610][T22959] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  395.823010][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.049798][T22980] netlink: 'syz.1.7482': attribute type 10 has an invalid length.
[  396.058548][T22980] veth0_macvtap: entered promiscuous mode
[  396.069574][T22980] team0: Device macvtap0 failed to register rx_handler
[  396.077455][T22980] veth0_macvtap: left promiscuous mode
[  396.115150][T22984] random: crng reseeded on system resumption
[  396.141461][T22984] loop4: detected capacity change from 0 to 1024
[  396.158996][T22984] EXT4-fs: Ignoring removed oldalloc option
[  396.171199][T22984] EXT4-fs: Ignoring removed orlov option
[  396.187199][T22984] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  396.211906][T22984] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.237164][T22984] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  396.287353][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.545920][T22994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7487'.
[  396.586734][T22994] loop4: detected capacity change from 0 to 512
[  396.625790][T22994] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  396.660967][T22994] EXT4-fs (loop4): mount failed
[  396.752743][T22999] 9pnet_fd: Insufficient options for proto=fd
[  397.215190][T23022] random: crng reseeded on system resumption
[  397.227429][T23025] netlink: 'syz.2.7498': attribute type 10 has an invalid length.
[  397.245666][T23025] veth0_macvtap: entered promiscuous mode
[  397.263573][T23025] team0: Device macvtap0 failed to register rx_handler
[  397.280859][T23025] veth0_macvtap: left promiscuous mode
[  397.834170][T23049] loop4: detected capacity change from 0 to 512
[  397.845383][T23049] EXT4-fs: Ignoring removed mblk_io_submit option
[  397.904558][T23049] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7509: corrupted in-inode xattr: overlapping e_value 
[  397.919209][T23049] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7509: couldn't read orphan inode 15 (err -117)
[  397.933941][T23049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.053382][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.078118][T23058] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7510'.
[  398.202894][T23065] 9pnet_fd: Insufficient options for proto=fd
[  398.358846][T23073] loop2: detected capacity change from 0 to 512
[  398.419001][T23077] random: crng reseeded on system resumption
[  398.635767][T23073] EXT4-fs (loop2): orphan cleanup on readonly fs
[  398.649393][T23073] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  398.665758][T23073] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  398.677927][T23073] EXT4-fs (loop2): 1 truncate cleaned up
[  398.687048][T23073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  398.805285][T23073] +}[@ (23073) used greatest stack depth: 9304 bytes left
[  398.828983][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.871272][T23090] loop2: detected capacity change from 0 to 1024
[  398.880186][T23090] EXT4-fs: Ignoring removed orlov option
[  398.889102][T23090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  399.136964][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.306345][T23110] random: crng reseeded on system resumption
[  399.344310][T23113] netlink: 'syz.2.7531': attribute type 10 has an invalid length.
[  399.362015][T23113] veth0_macvtap: entered promiscuous mode
[  399.375187][T23113] team0: Device macvtap0 failed to register rx_handler
[  399.425550][T23113] veth0_macvtap: left promiscuous mode
[  399.739331][T23134] loop4: detected capacity change from 0 to 512
[  399.803693][T23134] EXT4-fs: Ignoring removed mblk_io_submit option
[  399.822054][T23134] EXT4-fs: Ignoring removed mblk_io_submit option
[  399.838790][T23134] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  399.860527][T23134] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  399.872217][T23134] System zones: 1-12
[  399.877394][T23134] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7540: corrupted in-inode xattr: e_value size too large
[  399.913473][T23134] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7540: couldn't read orphan inode 15 (err -117)
[  399.942632][T23134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  400.147109][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.499193][T23145] loop2: detected capacity change from 0 to 128
[  400.552214][T23147] random: crng reseeded on system resumption
[  400.600331][T23150] netlink: 'syz.0.7544': attribute type 10 has an invalid length.
[  400.611987][T23147] loop4: detected capacity change from 0 to 1024
[  400.628943][T23147] EXT4-fs: Ignoring removed oldalloc option
[  400.636363][T23150] veth0_macvtap: entered promiscuous mode
[  400.642239][T23147] EXT4-fs: Ignoring removed orlov option
[  400.650358][T19830] bio_check_eod: 104 callbacks suppressed
[  400.650370][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.650370][T19830] loop2: rw=1, sector=137, nr_sectors = 8 limit=128
[  400.670596][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.670596][T19830] loop2: rw=1, sector=153, nr_sectors = 8 limit=128
[  400.684666][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.684666][T19830] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[  400.698258][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.698258][T19830] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[  400.713331][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.713331][T19830] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[  400.726979][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.726979][T19830] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[  400.741050][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.741050][T19830] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[  400.754696][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.754696][T19830] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[  400.768340][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.768340][T19830] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[  400.783764][T19830] kworker/u8:13: attempt to access beyond end of device
[  400.783764][T19830] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[  400.858723][T23150] team0: Device macvtap0 failed to register rx_handler
[  400.871517][T23147] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  400.883973][T23150] veth0_macvtap: left promiscuous mode
[  400.897401][T23147] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.932667][T23147] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  400.935593][T23160] loop2: detected capacity change from 0 to 1024
[  400.954035][T23160] EXT4-fs: Ignoring removed oldalloc option
[  400.960037][T23160] EXT4-fs: Ignoring removed orlov option
[  400.970619][T23160] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  400.996181][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.024154][T23160] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.090447][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.268759][T23186] loop2: detected capacity change from 0 to 512
[  401.275974][T23186] EXT4-fs: Ignoring removed mblk_io_submit option
[  401.284844][T23186] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7559: corrupted in-inode xattr: overlapping e_value 
[  401.300722][T23186] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7559: couldn't read orphan inode 15 (err -117)
[  401.329523][T23186] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.332099][T23189] netlink: 'syz.3.7560': attribute type 10 has an invalid length.
[  401.387568][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.414631][T23193] loop2: detected capacity change from 0 to 1024
[  401.421446][T23193] EXT4-fs: Ignoring removed oldalloc option
[  401.429016][T23193] EXT4-fs: Ignoring removed orlov option
[  401.435467][T23193] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  401.456050][T23193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.499445][T23193] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  401.557264][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.575594][   T29] kauditd_printk_skb: 1062 callbacks suppressed
[  401.575610][   T29] audit: type=1326 audit(1752074748.356:58609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.605937][   T29] audit: type=1326 audit(1752074748.356:58610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.629652][   T29] audit: type=1326 audit(1752074748.356:58611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.653524][   T29] audit: type=1326 audit(1752074748.356:58612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.677278][   T29] audit: type=1326 audit(1752074748.356:58613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.701007][   T29] audit: type=1326 audit(1752074748.356:58614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.727344][   T29] audit: type=1326 audit(1752074748.396:58615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.751128][   T29] audit: type=1326 audit(1752074748.396:58616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.774736][   T29] audit: type=1326 audit(1752074748.396:58617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.798378][   T29] audit: type=1326 audit(1752074748.396:58618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23198 comm="syz.3.7565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  401.864945][T23204] loop2: detected capacity change from 0 to 512
[  401.907318][T23204] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  401.970625][T23204] EXT4-fs (loop2): mount failed
[  402.126646][T23223] 9pnet_fd: Insufficient options for proto=fd
[  402.306146][T23231] loop4: detected capacity change from 0 to 512
[  402.325932][T23231] EXT4-fs (loop4): orphan cleanup on readonly fs
[  402.333493][T23231] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  402.353657][T23231] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  402.367497][T23231] EXT4-fs (loop4): 1 truncate cleaned up
[  402.374566][T23231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  402.460008][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.537209][T23238] loop4: detected capacity change from 0 to 1024
[  402.582317][T23238] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  402.612439][T23238] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  402.656998][T23238] EXT4-fs (loop4): orphan cleanup on readonly fs
[  402.699062][T23238] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  402.708993][T23238] EXT4-fs (loop4): Remounting filesystem read-only
[  402.717063][T23238] EXT4-fs (loop4): 1 truncate cleaned up
[  402.813432][T23238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  402.849651][T23244] netlink: 'syz.1.7581': attribute type 10 has an invalid length.
[  402.865855][T23244] veth0_macvtap: entered promiscuous mode
[  402.873864][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.890740][T23244] team0: Device macvtap0 failed to register rx_handler
[  402.899737][T23244] veth0_macvtap: left promiscuous mode
[  402.974196][T23253] 9pnet_fd: Insufficient options for proto=fd
[  403.020008][T23257] loop4: detected capacity change from 0 to 512
[  403.028763][T23257] EXT4-fs: Ignoring removed mblk_io_submit option
[  403.037259][T23257] EXT4-fs: Ignoring removed mblk_io_submit option
[  403.051936][T23257] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  403.067096][T23257] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  403.076655][T23257] System zones: 1-12
[  403.092292][T23257] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7587: corrupted in-inode xattr: e_value size too large
[  403.123759][T23257] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7587: couldn't read orphan inode 15 (err -117)
[  403.182471][T23268] loop2: detected capacity change from 0 to 512
[  403.193799][T23257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.215174][T23268] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  403.246699][T23268] EXT4-fs (loop2): mount failed
[  403.347189][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.381577][T23278] netlink: 'syz.4.7593': attribute type 10 has an invalid length.
[  403.441755][T23280] random: crng reseeded on system resumption
[  403.487550][T23280] loop4: detected capacity change from 0 to 1024
[  403.501928][T23280] EXT4-fs: Ignoring removed oldalloc option
[  403.517768][T23280] EXT4-fs: Ignoring removed orlov option
[  403.539257][T23280] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  403.596886][T23280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.652946][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.698543][T23284] loop4: detected capacity change from 0 to 1024
[  403.705677][T23284] EXT4-fs: Ignoring removed orlov option
[  403.716598][T23284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.840323][T23294] 9pnet_fd: Insufficient options for proto=fd
[  403.857598][T23297] netlink: 'syz.0.7599': attribute type 8 has an invalid length.
[  403.955959][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.983162][T23306] 9pnet_fd: Insufficient options for proto=fd
[  404.179179][T23318] random: crng reseeded on system resumption
[  404.193298][T23318] loop2: detected capacity change from 0 to 1024
[  404.199966][T23318] EXT4-fs: Ignoring removed oldalloc option
[  404.205956][T23318] EXT4-fs: Ignoring removed orlov option
[  404.212058][T23318] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  404.234162][T23318] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.259530][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.525440][T23330] loop2: detected capacity change from 0 to 512
[  404.533528][T23330] EXT4-fs (loop2): orphan cleanup on readonly fs
[  404.540891][T23330] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  404.555309][T23330] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  404.566862][T23330] EXT4-fs (loop2): 1 truncate cleaned up
[  404.574692][T23330] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  404.611433][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.794909][T23340] loop2: detected capacity change from 0 to 512
[  404.823331][T23342] netlink: 'syz.0.7617': attribute type 10 has an invalid length.
[  404.825634][T23340] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  404.831496][T23342] veth0_macvtap: entered promiscuous mode
[  404.846984][T23340] EXT4-fs (loop2): mount failed
[  404.853583][T23342] team0: Device macvtap0 failed to register rx_handler
[  404.863963][T23342] veth0_macvtap: left promiscuous mode
[  404.909865][T23348] random: crng reseeded on system resumption
[  404.929234][T23350] loop4: detected capacity change from 0 to 1024
[  404.941135][T23350] EXT4-fs: Ignoring removed oldalloc option
[  404.947888][T23350] EXT4-fs: Ignoring removed orlov option
[  404.956185][T23350] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  404.994721][T23350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.015512][T23350] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  405.052707][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.097944][T23368] loop4: detected capacity change from 0 to 1024
[  405.105862][T23368] EXT4-fs: Ignoring removed orlov option
[  405.115373][T23368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.151368][T23374] netlink: 'syz.3.7630': attribute type 10 has an invalid length.
[  405.299723][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.387768][T23392] loop4: detected capacity change from 0 to 512
[  405.396748][T23392] EXT4-fs: Ignoring removed mblk_io_submit option
[  405.404485][T23392] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7637: corrupted in-inode xattr: overlapping e_value 
[  405.419997][T23392] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7637: couldn't read orphan inode 15 (err -117)
[  405.435307][T23392] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.476053][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.573778][T23398] loop4: detected capacity change from 0 to 512
[  405.600187][T23398] EXT4-fs (loop4): orphan cleanup on readonly fs
[  405.607273][T23398] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  405.624489][T23402] loop2: detected capacity change from 0 to 1024
[  405.632618][T23398] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  405.654522][T23402] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  405.667515][T23398] EXT4-fs (loop4): 1 truncate cleaned up
[  405.686733][T23398] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  405.717743][T23402] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  405.734005][T23402] EXT4-fs (loop2): orphan cleanup on readonly fs
[  405.751175][T23402] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  405.790061][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.803141][T23402] EXT4-fs (loop2): Remounting filesystem read-only
[  405.815764][T23402] EXT4-fs (loop2): 1 truncate cleaned up
[  405.827005][T23402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  405.850699][T23405] netlink: 'syz.4.7642': attribute type 10 has an invalid length.
[  405.917054][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.030590][T23416] loop4: detected capacity change from 0 to 128
[  406.144973][T23430] random: crng reseeded on system resumption
[  406.176236][T23430] loop2: detected capacity change from 0 to 1024
[  406.196377][T19830] bio_check_eod: 104 callbacks suppressed
[  406.196393][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.196393][T19830] loop4: rw=1, sector=137, nr_sectors = 8 limit=128
[  406.220937][T23430] EXT4-fs: Ignoring removed oldalloc option
[  406.227188][T23430] EXT4-fs: Ignoring removed orlov option
[  406.233025][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.233025][T19830] loop4: rw=1, sector=153, nr_sectors = 8 limit=128
[  406.251486][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.251486][T19830] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[  406.265592][T23430] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  406.277302][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.277302][T19830] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[  406.291910][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.291910][T19830] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[  406.305522][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.305522][T19830] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[  406.319307][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.319307][T19830] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[  406.333314][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.333314][T19830] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[  406.365353][T23430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.460415][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.460415][T19830] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[  406.479851][T19830] kworker/u8:13: attempt to access beyond end of device
[  406.479851][T19830] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[  406.660809][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.769036][T23449] loop2: detected capacity change from 0 to 1024
[  406.799693][T23449] EXT4-fs: Ignoring removed orlov option
[  406.815510][T23449] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.093260][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.100912][T23465] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7666'.
[  407.177745][T23473] netlink: 'syz.2.7669': attribute type 10 has an invalid length.
[  407.186872][T23473] veth0_macvtap: entered promiscuous mode
[  407.194140][T23473] team0: Device macvtap0 failed to register rx_handler
[  407.201413][T23473] veth0_macvtap: left promiscuous mode
[  407.246608][T23477] loop2: detected capacity change from 0 to 1024
[  407.254701][T23477] EXT4-fs: Ignoring removed orlov option
[  407.265592][T23477] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.500339][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.723452][T23499] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7679'.
[  407.762671][T23497] loop4: detected capacity change from 0 to 512
[  407.790963][T23501] loop2: detected capacity change from 0 to 512
[  407.802390][T23497] EXT4-fs (loop4): orphan cleanup on readonly fs
[  407.819752][T23497] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  407.844355][T23501] EXT4-fs: Ignoring removed mblk_io_submit option
[  407.872602][T23501] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7681: corrupted in-inode xattr: overlapping e_value 
[  407.901574][T23497] __quota_error: 904 callbacks suppressed
[  407.901592][T23497] Quota error (device loop4): write_blk: dquota write failed
[  407.914883][T23497] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  407.924871][T23497] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  407.943902][T23501] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7681: couldn't read orphan inode 15 (err -117)
[  407.945940][T23497] EXT4-fs (loop4): 1 truncate cleaned up
[  407.983005][T23497] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  407.990212][T23501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.033245][T20407] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.086550][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.117382][   T29] audit: type=1326 audit(1752074754.896:59510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.154020][T23522] netlink: 'syz.4.7689': attribute type 10 has an invalid length.
[  408.181741][   T29] audit: type=1326 audit(1752074754.896:59511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.205620][   T29] audit: type=1326 audit(1752074754.926:59512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.229497][   T29] audit: type=1326 audit(1752074754.926:59513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.253297][   T29] audit: type=1326 audit(1752074754.926:59514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.277510][   T29] audit: type=1326 audit(1752074754.926:59515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.301070][   T29] audit: type=1326 audit(1752074754.926:59516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.324697][   T29] audit: type=1326 audit(1752074754.926:59517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23515 comm="syz.2.7688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff96ad9e929 code=0x7ffc0000
[  408.394310][T23529] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7691'.
[  408.479654][T23532] loop4: detected capacity change from 0 to 512
[  408.519120][T23532] EXT4-fs: Ignoring removed mblk_io_submit option
[  408.541153][T23532] EXT4-fs: Ignoring removed mblk_io_submit option
[  408.556436][T23532] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  408.583990][T23532] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c11c, mo2=0002]
[  408.604448][T23532] System zones: 1-12
[  408.616014][T23532] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7692: corrupted in-inode xattr: e_value size too large
[  408.647999][T23532] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7692: couldn't read orphan inode 15 (err -117)
[  408.677273][T23532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  408.785749][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.826466][T23546] loop4: detected capacity change from 0 to 1024
[  408.892574][T23546] EXT4-fs: Ignoring removed oldalloc option
[  408.912643][T23546] EXT4-fs: Ignoring removed orlov option
[  408.921870][T23546] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  408.944645][T23555] netlink: 'syz.2.7702': attribute type 10 has an invalid length.
[  408.956608][T23555] veth0_macvtap: entered promiscuous mode
[  408.965497][T23546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.993463][T23555] team0: Device macvtap0 failed to register rx_handler
[  409.008560][T23555] veth0_macvtap: left promiscuous mode
[  409.020854][T23560] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7703'.
[  409.030460][T23546] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  409.088430][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.143592][T23564] netlink: 'syz.2.7706': attribute type 8 has an invalid length.
[  409.204614][T23564] loop2: detected capacity change from 0 to 512
[  409.225824][T23564] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  409.258226][T23564] EXT4-fs (loop2): mount failed
[  409.265736][T23577] loop4: detected capacity change from 0 to 512
[  409.272669][T23577] EXT4-fs: Ignoring removed mblk_io_submit option
[  409.283284][T23577] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7709: corrupted in-inode xattr: overlapping e_value 
[  409.306386][T23577] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7709: couldn't read orphan inode 15 (err -117)
[  409.326492][T23577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.364486][T23567] 9pnet_fd: Insufficient options for proto=fd
[  409.381454][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.635449][T23591] loop4: detected capacity change from 0 to 512
[  409.643796][T23591] EXT4-fs (loop4): orphan cleanup on readonly fs
[  409.651043][T23591] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  409.665359][T23591] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  409.677243][T23591] EXT4-fs (loop4): 1 truncate cleaned up
[  409.684093][T23591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  409.721892][T18773] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.745151][T23594] loop4: detected capacity change from 0 to 1024
[  409.751987][T23594] EXT4-fs: Ignoring removed oldalloc option
[  409.758348][T23594] EXT4-fs: Ignoring removed orlov option
[  409.764639][T23594] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  409.783930][T23594] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.802206][T23594] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  409.943711][T23607] loop2: detected capacity change from 0 to 512
[  409.950552][T23607] EXT4-fs: Ignoring removed mblk_io_submit option
[  409.958505][T23607] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.7720: corrupted in-inode xattr: overlapping e_value 
[  409.972643][T23607] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7720: couldn't read orphan inode 15 (err -117)
[  410.249471][T23632] netlink: 'syz.1.7731': attribute type 8 has an invalid length.
[  410.310404][T23638] random: crng reseeded on system resumption
[  410.362255][T23639] 9pnet_fd: Insufficient options for proto=fd
[  410.383831][T23642] loop4: detected capacity change from 0 to 512
[  410.405928][T23642] EXT4-fs: Ignoring removed mblk_io_submit option
[  410.429909][T23642] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.7735: corrupted in-inode xattr: overlapping e_value 
[  410.462380][T23642] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.7735: couldn't read orphan inode 15 (err -117)
[  410.541501][T23647] loop4: detected capacity change from 0 to 128
[  410.908590][T23660] loop4: detected capacity change from 0 to 1024
[  410.918091][T23660] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  410.942470][T23660] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  410.950657][T23660] EXT4-fs (loop4): orphan cleanup on readonly fs
[  410.957475][T23660] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  410.967543][T23660] EXT4-fs (loop4): Remounting filesystem read-only
[  410.974548][T23660] EXT4-fs (loop4): 1 truncate cleaned up
[  410.998789][T23669] netlink: 'syz.0.7746': attribute type 10 has an invalid length.
[  411.007406][T23669] veth0_macvtap: entered promiscuous mode
[  411.014667][T23669] team0: Device macvtap0 failed to register rx_handler
[  411.023932][T23669] veth0_macvtap: left promiscuous mode
[  411.314126][T23694] loop4: detected capacity change from 0 to 1024
[  411.389033][T23694] EXT4-fs: Ignoring removed orlov option
[  411.419900][T23697] loop2: detected capacity change from 0 to 164
[  411.438855][T23701] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7757'.
[  411.470000][T23697] Unable to read rock-ridge attributes
[  411.602536][T23697] Unable to read rock-ridge attributes
[  411.675994][T23707] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7759'.
[  411.770490][T23715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7762'.
[  411.810301][T23715] loop2: detected capacity change from 0 to 512
[  412.028586][T23715] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  412.058514][T23715] EXT4-fs (loop2): mount failed
[  412.144513][T23718] 9pnet_fd: Insufficient options for proto=fd
[  412.905790][   T29] kauditd_printk_skb: 1616 callbacks suppressed
[  412.905821][   T29] audit: type=1326 audit(1752074759.686:61128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  412.935841][   T29] audit: type=1326 audit(1752074759.686:61129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  412.959417][   T29] audit: type=1326 audit(1752074759.686:61130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  412.985174][   T29] audit: type=1326 audit(1752074759.776:61131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  413.008807][   T29] audit: type=1326 audit(1752074759.776:61132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  413.032416][   T29] audit: type=1326 audit(1752074759.776:61133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  413.058825][   T29] audit: type=1326 audit(1752074759.776:61134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  413.082581][   T29] audit: type=1326 audit(1752074759.776:61135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f779c8aab19 code=0x7ffc0000
[  413.106253][   T29] audit: type=1326 audit(1752074759.776:61136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f779c90e929 code=0x7ffc0000
[  413.129861][   T29] audit: type=1326 audit(1752074759.776:61137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23733 comm="syz.3.7769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f779c9058e7 code=0x7ffc0000
[  413.197092][T23767] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7783'.
[  413.209659][T23767] loop2: detected capacity change from 0 to 512
[  413.224326][T23767] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  413.247039][T23767] EXT4-fs (loop2): mount failed
[  413.325265][T23772] 9pnet_fd: Insufficient options for proto=fd
[  413.817936][T23808] loop4: detected capacity change from 0 to 1024
[  413.835957][T23808] EXT4-fs: Ignoring removed orlov option
[  414.053972][T23818] ==================================================================
[  414.062107][T23818] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / redirty_tail_locked
[  414.071105][T23818] 
[  414.073443][T23818] read-write to 0xffff88811c88b5c0 of 4 bytes by task 23808 on cpu 0:
[  414.081623][T23818]  redirty_tail_locked+0x56/0x280
[  414.086677][T23818]  writeback_single_inode+0x21e/0x3e0
[  414.086707][T23818]  sync_inode_metadata+0x5b/0x90
[  414.097057][T23818]  generic_buffers_fsync_noflush+0xd9/0x120
[  414.102984][T23818]  ext4_sync_file+0x1ab/0x690
[  414.107698][T23818]  vfs_fsync_range+0x10d/0x130
[  414.112519][T23818]  ext4_buffered_write_iter+0x34f/0x3c0
[  414.118087][T23818]  ext4_file_write_iter+0x383/0xf00
[  414.123334][T23818]  iter_file_splice_write+0x5f2/0x970
[  414.128756][T23818]  direct_splice_actor+0x153/0x2a0
[  414.133907][T23818]  splice_direct_to_actor+0x30f/0x680
[  414.139317][T23818]  do_splice_direct+0xda/0x150
[  414.144128][T23818]  do_sendfile+0x380/0x650
[  414.148651][T23818]  __x64_sys_sendfile64+0x105/0x150
[  414.153893][T23818]  x64_sys_call+0xb39/0x2fb0
[  414.158522][T23818]  do_syscall_64+0xd2/0x200
[  414.163079][T23818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.169026][T23818] 
[  414.171384][T23818] read to 0xffff88811c88b5c0 of 4 bytes by task 23818 on cpu 1:
[  414.179037][T23818]  generic_buffers_fsync_noflush+0x80/0x120
[  414.184955][T23818]  ext4_sync_file+0x1ab/0x690
[  414.189658][T23818]  vfs_fsync_range+0x10d/0x130
[  414.194447][T23818]  ext4_buffered_write_iter+0x34f/0x3c0
[  414.200022][T23818]  ext4_file_write_iter+0x383/0xf00
[  414.205233][T23818]  iter_file_splice_write+0x5f2/0x970
[  414.210624][T23818]  direct_splice_actor+0x153/0x2a0
[  414.215757][T23818]  splice_direct_to_actor+0x30f/0x680
[  414.221145][T23818]  do_splice_direct+0xda/0x150
[  414.225922][T23818]  do_sendfile+0x380/0x650
[  414.230345][T23818]  __x64_sys_sendfile64+0x105/0x150
[  414.235561][T23818]  x64_sys_call+0xb39/0x2fb0
[  414.240157][T23818]  do_syscall_64+0xd2/0x200
[  414.244674][T23818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.250576][T23818] 
[  414.252903][T23818] value changed: 0x0000003a -> 0x00000002
[  414.258619][T23818] 
[  414.260950][T23818] Reported by Kernel Concurrency Sanitizer on:
[  414.267100][T23818] CPU: 1 UID: 0 PID: 23818 Comm: syz.4.7798 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  414.279608][T23818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  414.289692][T23818] ==================================================================