last executing test programs:

26.145764363s ago: executing program 0 (id=1430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100001f00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) (async)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$inet6(0xa, 0x3, 0xff)
r6 = dup2(r5, r5)
connect$unix(r6, 0x0, 0x0) (async)
ioctl$VT_WAITACTIVE(r6, 0x5607) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='sys_enter\x00', r4, 0x0, 0x2}, 0x18) (async)
move_pages(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) (async)
r8 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x10, 0xd}, 0x0, 0x0, 0x3, 0x5, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f0000000180)='cpu>=0!|!') (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

26.064597125s ago: executing program 0 (id=1435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x0, 0x2710})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@nobarrier}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@usrquota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x9b, 0x1c20000000)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000380)={0x102, 0x8, 0x1, 0x3, 0x2, 0x0, [{0x8, 0x5, 0x7fffffffffffffff, '\x00', 0x2000}, {0xfffffffffffff3ec, 0x45f0755f, 0x1}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000080))

25.956983397s ago: executing program 0 (id=1439):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800001965ba917c62e1e6902300000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000300)=0x60)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x541b, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r6, 0xc0481273, 0x0)
ioctl$BLKTRACETEARDOWN(r6, 0x1276, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000070000006a0000000800000001"], 0x50)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0x5b532000)
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='mm_page_free\x00', r8}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x20}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x88}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xa4}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x82}]}, 0x34}}, 0x4008051)

25.674455271s ago: executing program 0 (id=1442):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xd, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="720ac4ff000000007110b7000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000200)={<r5=>r4, 0x3ff, 0xaa8, 0x1000})
sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x4008800)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000427bd7000fddbdf250e0000003c00018007000600646800000600020024000000060002003a0000000600020008000000060001000a000000080009004d00000008000b007369700008000500070000000800040008000000"], 0x60}}, 0x4055)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095", @ANYRESOCT, @ANYRES64=r5, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r10 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r10, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r9}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@version_9p2000}]}})
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="b40100001300010226bd7000fcdbdf25ffffffff000000000000000000000000fc0100000000000000000000000000004e23fffa4e20000602002020000000", @ANYRES32], 0x1b4}}, 0x80084)

25.537217453s ago: executing program 0 (id=1445):
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r0, 0x400, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00')

25.167874349s ago: executing program 0 (id=1452):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800001965ba917c62e1e6902300000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000300)=0x60)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x541b, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r6, 0xc0481273, 0x0)
ioctl$BLKTRACETEARDOWN(r6, 0x1276, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000070000006a0000000800000001"], 0x50)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0x5b532000)
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='mm_page_free\x00', r8}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x20}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x88}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xa4}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x82}]}, 0x34}}, 0x4008051)

25.167131649s ago: executing program 32 (id=1452):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800001965ba917c62e1e6902300000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000300)=0x60)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x541b, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r6, 0xc0481273, 0x0)
ioctl$BLKTRACETEARDOWN(r6, 0x1276, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000070000006a0000000800000001"], 0x50)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0x5b532000)
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='mm_page_free\x00', r8}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x20}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x88}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xa4}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x82}]}, 0x34}}, 0x4008051)

4.331445842s ago: executing program 4 (id=1730):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c"], 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {}, {}, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x40841}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x18, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
openat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x200, 0x104, 0x16}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2, 0x80805, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x3cd842, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x20, 0x7ffc0001}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
io_setup(0x8, &(0x7f0000004200)=<r6=>0x0)
io_pgetevents(r6, 0x3, 0x3, &(0x7f0000000a40)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x989680}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, 0x0, 0x0, 0x2, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000300000900020073857a30000000000800410073697700140033006c6f00000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)

2.661922938s ago: executing program 2 (id=1752):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="47512dbdf000fddbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32=r0, @ANYBLOB], 0x3c}}, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
utimes(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)={{0x0, 0x2710}})

2.660376568s ago: executing program 2 (id=1754):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @multicast1}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3ad"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{}, &(0x7f0000000400), &(0x7f0000000600)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f00000004c0)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xednux\x02\xc7\x12\xec\xca7\xbc\x1fS\x1c\x05y\x91\xe5\x9aL\xa9u\b\x00\x00\x00\xa0pC\x19\x9b\vY\x186\xa4\xe7\x1eg{`\xfa\xf3n\x8fIj6f\xfb\x13-g\x19(a6\x18\xe24nz\x83w8\xff\xfb\x83\f\x9a\xda\xc5w\x8eo\x02\xa3\xc1\x83\x91\xc6\xfd\x8c\xc4s\x03\x16\xa4+\xce|^\x98K_0\x8a\xb0\xff~\x1e\xd92\xb4r\xd8\xe7', 0x40, 0x110, 0x0)
mq_timedreceive(r4, 0x0, 0xfffffffffffffee3, 0x2000000, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@block_validity}, {@norecovery}, {@auto_da_alloc}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000f80)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_open_dev$sg(0x0, 0x0, 0x5)
socket(0x1e, 0x4, 0x0)
socket(0x10, 0x4, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r5, 0x40045402, &(0x7f0000000140)=0x1)

2.584396959s ago: executing program 1 (id=1759):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf250301f2800c00180008ac0f00000020001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be0400e9000067fb9ac394f8f87f33ab7eac2a9c59d7f835e7eae9046376b02193e054c021d93c69e8daab6d307d447240ad333185d537c7230fc2be6b6fb106a9fa07aca6dcdd559f9646b15e9d29e76c3024accb1d3b46474857e24e910338e5cfc5a208bad47f9f0232b3ddfab202d63218dceb86e0516be142b89a0f216fc341df3e5f2074daf5f3351d8c37d1ae74525b3bef96989c0e78cf9af31439"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2.53965749s ago: executing program 1 (id=1761):
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))

2.486422251s ago: executing program 1 (id=1764):
ioperm(0x8001, 0x9, 0x4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {<r1=>0x0, 0xee00}}, '.\x00'})
setuid(r1)
socket$inet6_udp(0xa, 0x2, 0x0)
ioperm(0x100000001, 0x7, 0x8)
r2 = syz_clone(0x62012080, &(0x7f0000000040)="e696f15e0059db86cd71bfdcaa5fd2179740a3fb67149e2ced616af708b79d74ad883d65b0c60be399de4cd3f2ca9f2cd9e904060a6e618b4c9cbb987846f301c14a8a52e50f69eb4c023d7a2e62afd2c98cff91d4989c50b26fe1fb2318a60673aa9ba633a27bd88ec32e16bbb4ec837f381cff4fd991b1423071a5756686f1fd76a14cd619013ff0403a3d6e49e0176515f56612898ecf40006b1072ca914c31726a395c", 0xa5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8174761273207138194cdd7958e6295401e78d7cc43ce5466fd3589d376ecce1a3cd52cdba62e01856f8")
ioperm(0x8, 0x7c3ef30f, 0x401)
ioperm(0x2, 0x200, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000200)=@filter={'filter\x00', 0xe, 0x4, 0x440, 0xffffffff, 0x260, 0x0, 0x260, 0xffffffff, 0xffffffff, 0x370, 0x370, 0x370, 0xffffffff, 0x4, &(0x7f00000001c0), {[{{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x5, 0x0, {0xc4}}}}, {{@uncond, 0x0, 0x108, 0x178, 0x0, {}, [@common=@srh={{0x30}, {0x67, 0x9, 0xa, 0x1, 0x2, 0x8, 0x80a}}, @common=@frag={{0x30}, {[0x151c141c, 0x2], 0xda, 0x0, 0x1}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0xff, 0x6, 0x2, 0x0, 0x0, "0a0566aafb93239c6b030fccd68a5d7b746bc8e08e53bdf3192ccd74354d736f04e96e57ac9a60e70744185c0f2454de59e49b3d88019f09970c5f8595a9331e"}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x5, 0x1, 0x7, 0x0, 0xd, 0xf, 0x1, 0x9]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4a0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000006c0)=0x800, 0x4)
ioperm(0x101, 0x8, 0x2)
ioperm(0x6, 0x3, 0x1)
lremovexattr(&(0x7f0000000700)='./file0\x00', &(0x7f0000000740)=@known='com.apple.FinderInfo\x00')
getegid()
ioperm(0x6, 0x6, 0xa)
setpriority(0x0, r2, 0x7fffffff)
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000000780)=<r4=>0x0, &(0x7f00000007c0)=0x4)
bind$packet(r0, &(0x7f0000000800)={0x11, 0x1b, r4, 0x1, 0x4}, 0x14)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x20010, r0, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xd, 0x100010, r0, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000840)=@IORING_OP_FALLOCATE={0x11, 0x40, 0x0, @fd=r0, 0x2, 0x0, 0x2, 0x0, 0x1, {0x0, r7}})
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000980)={&(0x7f0000000880)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x7, [@var={0x7, 0x0, 0x0, 0xe, 0x3, 0x2}, @int={0xc, 0x0, 0x0, 0x1, 0x0, 0x12, 0x0, 0x7e, 0x2}, @restrict={0x1, 0x0, 0x0, 0xb, 0x4}]}, {0x0, [0x71, 0x0, 0x0, 0x2e, 0x61]}}, &(0x7f0000000900)=""/106, 0x4b, 0x6a, 0x1, 0x5, 0x10000, @value=r3}, 0x28)
close_range(r8, r0, 0x2)
ioperm(0x1, 0xff, 0x8)
ioperm(0x9, 0x3, 0xffffffffffffffff)
r9 = mq_open(&(0x7f00000009c0)='\x00', 0x1, 0x1, &(0x7f0000000a00)={0x101, 0xfffffffffffffb18, 0x281, 0xfffffffffffffbff})
mq_timedreceive(r9, &(0x7f0000000a40)=""/171, 0xab, 0x8, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000b00)={{0x1, 0x1, 0x18, r9, {0x1}}, './file0\x00'})

2.443031912s ago: executing program 1 (id=1765):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @multicast1}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3ad"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{}, &(0x7f0000000400), &(0x7f0000000600)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f00000004c0)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xednux\x02\xc7\x12\xec\xca7\xbc\x1fS\x1c\x05y\x91\xe5\x9aL\xa9u\b\x00\x00\x00\xa0pC\x19\x9b\vY\x186\xa4\xe7\x1eg{`\xfa\xf3n\x8fIj6f\xfb\x13-g\x19(a6\x18\xe24nz\x83w8\xff\xfb\x83\f\x9a\xda\xc5w\x8eo\x02\xa3\xc1\x83\x91\xc6\xfd\x8c\xc4s\x03\x16\xa4+\xce|^\x98K_0\x8a\xb0\xff~\x1e\xd92\xb4r\xd8\xe7', 0x40, 0x110, 0x0)
mq_timedreceive(r4, 0x0, 0xfffffffffffffee3, 0x2000000, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@block_validity}, {@norecovery}, {@auto_da_alloc}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000f80)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_open_dev$sg(0x0, 0x0, 0x5)
unshare(0x22020600)
r6 = socket(0x1e, 0x4, 0x0)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r7, 0x40045402, &(0x7f0000000140)=0x1)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, 0x0, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="140100001e000100000000000200000001"], 0x114}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000001dc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1.798509882s ago: executing program 5 (id=1782):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f0000000080)=0x1e)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x1, 0x1, 0x4, {0xa, 0x4e23, 0x2, @local, 0x236}}}, 0x3a)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRESOCT=r1, @ANYRES32=r3, @ANYRES64=r2], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6f, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000001500000000000800000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x18)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d61"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

1.783009442s ago: executing program 2 (id=1784):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10)
syslog(0xb, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x4c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x8008551d, &(0x7f0000000340)=ANY=[@ANYBLOB="52660000010000008c71b42678c7d2e9ec1114f614b20bdc1a75d1a4e8fd4da060fd491b0a"])

1.742813013s ago: executing program 5 (id=1785):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0xd)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x5)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)

1.725402953s ago: executing program 5 (id=1786):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x5, 0x7}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c000280050001000000000008000740000000001800068014000400200100000000"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)

1.648853174s ago: executing program 2 (id=1787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000005c0)={[{@inlinecrypt}, {@stripe={'stripe', 0x3d, 0x1}}, {@quota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sysvgroups}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0x100000001}}], [{@appraise}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r2, 0x20, 0x0, 0x8)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f00000012c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)

1.611743195s ago: executing program 5 (id=1788):
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000000c0)={<r1=>0x0, 0xb, "376c3cfc155acd8a7942ba"}, &(0x7f0000000680)=0x13)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000006c0)={r1, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x7, 0x75, 0x3, 0x7, 0x91, 0x0, 0x9}, &(0x7f0000000780)=0x9c) (async)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000006c0)={r1, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x7, 0x75, 0x3, 0x7, 0x91, 0x0, 0x9}, &(0x7f0000000780)=0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x7f, 0x2, 0x9, 0xd, 0x4, 0x7, 0x8, 0x5, 0x2, 0xc, 0x6, 0x40, 0x13, 0x5}, 0xe)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3000987df1cf017a0000010101f4e145d685f28fd45027fa0f309f4203c5fd0000000076de800800010008000000100001800c00025dcd5202791290c8626f05dfc2"], 0x30}, 0x1, 0x0, 0x0, 0x8008001}, 0x24008854)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x50)
socket$packet(0x11, 0x3, 0x300) (async)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0x7, &(0x7f0000000100)={0x5, 0x5}, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) (async)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r4}, 0x10)
madvise(&(0x7f00000cb000/0x1000)=nil, 0x1000, 0xe) (async)
madvise(&(0x7f00000cb000/0x1000)=nil, 0x1000, 0xe)
sync_file_range(0xffffffffffffffff, 0x6, 0x10000000000000, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=<r5=>0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000043, &(0x7f0000000000)={[{@auto_da_alloc_val}]}, 0xa, 0x501, &(0x7f0000000140)="$eJzs3U9vG2kZAPBnnHibpGGdXTgsK7FbdrtKEdRJNvsn4rBsJf6cVkKUexoSJ4rixFXitE1UQfoJQKgCJE6cuCDxAZBQPwJCqgQ3DpxAFaTtgQsyGnvcJo6dJtRrt87vJ03nnfet53mepB7POzOqAzizLkTEpxExFBHvRUQh689lS+w1lvTvPdy/vZguSdRqV/+VRJL1te7zfPay1A++F/Gj5GjcrZ3dtYVyubR5uHv38ur6wkpppbQxOzvz0dzHcx/OTZ+wkmT4uNFXI+KTbz/+xU9/+91P/viNm3+f/+elH+cj4lo23q6ObmiUno+Rc82eY9N86QxlFeX7nQgAACdyMSJej4h3IuJrUYihATs/BQAAACJq3xpv3pmqAQAAAIMpFxHjkeSK2fO+45HLFYuNZ3i/FGO5cmWr+vXlyvbGUjoWMRH53PJquTSdPSs8Efkk3Z6pt59uv9+yPRsRr0XE3cJoul0fAwAAAHrjfMv8/3GhMf8HAAAABoyb8QAAADD4zP8BAABg8Jn/AwAAwED7/mefpUvt4f7t+vcALN3Y2V6r3Li8VNpaK65vLxYXK5vXiyuVykq5VBx69v7Klcr1D2Jj+9ZUdXirOrW1szu/XtneqM7Xv9d7vvR6D2oCAAAADnvt7Xt/TSJi75uj9SX1SjaW72tmwAskGW7puPbVPmUCdMUJLukfdmH780kE6LnWz3Tg7DDHB5LWjpYTg5FOpwp/On0s5xwAANAfk192/x/Oqly/EwD65mf9TgDoG9fi4ezKn/4JQGDAHLn/32Kk08Az7v8/vYZYq506KQAAoKvGG6u9yO4FjkcuVyw+uS2YLK+WS9MR8WpE/KWQP5duz/QxXwAAAAAAAAAAAAAAAAAAAAAAAAB4GdVqSdQAAACAgRaR+0eSff/XZOHieOv1gVeS/xTq64i4+eurv7y1UK1uzqT9/37SX/1V1v9+P65gAAAAwFmUP3a0OU9vzuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJse7t9ebC69jPvgSozGRLv4wzFSX49EPiLGHiUxfOB1SUQMdSH+3p2IeKNd/CRNKyayLMYenTv0ulxEjPY0/uH60/jnuxAfzrJ7VyLi03bvv1xcqK/bv/+Gs+V5PbhSf5O3jd88/g11OP594YQx3rz/+6mO8e9EvDnc/vjTjJ90iP/uCeNf++Hubqex2m8iJtt+/iSHYk1V169Pbe3sXl5dX1gprZQ2ZmdnPpr7eO7Duemp5dVyKfuzbYyff+UPe3c71p+rrw/Gb9Y50cjwJ53qv3jC+v97/9b+FxvN/NH4EZfebf/7f6O+bv/zT/9NvJd9DqTjk832XqN90Fu/+/NbnXJL4y91+Pk3fv+FWqf6L3UuOTnQPlIzANBfWzu7awvlcmmzB413PujeDpMe5fwyNFbGInoedOTFqL3Xje88936ap8PPs5+/da2udM7QfqjPByYAAKDrnp709zsTAAAAAAAAAAAAAAAAAAAAOLv+r/887O3Tvao15l5/SgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONb/AgAA//9nwsbL")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000000003000000000003000000000000"], 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000000003000000000003000000000000"], 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
readv(r6, &(0x7f0000000dc0)=[{&(0x7f0000000900)=""/140, 0x8c}, {&(0x7f00000007c0)=""/11, 0xb}, {&(0x7f00000009c0)=""/223, 0xdf}, {&(0x7f0000000ac0)=""/101, 0x65}, {&(0x7f0000000b40)=""/29, 0x1d}, {&(0x7f0000000b80)}, {&(0x7f0000000bc0)=""/233, 0xe9}, {&(0x7f0000000cc0)=""/202, 0xca}], 0x8) (async)
readv(r6, &(0x7f0000000dc0)=[{&(0x7f0000000900)=""/140, 0x8c}, {&(0x7f00000007c0)=""/11, 0xb}, {&(0x7f00000009c0)=""/223, 0xdf}, {&(0x7f0000000ac0)=""/101, 0x65}, {&(0x7f0000000b40)=""/29, 0x1d}, {&(0x7f0000000b80)}, {&(0x7f0000000bc0)=""/233, 0xe9}, {&(0x7f0000000cc0)=""/202, 0xca}], 0x8)
socket$l2tp(0x2, 0x2, 0x73)
syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000f0000000000010000000000000008000000950000003dfae5110000"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0xb, r6, 0x8, 0x0, 0x0, 0x14, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

1.577495676s ago: executing program 1 (id=1789):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf250301f2800c00180008ac0f00000020001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be0400e9000067fb9ac394f8f87f33ab7eac2a9c59d7f835e7eae9046376b02193e054c021d93c69e8daab6d307d447240ad333185d537c7230fc2be6b6fb106a9fa07aca6dcdd559f9646b15e9d29e76c3024accb1d3b46474857e24e910338e5cfc5a208bad47f9f0232b3ddfab202d63218dceb86e0516be142b89a0f216fc341df3e5f2074daf5f3351d8c37d1ae74525b3bef96989c0e78cf9af31439"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1.425766348s ago: executing program 1 (id=1790):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
nanosleep(&(0x7f0000000040), 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='bdi_dirty_ratelimit\x00', r0}, 0xfffffffffffffef4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x840000000002, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="38f80000bfd0031a000000000000000018100200", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x18, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x90000000, @void, @value}, 0x94)
bind$tipc(0xffffffffffffffff, &(0x7f0000000100)=@name={0x1e, 0x2, 0x1, {{0x42, 0x3}}}, 0x10)

1.179670422s ago: executing program 4 (id=1792):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@nodelalloc}, {@stripe}, {@jqfmt_vfsold}]}, 0x3, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r1)
syz_io_uring_setup(0xd0, &(0x7f0000000080)={0x0, 0x8b48, 0x2000, 0x1, 0x3d8}, &(0x7f0000ff0000), 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

871.648327ms ago: executing program 4 (id=1793):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = mq_open(&(0x7f0000000000)='kfree\x00', 0x40, 0x40, 0x0)
mq_getsetattr(r2, 0x0, 0x0)

867.724096ms ago: executing program 3 (id=1794):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

802.928137ms ago: executing program 2 (id=1795):
mremap(&(0x7f00007f1000/0x4000)=nil, 0x4000, 0x1000, 0x4, &(0x7f0000529000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x40)
fcntl$notify(r0, 0x402, 0x8000003d)
mkdirat(r0, &(0x7f0000000380)='./file1\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

600.422301ms ago: executing program 4 (id=1796):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf250301f2800c00180008ac0f00000020001400010000000000000000000000ffffac14142d50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be0400e9000067fb9ac394f8f87f33ab7eac2a9c59d7f835e7eae9046376b02193e054c021d93c69e8daab6d307d447240ad333185d537c7230fc2be6b6fb106a9fa07aca6dcdd559f9646b15e9d29e76c3024accb1d3b46474857e24e910338e5cfc5a208bad47f9f0232b3ddfab202d63218dceb86e0516be142b89a0f216fc341df3e5f2074daf5f3351d8c37d1ae74525b3bef96989c0e78cf9af31439"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

522.166092ms ago: executing program 3 (id=1797):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000680)=@mangle={'mangle\x00', 0x64, 0x6, 0x600, 0x0, 0x0, 0x1d0, 0x0, 0x1d0, 0x530, 0x530, 0x530, 0x530, 0x530, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'vcan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@inet=@ecn={{0x28}}, @common=@ipv6header={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [], 'veth1_to_team\x00', 'veth0_macvtap\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@hbh={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x660)

492.162603ms ago: executing program 5 (id=1798):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x5, 0x7}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c0002800500010000000000080007400000000018000680140004002001000000000000000000"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)

491.034523ms ago: executing program 3 (id=1799):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202020730a12ff00000000bda100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x10000000})
epoll_create1(0x0)
socket(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xbc, &(0x7f0000000580)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r5}, &(0x7f0000000040), &(0x7f0000000200)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r7, 0x0, 0x40000000000000}, 0x18)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000280)=0x6)
ioctl$EVIOCGRAB(r4, 0x40044590, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRESDEC, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xfc, 0x5, 0x0, 0x0, 0x7, 0x89008, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x8, 0x7ffffefc, 0x3, 0x1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x1}, 0x0, 0x6, 0xffffffffffffffff, 0x9)
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r8, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r8, &(0x7f0000000080), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9, 0x0, 0xfffffffffffffffd}, 0x18)

477.772783ms ago: executing program 4 (id=1800):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)

453.590504ms ago: executing program 2 (id=1801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000005c0)={[{@inlinecrypt}, {@stripe={'stripe', 0x3d, 0x1}}, {@quota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sysvgroups}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0x100000001}}], [{@appraise}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r3, 0x20, 0x0, 0x8)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f00000012c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)

447.845963ms ago: executing program 5 (id=1802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000005c0)={[{@inlinecrypt}, {@stripe={'stripe', 0x3d, 0x1}}, {@quota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@sysvgroups}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0x100000001}}], [{@appraise}]}, 0x1, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r3, 0x20, 0x0, 0x8)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f00000012c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)

404.441594ms ago: executing program 4 (id=1803):
futex(&(0x7f0000000400)=0x2, 0xb, 0x1, 0x0, &(0x7f0000000580)=0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x62, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000c40)=ANY=[@ANYBLOB="85000000ae00000025000000000000009500000000000000afcd48d649379071c33390e418ec470db2c6161dba392176dd296303406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c126ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a8f27e02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b75b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d988c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438a58c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e0bb24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c38680a377f8c26e6e382067f690089f34b13ee0633a171c7918401acd4575f1443815854f775308c083ff4f4046cfca8bca48e6db6b211113c06797722230af92290231a0f02e247cf96876257dac9ff0b8f07ff5916a8ccd3f15b389d34520f074c6f006e0383280bf0b9765c995ef1e696a1da41d9372a1c9d85f1a83b6213b5fb236fbeda8fb90dee70ca3cfc0833741a0e9341ab4dee09669b832840fef5a2bbebd5957503656c445a428efc5711d1c66093b360c63e63e91cb871f8dc43a915ec87be492daec18847de7032d5c97d0296a1fa97d17f8546290c1a325221f36f8d749d4a9aa1883a41d92228c93b60fe677f4f9d51fadbba6dd46222fd11f678d7e9a307024806cc28cba904f8d12870b4528b8d75fd29adacf0a52cdfaf4e43f00e532cfc15f394db7d521339aa980f81bd78a82d84dba575391bee41c95daf3b576feed54d448d36ad0000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r4}, 0x10)
mlockall(0x7)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)

80.414029ms ago: executing program 3 (id=1804):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0xd)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x5)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)

79.266129ms ago: executing program 3 (id=1805):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f0000000080)=0x1e)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x1, 0x1, 0x4, {0xa, 0x4e23, 0x2, @local, 0x236}}}, 0x3a)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRESOCT=r1, @ANYRES32=r3, @ANYRES64=r2], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6f, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000001500000000000800000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x18)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r6, 0x0, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

0s ago: executing program 3 (id=1806):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x43, 0x0)
fallocate(r3, 0x3, 0x5000000, 0x8000c62)
write$selinux_load(r3, &(0x7f0000000380)={0xf97cff8c, 0x8, 'SE Linux', "b3f65fceb2fe454ed4c4e7e1ac6555a38d6bcfe03a44fd7a313e4b2c938cc9a9605d0d562ab30b2e9a5945fb64462d12cf7c46b7c57ff282bca448ade5a8204bb9750247e858008362f05d7782480b5ac96a039a7f6e3411027007f00f36d04d69aa9dee6febe7507e9f76efd48d8457e99f4e25453e16c21d736127cbeb038b8951beacb33aebd3614efa4656d9301c7b21bf2f9369ba83d3281dc1df3090c81ed298490f1860a2a6545449077f94e0cc42d6b48ce12a4d2f6f214f95d49a54d9c15c878863757e7c42d71d27fd9d92d8339eb6a51ce68a7bda20e9d5dc7b534ea209402c5dce6fe90483dccc764b5a59ed"}, 0x102)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r4, &(0x7f0000000000)=ANY=[], 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket(0x28, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_procfs(0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x20004065}, 0x0)

kernel console output (not intermixed with test programs):

orphan inode deleted
[  108.105346][ T7174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.118855][   T57] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  108.134097][ T7174] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.145385][ T7181] loop0: detected capacity change from 0 to 512
[  108.153464][ T7181] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  108.154033][ T7174] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.175918][ T7181] EXT4-fs (loop0): 1 truncate cleaned up
[  108.182236][ T7181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.262236][ T7184] loop4: detected capacity change from 0 to 512
[  108.296289][ T7184] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  108.316556][ T7184] EXT4-fs (loop4): 1 truncate cleaned up
[  108.326351][ T7184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.403024][ T7191] tipc: Started in network mode
[  108.407962][ T7191] tipc: Node identity 8a35245685c5, cluster identity 4711
[  108.415655][ T7191] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  108.423668][ T7192] syzkaller0: MTU too low for tipc bearer
[  108.429503][ T7192] tipc: Disabling bearer <eth:syzkaller0>
[  108.436932][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.645923][ T7216] xt_TPROXY: Can be used only with -p tcp or -p udp
[  108.718175][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1388'.
[  108.727205][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1388'.
[  108.751217][ T7219] loop3: detected capacity change from 0 to 512
[  108.797725][ T7219] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  108.863452][ T7219] EXT4-fs (loop3): 1 truncate cleaned up
[  108.886065][ T7224] loop2: detected capacity change from 0 to 512
[  108.909334][ T7219] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.934770][ T7224] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  108.971499][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.971827][ T7224] EXT4-fs (loop2): 1 truncate cleaned up
[  108.987000][ T7224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.026140][ T7227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.035435][ T7227] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.206312][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.231146][ T7232] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1391'.
[  109.270477][ T7234] ip6gretap0: entered promiscuous mode
[  109.277650][ T7234] syz_tun: entered promiscuous mode
[  109.313099][ T7236] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.375176][ T7236] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.402850][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.427965][ T7242] loop0: detected capacity change from 0 to 128
[  109.441338][ T7236] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.453539][ T7242] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  109.475276][ T7242] ext4 filesystem being mounted at /288/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  109.555148][ T7236] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.595304][ T7266] loop4: detected capacity change from 0 to 1024
[  109.609564][ T7267] loop3: detected capacity change from 0 to 512
[  109.621592][ T7266] EXT4-fs: Ignoring removed orlov option
[  109.633480][ T7236] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.644941][ T7236] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.656865][ T3310] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  109.657167][ T7236] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.681305][ T7266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.682197][ T7236] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.703006][ T7267] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  109.724466][ T7267] EXT4-fs (loop3): 1 truncate cleaned up
[  109.735843][ T7267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.783906][ T7277] loop2: detected capacity change from 0 to 512
[  109.815158][   T29] kauditd_printk_skb: 593 callbacks suppressed
[  109.815175][   T29] audit: type=1326 audit(1750376680.797:8486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  109.845000][   T29] audit: type=1326 audit(1750376680.797:8487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  109.875171][   T29] audit: type=1326 audit(1750376680.797:8488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  109.898829][   T29] audit: type=1326 audit(1750376680.797:8489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  109.900816][ T7277] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.922409][   T29] audit: type=1326 audit(1750376680.797:8490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  109.934985][ T7277] ext4 filesystem being mounted at /297/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.958201][   T29] audit: type=1326 audit(1750376680.797:8491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  109.992398][   T29] audit: type=1326 audit(1750376680.797:8492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  110.016054][   T29] audit: type=1326 audit(1750376680.797:8493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  110.039527][   T29] audit: type=1326 audit(1750376680.797:8494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  110.063203][   T29] audit: type=1326 audit(1750376680.797:8495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7278 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8de48e929 code=0x7ffc0000
[  110.111432][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.181417][ T7290] loop0: detected capacity change from 0 to 128
[  110.194032][ T7294] loop2: detected capacity change from 0 to 128
[  110.273554][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.285177][ T7298] loop0: detected capacity change from 0 to 256
[  110.291794][ T7296] FAULT_INJECTION: forcing a failure.
[  110.291794][ T7296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.304925][ T7296] CPU: 0 UID: 0 PID: 7296 Comm: syz.2.1412 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  110.305040][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.305055][ T7296] Call Trace:
[  110.305062][ T7296]  <TASK>
[  110.305071][ T7296]  __dump_stack+0x1d/0x30
[  110.305103][ T7296]  dump_stack_lvl+0xe8/0x140
[  110.305126][ T7296]  dump_stack+0x15/0x1b
[  110.305155][ T7296]  should_fail_ex+0x265/0x280
[  110.305227][ T7296]  should_fail+0xb/0x20
[  110.305254][ T7296]  should_fail_usercopy+0x1a/0x20
[  110.305349][ T7296]  _copy_from_iter+0xcf/0xe40
[  110.305370][ T7296]  ? __build_skb_around+0x1a0/0x200
[  110.305403][ T7296]  ? __alloc_skb+0x223/0x320
[  110.305516][ T7296]  netlink_sendmsg+0x471/0x6b0
[  110.305541][ T7296]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.305563][ T7296]  __sock_sendmsg+0x145/0x180
[  110.305669][ T7296]  ____sys_sendmsg+0x31e/0x4e0
[  110.305763][ T7296]  ___sys_sendmsg+0x17b/0x1d0
[  110.305833][ T7296]  __x64_sys_sendmsg+0xd4/0x160
[  110.305890][ T7296]  x64_sys_call+0x2999/0x2fb0
[  110.305914][ T7296]  do_syscall_64+0xd2/0x200
[  110.305934][ T7296]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.305968][ T7296]  ? clear_bhb_loop+0x40/0x90
[  110.305987][ T7296]  ? clear_bhb_loop+0x40/0x90
[  110.306010][ T7296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.306034][ T7296] RIP: 0033:0x7f436336e929
[  110.306053][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.306112][ T7296] RSP: 002b:00007f43619d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.306134][ T7296] RAX: ffffffffffffffda RBX: 00007f4363595fa0 RCX: 00007f436336e929
[  110.306155][ T7296] RDX: 0000000004000004 RSI: 0000200000000080 RDI: 0000000000000003
[  110.306170][ T7296] RBP: 00007f43619d7090 R08: 0000000000000000 R09: 0000000000000000
[  110.306186][ T7296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.306200][ T7296] R13: 0000000000000000 R14: 00007f4363595fa0 R15: 00007ffe35ab1ff8
[  110.306219][ T7296]  </TASK>
[  110.537879][ T7298] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  110.545605][ T7298] FAT-fs (loop0): Filesystem has been set read-only
[  110.563617][ T7301] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  110.565616][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.584884][ T7298] syz.0.1413 uses obsolete (PF_INET,SOCK_PACKET)
[  110.594126][ T7307] __nla_validate_parse: 4 callbacks suppressed
[  110.594153][ T7307] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1416'.
[  110.609808][ T7307] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1416'.
[  110.721287][ T7326] loop2: detected capacity change from 0 to 128
[  110.838494][ T7351] netlink: 'syz.4.1434': attribute type 1 has an invalid length.
[  110.846383][ T7351] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1434'.
[  110.852725][ T7349] loop0: detected capacity change from 0 to 1024
[  110.864725][ T7349] EXT4-fs: Ignoring removed nobh option
[  110.870431][ T7349] EXT4-fs: Ignoring removed bh option
[  110.886319][ T7349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.900392][ T7363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.909465][ T7363] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.929413][ T7365] FAULT_INJECTION: forcing a failure.
[  110.929413][ T7365] name failslab, interval 1, probability 0, space 0, times 0
[  110.930001][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.942116][ T7365] CPU: 1 UID: 0 PID: 7365 Comm: syz.4.1438 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  110.942150][ T7365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.942162][ T7365] Call Trace:
[  110.942200][ T7365]  <TASK>
[  110.942209][ T7365]  __dump_stack+0x1d/0x30
[  110.942231][ T7365]  dump_stack_lvl+0xe8/0x140
[  110.942250][ T7365]  dump_stack+0x15/0x1b
[  110.942311][ T7365]  should_fail_ex+0x265/0x280
[  110.942341][ T7365]  should_failslab+0x8c/0xb0
[  110.942364][ T7365]  kmem_cache_alloc_noprof+0x50/0x310
[  110.942388][ T7365]  ? security_file_alloc+0x32/0x100
[  110.942452][ T7365]  security_file_alloc+0x32/0x100
[  110.942472][ T7365]  init_file+0x5c/0x1d0
[  110.942496][ T7365]  alloc_empty_file+0x8b/0x200
[  110.942519][ T7365]  path_openat+0x68/0x2170
[  110.942603][ T7365]  ? _parse_integer_limit+0x170/0x190
[  110.942633][ T7365]  ? kstrtoull+0x111/0x140
[  110.942658][ T7365]  ? kstrtouint+0x76/0xc0
[  110.942684][ T7365]  do_filp_open+0x109/0x230
[  110.942841][ T7365]  do_sys_openat2+0xa6/0x110
[  110.942867][ T7365]  __x64_sys_openat+0xf2/0x120
[  110.942901][ T7365]  x64_sys_call+0x1af/0x2fb0
[  110.942924][ T7365]  do_syscall_64+0xd2/0x200
[  110.943006][ T7365]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.943045][ T7365]  ? clear_bhb_loop+0x40/0x90
[  110.943142][ T7365]  ? clear_bhb_loop+0x40/0x90
[  110.943163][ T7365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.943258][ T7365] RIP: 0033:0x7fcf574ce929
[  110.943273][ T7365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.943289][ T7365] RSP: 002b:00007fcf55b37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  110.943309][ T7365] RAX: ffffffffffffffda RBX: 00007fcf576f5fa0 RCX: 00007fcf574ce929
[  110.943322][ T7365] RDX: 0000000000002040 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  110.943334][ T7365] RBP: 00007fcf55b37090 R08: 0000000000000000 R09: 0000000000000000
[  110.943347][ T7365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.943359][ T7365] R13: 0000000000000000 R14: 00007fcf576f5fa0 R15: 00007ffc581ba578
[  110.943386][ T7365]  </TASK>
[  111.260498][ T7376] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1442'.
[  111.270285][    T9] IPVS: starting estimator thread 0...
[  111.299857][ T7381] loop4: detected capacity change from 0 to 1024
[  111.306480][ T7381] EXT4-fs: Ignoring removed orlov option
[  111.329741][ T7376] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1442'.
[  111.358940][ T7377] IPVS: using max 3072 ests per chain, 153600 per kthread
[  111.413255][ T7385] FAULT_INJECTION: forcing a failure.
[  111.413255][ T7385] name failslab, interval 1, probability 0, space 0, times 0
[  111.426103][ T7385] CPU: 1 UID: 0 PID: 7385 Comm: syz.3.1446 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  111.426132][ T7385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.426142][ T7385] Call Trace:
[  111.426148][ T7385]  <TASK>
[  111.426155][ T7385]  __dump_stack+0x1d/0x30
[  111.426177][ T7385]  dump_stack_lvl+0xe8/0x140
[  111.426200][ T7385]  dump_stack+0x15/0x1b
[  111.426268][ T7385]  should_fail_ex+0x265/0x280
[  111.426295][ T7385]  should_failslab+0x8c/0xb0
[  111.426316][ T7385]  kmem_cache_alloc_noprof+0x50/0x310
[  111.426398][ T7385]  ? getname_flags+0x80/0x3b0
[  111.426427][ T7385]  getname_flags+0x80/0x3b0
[  111.426447][ T7385]  __x64_sys_renameat2+0x6c/0x90
[  111.426467][ T7385]  x64_sys_call+0x2bf6/0x2fb0
[  111.426490][ T7385]  do_syscall_64+0xd2/0x200
[  111.426511][ T7385]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.426593][ T7385]  ? clear_bhb_loop+0x40/0x90
[  111.426613][ T7385]  ? clear_bhb_loop+0x40/0x90
[  111.426636][ T7385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.426660][ T7385] RIP: 0033:0x7ff48082e929
[  111.426714][ T7385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.426731][ T7385] RSP: 002b:00007ff47ee97038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  111.426819][ T7385] RAX: ffffffffffffffda RBX: 00007ff480a55fa0 RCX: 00007ff48082e929
[  111.426833][ T7385] RDX: ffffffffffffff9c RSI: 0000000000000000 RDI: ffffffffffffff9c
[  111.426884][ T7385] RBP: 00007ff47ee97090 R08: 0000000000000000 R09: 0000000000000000
[  111.426896][ T7385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.426907][ T7385] R13: 0000000000000000 R14: 00007ff480a55fa0 R15: 00007ffdaacaa568
[  111.426924][ T7385]  </TASK>
[  111.691381][   T41] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.711795][ T7395] loop1: detected capacity change from 0 to 512
[  111.751069][   T41] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.771542][ T7399] netlink: 'syz.3.1454': attribute type 21 has an invalid length.
[  111.812432][ T7395] ext4 filesystem being mounted at /350/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.824811][ T7399] lo speed is unknown, defaulting to 1000
[  111.830782][ T7399] lo speed is unknown, defaulting to 1000
[  111.836916][ T7399] lo speed is unknown, defaulting to 1000
[  111.843500][ T7399] infiniband sxz0: RDMA CMA: cma_listen_on_dev, error -98
[  111.861846][   T41] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.879813][ T7399] lo speed is unknown, defaulting to 1000
[  111.905995][ T7399] lo speed is unknown, defaulting to 1000
[  111.913540][   T41] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.935882][ T7399] lo speed is unknown, defaulting to 1000
[  111.942292][ T7399] lo speed is unknown, defaulting to 1000
[  111.948567][ T7399] lo speed is unknown, defaulting to 1000
[  111.990640][ T7413] netlink: 'syz.3.1456': attribute type 13 has an invalid length.
[  112.015158][   T41] bridge_slave_1: left allmulticast mode
[  112.020948][   T41] bridge_slave_1: left promiscuous mode
[  112.026692][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.035827][   T41] bridge_slave_0: left allmulticast mode
[  112.041650][   T41] bridge_slave_0: left promiscuous mode
[  112.047516][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.076532][ T7416] loop3: detected capacity change from 0 to 512
[  112.102472][ T7416] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  112.129930][ T7416] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  112.138009][ T7416] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  112.146925][ T7416] System zones: 0-1, 15-15, 18-18, 34-34
[  112.170918][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.181279][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.191070][   T41] bond0 (unregistering): Released all slaves
[  112.268976][ T7416] EXT4-fs (loop3): orphan cleanup on readonly fs
[  112.275745][ T7416] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  112.279944][ T7402] lo speed is unknown, defaulting to 1000
[  112.290424][ T7416] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  112.296554][ T7402] lo speed is unknown, defaulting to 1000
[  112.309262][ T7416] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1456: bg 0: block 40: padding at end of block bitmap is not set
[  112.311188][ T7402] lo speed is unknown, defaulting to 1000
[  112.324646][ T7416] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  112.342277][   T41] tipc: Left network mode
[  112.357883][ T7416] EXT4-fs (loop3): 1 truncate cleaned up
[  112.357964][ T7420] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1457'.
[  112.375498][   T41] hsr_slave_0: left promiscuous mode
[  112.381710][   T41] hsr_slave_1: left promiscuous mode
[  112.387612][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.395208][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.403999][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.412051][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.425114][   T41] veth1_macvtap: left promiscuous mode
[  112.425400][ T7424] loop4: detected capacity change from 0 to 128
[  112.431332][   T41] veth0_macvtap: left promiscuous mode
[  112.443042][   T41] veth1_vlan: left promiscuous mode
[  112.448586][   T41] veth0_vlan: left promiscuous mode
[  112.460199][ T7426] loop4: detected capacity change from 0 to 128
[  112.523268][   T41] team0 (unregistering): Port device team_slave_1 removed
[  112.532938][   T41] team0 (unregistering): Port device team_slave_0 removed
[  112.564586][ T7430] netlink: 'syz.4.1462': attribute type 13 has an invalid length.
[  112.586582][ T7402] chnl_net:caif_netlink_parms(): no params data found
[  112.617528][ T7430] loop4: detected capacity change from 0 to 512
[  112.624712][ T7430] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  112.625212][ T7402] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.640733][ T7402] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.648064][ T7402] bridge_slave_0: entered allmulticast mode
[  112.654698][ T7402] bridge_slave_0: entered promiscuous mode
[  112.656670][ T7430] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  112.661702][ T7402] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.668542][ T7430] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  112.675602][ T7402] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.685506][ T7430] System zones: 0-1, 15-15
[  112.690856][ T7402] bridge_slave_1: entered allmulticast mode
[  112.695682][ T7430] , 18-18, 34-34
[  112.696348][ T7430] EXT4-fs (loop4): orphan cleanup on readonly fs
[  112.702320][ T7402] bridge_slave_1: entered promiscuous mode
[  112.707156][ T7430] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  112.732231][ T7430] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  112.739392][ T7430] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1462: bg 0: block 40: padding at end of block bitmap is not set
[  112.754504][ T7430] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  112.764173][ T7430] EXT4-fs (loop4): 1 truncate cleaned up
[  112.765344][ T7402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.795331][ T7402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.805554][ T7430] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1462'.
[  112.805578][ T7440] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1463'.
[  112.824937][ T7430] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  112.832971][ T7430] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  112.853545][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1463'.
[  112.854244][ T7402] team0: Port device team_slave_0 added
[  112.874547][ T7402] team0: Port device team_slave_1 added
[  112.882410][   T41] IPVS: stop unused estimator thread 0...
[  112.887425][ T7443] __vm_enough_memory: pid: 7443, comm: syz.3.1464, bytes: 21200254676992 not enough memory for the allocation
[  112.907655][ T7402] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.914711][ T7402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.940771][ T7402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.960271][ T7402] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.967330][ T7402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.993371][ T7402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.046812][ T7402] hsr_slave_0: entered promiscuous mode
[  113.059348][ T7402] hsr_slave_1: entered promiscuous mode
[  113.073279][ T7402] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  113.086056][ T7443] loop3: detected capacity change from 0 to 512
[  113.086814][ T7402] Cannot create hsr debugfs directory
[  113.102887][ T7443] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  113.128452][ T7443] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  113.137370][ T7443] System zones: 1-12
[  113.151663][ T7443] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: inode #11: comm syz.3.1464: missing EA_INODE flag
[  113.154873][ T7445] lo speed is unknown, defaulting to 1000
[  113.168306][ T7443] EXT4-fs (loop3): Remounting filesystem read-only
[  113.178693][ T7443] EXT4-fs (loop3): 1 orphan inode deleted
[  113.189699][ T7449] loop1: detected capacity change from 0 to 128
[  113.196420][ T7445] lo speed is unknown, defaulting to 1000
[  113.207958][ T7444] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  113.215893][ T7444] FAT-fs (loop1): Filesystem has been set read-only
[  113.223266][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.223266][ T7444] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  113.237596][ T7444] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  113.245592][ T7444] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  113.254626][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.254626][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.276734][ T7445] lo speed is unknown, defaulting to 1000
[  113.285054][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.285054][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.298880][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.298880][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.316425][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.316425][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.330359][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.330359][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.351540][ T7402] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  113.369550][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.369550][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.387055][ T7402] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  113.394437][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.394437][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.400054][ T7451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.407876][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.407876][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.420688][ T7451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.437590][ T7444] syz.1.1465: attempt to access beyond end of device
[  113.437590][ T7444] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  113.440354][ T7402] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  113.455237][ T7449] Buffer I/O error on dev loop1, logical block 2065, async page read
[  113.468377][ T7453] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1467'.
[  113.470606][ T7449] Buffer I/O error on dev loop1, logical block 2066, async page read
[  113.487714][ T7449] Buffer I/O error on dev loop1, logical block 2067, async page read
[  113.496337][ T7449] Buffer I/O error on dev loop1, logical block 2068, async page read
[  113.504851][ T7402] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  113.512408][ T7449] Buffer I/O error on dev loop1, logical block 2069, async page read
[  113.526609][ T7449] Buffer I/O error on dev loop1, logical block 2070, async page read
[  113.532485][ T7457] loop3: detected capacity change from 0 to 1024
[  113.534816][ T7449] Buffer I/O error on dev loop1, logical block 2071, async page read
[  113.549950][ T7449] Buffer I/O error on dev loop1, logical block 2072, async page read
[  113.558386][ T7449] Buffer I/O error on dev loop1, logical block 2065, async page read
[  113.558693][ T7457] EXT4-fs: inline encryption not supported
[  113.566635][ T7449] Buffer I/O error on dev loop1, logical block 2066, async page read
[  113.578865][ T7457] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.587148][ T7457] ext4: Bad value for 'barrier'
[  113.607172][ T7457] loop3: detected capacity change from 0 to 1024
[  113.615332][ T7457] EXT4-fs: Ignoring removed orlov option
[  113.655215][ T7402] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.682192][ T7402] 8021q: adding VLAN 0 to HW filter on device team0
[  113.692111][ T3448] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.699281][ T3448] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.710942][ T3448] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.718048][ T3448] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.770488][ T7467] loop1: detected capacity change from 0 to 1024
[  113.777488][ T7467] EXT4-fs: inline encryption not supported
[  113.786314][ T7467] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.793020][ T7467] ext4: Bad value for 'barrier'
[  113.806408][ T7467] loop1: detected capacity change from 0 to 1024
[  113.813831][ T7467] EXT4-fs: Ignoring removed orlov option
[  113.840739][ T7402] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.009221][ T7486] loop4: detected capacity change from 0 to 128
[  114.170491][ T7496] loop4: detected capacity change from 0 to 128
[  114.193314][ T7498] netlink: 'syz.2.1473': attribute type 13 has an invalid length.
[  114.212217][ T7500] loop4: detected capacity change from 0 to 2048
[  114.228464][ T7402] veth0_vlan: entered promiscuous mode
[  114.240472][ T7402] veth1_vlan: entered promiscuous mode
[  114.261456][ T7402] veth0_macvtap: entered promiscuous mode
[  114.269594][ T7500]  loop4: p1 < > p4
[  114.276485][ T7500] loop4: p4 size 8388608 extends beyond EOD, truncated
[  114.284454][ T7501] loop2: detected capacity change from 0 to 512
[  114.298818][ T7402] veth1_macvtap: entered promiscuous mode
[  114.326341][ T7402] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.336979][ T7501] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  114.348235][ T7402] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.365331][ T7402] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.374274][ T7402] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.383179][ T7402] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.391986][ T7402] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.401771][ T7501] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  114.409781][ T7501] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  114.448549][ T7501] System zones: 0-1, 15-15, 18-18, 34-34
[  114.454557][ T7501] EXT4-fs (loop2): orphan cleanup on readonly fs
[  114.461123][ T7501] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  114.475774][ T7501] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  114.485241][ T7501] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1473: bg 0: block 40: padding at end of block bitmap is not set
[  114.559826][ T7501] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  114.583519][ T7501] EXT4-fs (loop2): 1 truncate cleaned up
[  114.743035][ T7510] lo speed is unknown, defaulting to 1000
[  114.749047][ T7510] lo speed is unknown, defaulting to 1000
[  114.755091][ T7510] lo speed is unknown, defaulting to 1000
[  114.769532][ T7510] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  114.799583][ T7510] lo speed is unknown, defaulting to 1000
[  114.805881][ T7510] lo speed is unknown, defaulting to 1000
[  114.816947][ T7511] 9pnet_fd: Insufficient options for proto=fd
[  114.823446][   T29] kauditd_printk_skb: 917 callbacks suppressed
[  114.823460][   T29] audit: type=1326 audit(1750376685.807:9410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f43633658e7 code=0x7ffc0000
[  114.832718][ T7510] lo speed is unknown, defaulting to 1000
[  114.853316][   T29] audit: type=1326 audit(1750376685.807:9411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f436330ab19 code=0x7ffc0000
[  114.853350][   T29] audit: type=1326 audit(1750376685.807:9412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7497 comm="syz.2.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f436336e929 code=0x7ffc0000
[  114.890975][ T7513] SELinux: failed to load policy
[  114.913590][ T7510] lo speed is unknown, defaulting to 1000
[  114.914745][   T29] audit: type=1400 audit(1750376685.867:9413): avc:  denied  { load_policy } for  pid=7508 comm="syz.5.1453" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  114.920271][ T7510] lo speed is unknown, defaulting to 1000
[  114.939687][   T29] audit: type=1326 audit(1750376685.897:9414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7515 comm="syz.4.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  114.945705][ T7514] loop1: detected capacity change from 0 to 512
[  114.968889][   T29] audit: type=1326 audit(1750376685.897:9415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7515 comm="syz.4.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  114.982960][ T7514] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  114.998734][   T29] audit: type=1326 audit(1750376685.897:9416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7515 comm="syz.4.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  115.009060][ T7514] EXT4-fs (loop1): invalid journal inode
[  115.030366][   T29] audit: type=1326 audit(1750376685.897:9417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7515 comm="syz.4.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  115.046429][ T7519] lo speed is unknown, defaulting to 1000
[  115.059611][   T29] audit: type=1326 audit(1750376685.897:9418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7515 comm="syz.4.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  115.065610][ T7519] lo speed is unknown, defaulting to 1000
[  115.088692][   T29] audit: type=1326 audit(1750376685.897:9419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7515 comm="syz.4.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  115.095193][ T7519] lo speed is unknown, defaulting to 1000
[  115.124261][ T7519] lo speed is unknown, defaulting to 1000
[  115.205726][ T7510] 9pnet_virtio: no channels available for device 127.0.0.1
[  115.221609][ T7514] EXT4-fs (loop1): can't get journal size
[  115.228987][ T7514] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[  115.237120][ T7514] System zones: 1-12, 13-13
[  115.243301][ T7514] EXT4-fs (loop1): 1 truncate cleaned up
[  115.270261][ T7523] 9pnet_fd: Insufficient options for proto=fd
[  115.303920][ T7528] FAULT_INJECTION: forcing a failure.
[  115.303920][ T7528] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.311692][ T7514] vlan2: entered allmulticast mode
[  115.317045][ T7528] CPU: 0 UID: 0 PID: 7528 Comm: syz.5.1481 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  115.317109][ T7528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.317121][ T7528] Call Trace:
[  115.317128][ T7528]  <TASK>
[  115.317135][ T7528]  __dump_stack+0x1d/0x30
[  115.317158][ T7528]  dump_stack_lvl+0xe8/0x140
[  115.317233][ T7528]  dump_stack+0x15/0x1b
[  115.317250][ T7528]  should_fail_ex+0x265/0x280
[  115.317312][ T7528]  should_fail+0xb/0x20
[  115.317338][ T7528]  should_fail_usercopy+0x1a/0x20
[  115.317509][ T7528]  _copy_from_user+0x1c/0xb0
[  115.317530][ T7528]  io_submit_one+0x52/0x11d0
[  115.317555][ T7528]  __se_sys_io_submit+0xfb/0x280
[  115.317588][ T7528]  __x64_sys_io_submit+0x43/0x50
[  115.317677][ T7528]  x64_sys_call+0xfc4/0x2fb0
[  115.317697][ T7528]  do_syscall_64+0xd2/0x200
[  115.317716][ T7528]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.317774][ T7528]  ? clear_bhb_loop+0x40/0x90
[  115.317795][ T7528]  ? clear_bhb_loop+0x40/0x90
[  115.317816][ T7528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.317837][ T7528] RIP: 0033:0x7f6a327ae929
[  115.317853][ T7528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.317871][ T7528] RSP: 002b:00007f6a30e17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  115.317930][ T7528] RAX: ffffffffffffffda RBX: 00007f6a329d5fa0 RCX: 00007f6a327ae929
[  115.317943][ T7528] RDX: 0000200000001840 RSI: 0000000000000001 RDI: 00007f6a30de6000
[  115.317965][ T7528] RBP: 00007f6a30e17090 R08: 0000000000000000 R09: 0000000000000000
[  115.317977][ T7528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.317990][ T7528] R13: 0000000000000000 R14: 00007f6a329d5fa0 R15: 00007ffdfacc12f8
[  115.318006][ T7528]  </TASK>
[  115.320013][ T7529] FAULT_INJECTION: forcing a failure.
[  115.320013][ T7529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.517448][ T7529] CPU: 0 UID: 0 PID: 7529 Comm: syz.2.1482 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  115.517473][ T7529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.517554][ T7529] Call Trace:
[  115.517558][ T7529]  <TASK>
[  115.517562][ T7529]  __dump_stack+0x1d/0x30
[  115.517575][ T7529]  dump_stack_lvl+0xe8/0x140
[  115.517585][ T7529]  dump_stack+0x15/0x1b
[  115.517593][ T7529]  should_fail_ex+0x265/0x280
[  115.517623][ T7529]  should_fail+0xb/0x20
[  115.517672][ T7529]  should_fail_usercopy+0x1a/0x20
[  115.517687][ T7529]  _copy_from_iter+0xcf/0xe40
[  115.517696][ T7529]  ? __build_skb_around+0x1a0/0x200
[  115.517711][ T7529]  ? __alloc_skb+0x223/0x320
[  115.517800][ T7529]  netlink_sendmsg+0x471/0x6b0
[  115.517811][ T7529]  ? __pfx_netlink_sendmsg+0x10/0x10
[  115.517886][ T7529]  __sock_sendmsg+0x145/0x180
[  115.517899][ T7529]  ____sys_sendmsg+0x31e/0x4e0
[  115.517975][ T7529]  ___sys_sendmsg+0x17b/0x1d0
[  115.517996][ T7529]  __x64_sys_sendmsg+0xd4/0x160
[  115.518013][ T7529]  x64_sys_call+0x2999/0x2fb0
[  115.518023][ T7529]  do_syscall_64+0xd2/0x200
[  115.518062][ T7529]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.518075][ T7529]  ? clear_bhb_loop+0x40/0x90
[  115.518085][ T7529]  ? clear_bhb_loop+0x40/0x90
[  115.518163][ T7529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.518201][ T7529] RIP: 0033:0x7f436336e929
[  115.518213][ T7529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.518227][ T7529] RSP: 002b:00007f43619d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  115.518245][ T7529] RAX: ffffffffffffffda RBX: 00007f4363595fa0 RCX: 00007f436336e929
[  115.518255][ T7529] RDX: 0000000000008000 RSI: 0000200000000840 RDI: 0000000000000003
[  115.518262][ T7529] RBP: 00007f43619d7090 R08: 0000000000000000 R09: 0000000000000000
[  115.518268][ T7529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.518274][ T7529] R13: 0000000000000000 R14: 00007f4363595fa0 R15: 00007ffe35ab1ff8
[  115.518299][ T7529]  </TASK>
[  115.747195][ T7532] loop3: detected capacity change from 0 to 512
[  115.755512][ T7532] EXT4-fs: Ignoring removed i_version option
[  115.761628][ T7532] EXT4-fs: Ignoring removed mblk_io_submit option
[  115.775111][ T7534] FAULT_INJECTION: forcing a failure.
[  115.775111][ T7534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.788649][ T7534] CPU: 1 UID: 0 PID: 7534 Comm: syz.2.1484 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  115.788676][ T7534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.788687][ T7534] Call Trace:
[  115.788693][ T7534]  <TASK>
[  115.788707][ T7534]  __dump_stack+0x1d/0x30
[  115.788731][ T7534]  dump_stack_lvl+0xe8/0x140
[  115.788752][ T7534]  dump_stack+0x15/0x1b
[  115.788791][ T7534]  should_fail_ex+0x265/0x280
[  115.788823][ T7534]  should_fail+0xb/0x20
[  115.788849][ T7534]  should_fail_usercopy+0x1a/0x20
[  115.788878][ T7534]  _copy_from_iter+0xcf/0xe40
[  115.788894][ T7534]  ? __build_skb_around+0x1a0/0x200
[  115.788970][ T7534]  ? __alloc_skb+0x223/0x320
[  115.789000][ T7534]  netlink_sendmsg+0x471/0x6b0
[  115.789023][ T7534]  ? __pfx_netlink_sendmsg+0x10/0x10
[  115.789042][ T7534]  __sock_sendmsg+0x145/0x180
[  115.789143][ T7534]  ____sys_sendmsg+0x31e/0x4e0
[  115.789250][ T7534]  ___sys_sendmsg+0x17b/0x1d0
[  115.789287][ T7534]  __x64_sys_sendmsg+0xd4/0x160
[  115.789346][ T7534]  x64_sys_call+0x2999/0x2fb0
[  115.789367][ T7534]  do_syscall_64+0xd2/0x200
[  115.789386][ T7534]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.789413][ T7534]  ? clear_bhb_loop+0x40/0x90
[  115.789474][ T7534]  ? clear_bhb_loop+0x40/0x90
[  115.789496][ T7534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.789517][ T7534] RIP: 0033:0x7f436336e929
[  115.789533][ T7534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.789549][ T7534] RSP: 002b:00007f43619d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  115.789567][ T7534] RAX: ffffffffffffffda RBX: 00007f4363595fa0 RCX: 00007f436336e929
[  115.789587][ T7534] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 0000000000000003
[  115.789600][ T7534] RBP: 00007f43619d7090 R08: 0000000000000000 R09: 0000000000000000
[  115.789681][ T7534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.789693][ T7534] R13: 0000000000000000 R14: 00007f4363595fa0 R15: 00007ffe35ab1ff8
[  115.789710][ T7534]  </TASK>
[  115.808160][ T7532] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  116.006536][ T7532] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  116.088099][ T7551] 9pnet_fd: Insufficient options for proto=fd
[  116.107453][ T7553] FAULT_INJECTION: forcing a failure.
[  116.107453][ T7553] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.120726][ T7553] CPU: 0 UID: 0 PID: 7553 Comm: syz.3.1491 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  116.120782][ T7553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.120795][ T7553] Call Trace:
[  116.120801][ T7553]  <TASK>
[  116.120809][ T7553]  __dump_stack+0x1d/0x30
[  116.120831][ T7553]  dump_stack_lvl+0xe8/0x140
[  116.120851][ T7553]  dump_stack+0x15/0x1b
[  116.120866][ T7553]  should_fail_ex+0x265/0x280
[  116.120952][ T7553]  should_fail+0xb/0x20
[  116.120977][ T7553]  should_fail_usercopy+0x1a/0x20
[  116.121008][ T7553]  _copy_from_user+0x1c/0xb0
[  116.121031][ T7553]  memdup_user+0x5e/0xd0
[  116.121074][ T7553]  __snd_timer_user_ioctl+0x278/0x2470
[  116.121148][ T7553]  ? do_vfs_ioctl+0x9df/0x11d0
[  116.121177][ T7553]  ? selinux_file_ioctl+0x2e3/0x370
[  116.121200][ T7553]  ? __fget_files+0x184/0x1c0
[  116.121219][ T7553]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  116.121296][ T7553]  snd_timer_user_ioctl+0x41/0x60
[  116.121324][ T7553]  __se_sys_ioctl+0xce/0x140
[  116.121348][ T7553]  __x64_sys_ioctl+0x43/0x50
[  116.121371][ T7553]  x64_sys_call+0x19a8/0x2fb0
[  116.121429][ T7553]  do_syscall_64+0xd2/0x200
[  116.121446][ T7553]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.121473][ T7553]  ? clear_bhb_loop+0x40/0x90
[  116.121496][ T7553]  ? clear_bhb_loop+0x40/0x90
[  116.121595][ T7553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.121617][ T7553] RIP: 0033:0x7ff48082e929
[  116.121633][ T7553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.121657][ T7553] RSP: 002b:00007ff47ee97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.121677][ T7553] RAX: ffffffffffffffda RBX: 00007ff480a55fa0 RCX: 00007ff48082e929
[  116.121691][ T7553] RDX: 0000000000000000 RSI: 00000000c0f85403 RDI: 0000000000000003
[  116.121704][ T7553] RBP: 00007ff47ee97090 R08: 0000000000000000 R09: 0000000000000000
[  116.121717][ T7553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.121738][ T7553] R13: 0000000000000000 R14: 00007ff480a55fa0 R15: 00007ffdaacaa568
[  116.121755][ T7553]  </TASK>
[  116.130765][ T7555] xt_TPROXY: Can be used only with -p tcp or -p udp
[  116.150642][ T7542] lo speed is unknown, defaulting to 1000
[  116.244039][ T7559] loop5: detected capacity change from 0 to 128
[  116.268387][ T7561] loop4: detected capacity change from 0 to 512
[  116.275216][ T7541] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  116.295371][ T7542] lo speed is unknown, defaulting to 1000
[  116.298869][ T7541] FAT-fs (loop5): Filesystem has been set read-only
[  116.315325][ T7561] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  116.316434][ T7542] lo speed is unknown, defaulting to 1000
[  116.327807][ T7541] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  116.344266][ T7561] ext4 filesystem being mounted at /282/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.349704][ T7541] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  116.356699][ T7542] lo speed is unknown, defaulting to 1000
[  116.444487][ T7562] __nla_validate_parse: 1 callbacks suppressed
[  116.444506][ T7562] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1495'.
[  116.486820][ T7568] FAULT_INJECTION: forcing a failure.
[  116.486820][ T7568] name failslab, interval 1, probability 0, space 0, times 0
[  116.499661][ T7568] CPU: 0 UID: 0 PID: 7568 Comm: syz.2.1498 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  116.499687][ T7568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.499698][ T7568] Call Trace:
[  116.499705][ T7568]  <TASK>
[  116.499713][ T7568]  __dump_stack+0x1d/0x30
[  116.499736][ T7568]  dump_stack_lvl+0xe8/0x140
[  116.499794][ T7568]  dump_stack+0x15/0x1b
[  116.499809][ T7568]  should_fail_ex+0x265/0x280
[  116.499836][ T7568]  should_failslab+0x8c/0xb0
[  116.499865][ T7568]  kmem_cache_alloc_noprof+0x50/0x310
[  116.499944][ T7568]  ? audit_log_start+0x365/0x6c0
[  116.499971][ T7568]  audit_log_start+0x365/0x6c0
[  116.499997][ T7568]  ? __traceiter_kmem_cache_free+0x38/0x60
[  116.500052][ T7568]  ? iocb_destroy+0xc4/0x140
[  116.500071][ T7568]  audit_seccomp+0x48/0x100
[  116.500099][ T7568]  ? __seccomp_filter+0x68c/0x10d0
[  116.500122][ T7568]  __seccomp_filter+0x69d/0x10d0
[  116.500246][ T7568]  __secure_computing+0x82/0x150
[  116.500266][ T7568]  syscall_trace_enter+0xcf/0x1e0
[  116.500292][ T7568]  do_syscall_64+0xac/0x200
[  116.500387][ T7568]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.500456][ T7568]  ? clear_bhb_loop+0x40/0x90
[  116.500475][ T7568]  ? clear_bhb_loop+0x40/0x90
[  116.500494][ T7568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.500572][ T7568] RIP: 0033:0x7f436336d33c
[  116.500586][ T7568] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  116.500602][ T7568] RSP: 002b:00007f43619d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.500621][ T7568] RAX: ffffffffffffffda RBX: 00007f4363595fa0 RCX: 00007f436336d33c
[  116.500634][ T7568] RDX: 000000000000000f RSI: 00007f43619d70a0 RDI: 0000000000000006
[  116.500648][ T7568] RBP: 00007f43619d7090 R08: 0000000000000000 R09: 0000000000000000
[  116.500660][ T7568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.500671][ T7568] R13: 0000000000000000 R14: 00007f4363595fa0 R15: 00007ffe35ab1ff8
[  116.500695][ T7568]  </TASK>
[  116.752307][ T7577] loop1: detected capacity change from 0 to 128
[  116.773758][ T7576] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  116.781797][ T7576] FAT-fs (loop1): Filesystem has been set read-only
[  116.788608][ T7574] loop4: detected capacity change from 0 to 512
[  116.797185][ T7576] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  116.805154][ T7576] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  116.828209][ T7584] 9pnet_fd: Insufficient options for proto=fd
[  116.830592][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  116.849700][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  116.903152][ T7574] loop4: detected capacity change from 0 to 512
[  116.931782][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  116.941392][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  116.955016][ T7574] loop4: detected capacity change from 0 to 512
[  116.970773][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.011024][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.073354][ T7593] loop3: detected capacity change from 0 to 512
[  117.115014][ T7574] loop4: detected capacity change from 0 to 512
[  117.123176][ T7593] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  117.150460][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.165909][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.186133][ T7600] netlink: 'syz.5.1509': attribute type 13 has an invalid length.
[  117.216505][ T7593] EXT4-fs (loop3): 1 truncate cleaned up
[  117.224539][ T7574] loop4: detected capacity change from 0 to 512
[  117.237701][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.247233][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.264978][ T7574] loop4: detected capacity change from 0 to 512
[  117.270260][ T7600] loop5: detected capacity change from 0 to 512
[  117.280467][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.293662][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.310206][ T7600] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  117.323799][ T7574] loop4: detected capacity change from 0 to 512
[  117.336259][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.348127][ T7600] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  117.354893][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.356148][ T7600] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  117.374975][ T7600] System zones: 0-1, 15-15, 18-18, 34-34
[  117.381022][ T7600] EXT4-fs (loop5): orphan cleanup on readonly fs
[  117.387775][ T7600] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  117.402389][ T7600] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  117.413482][ T7600] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1509: bg 0: block 40: padding at end of block bitmap is not set
[  117.414309][ T7574] loop4: detected capacity change from 0 to 512
[  117.436463][ T7600] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  117.446554][ T7600] EXT4-fs (loop5): 1 truncate cleaned up
[  117.460089][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.478069][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.499418][ T7574] loop4: detected capacity change from 0 to 512
[  117.509431][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.521229][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.532193][ T7608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1511'.
[  117.555458][ T7574] loop4: detected capacity change from 0 to 512
[  117.563363][ T7608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1511'.
[  117.577952][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.587424][ T7608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1511'.
[  117.597976][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.607185][ T7608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1511'.
[  117.622985][ T7574] loop4: detected capacity change from 0 to 512
[  117.637257][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.656275][ T7600] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  117.662042][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.664293][ T7600] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  117.684120][ T7612] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1512'.
[  117.701197][ T7574] loop4: detected capacity change from 0 to 512
[  117.711159][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.727626][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.778681][ T7574] loop4: detected capacity change from 0 to 512
[  117.787873][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.820385][ T7622] netlink: 'syz.1.1517': attribute type 21 has an invalid length.
[  117.822206][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.829589][ T7622] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1517'.
[  117.845732][ T7622] netlink: 'syz.1.1517': attribute type 1 has an invalid length.
[  117.870494][ T7574] loop4: detected capacity change from 0 to 512
[  117.886337][ T7626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.887457][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.895076][ T7626] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.923791][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  117.946790][ T7574] loop4: detected capacity change from 0 to 512
[  117.970751][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  117.980620][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.015185][ T7574] loop4: detected capacity change from 0 to 512
[  118.024088][ T7634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1522'.
[  118.033178][ T7634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1522'.
[  118.044165][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.053972][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.067820][ T7574] loop4: detected capacity change from 0 to 512
[  118.079730][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.091048][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.108146][ T7637] loop5: detected capacity change from 0 to 512
[  118.116231][ T7574] loop4: detected capacity change from 0 to 512
[  118.116566][ T7637] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  118.133942][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.143360][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.156808][ T7637] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  118.159190][ T7574] loop4: detected capacity change from 0 to 512
[  118.175656][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.188470][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.203938][ T7574] loop4: detected capacity change from 0 to 512
[  118.212192][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.221270][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.233755][ T7574] loop4: detected capacity change from 0 to 512
[  118.243014][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.253525][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.275919][ T7574] loop4: detected capacity change from 0 to 512
[  118.285770][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.295126][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.313907][ T7640] lo speed is unknown, defaulting to 1000
[  118.322373][ T7640] lo speed is unknown, defaulting to 1000
[  118.329288][ T7640] lo speed is unknown, defaulting to 1000
[  118.330379][ T7574] loop4: detected capacity change from 0 to 512
[  118.343206][ T7640] lo speed is unknown, defaulting to 1000
[  118.351028][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.361481][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.429557][ T7574] loop4: detected capacity change from 0 to 512
[  118.452535][ T7646] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1525'.
[  118.462094][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.484678][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.521404][ T7574] loop4: detected capacity change from 0 to 512
[  118.544637][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.555313][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.614625][ T7574] loop4: detected capacity change from 0 to 512
[  118.629948][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.633870][ T7653] netlink: 'syz.1.1529': attribute type 21 has an invalid length.
[  118.639332][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.656003][ T7653] netlink: 'syz.1.1529': attribute type 1 has an invalid length.
[  118.677981][ T7574] loop4: detected capacity change from 0 to 512
[  118.761402][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.771242][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.810353][ T7663] loop1: detected capacity change from 0 to 128
[  118.836391][ T7574] loop4: detected capacity change from 0 to 512
[  118.851641][ T7665] __vm_enough_memory: pid: 7665, comm: syz.5.1533, bytes: 21200528588800 not enough memory for the allocation
[  118.871272][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  118.884617][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  118.928740][ T7574] loop4: detected capacity change from 0 to 512
[  118.971691][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  119.009808][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  119.029498][ T7574] loop4: detected capacity change from 0 to 512
[  119.048216][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  119.082125][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  119.122464][ T7574] loop4: detected capacity change from 0 to 512
[  119.142221][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  119.159187][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  119.175770][ T7665] loop5: detected capacity change from 0 to 512
[  119.182712][ T7574] loop4: detected capacity change from 0 to 512
[  119.197688][ T7665] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  119.241146][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  119.250578][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  119.258086][ T7665] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  119.270819][ T7686] loop2: detected capacity change from 0 to 164
[  119.283273][ T7574] loop4: detected capacity change from 0 to 512
[  119.297470][ T7574] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  119.310859][ T7665] System zones: 1-12
[  119.324278][ T7665] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: inode #11: comm syz.5.1533: missing EA_INODE flag
[  119.338233][ T7686] wg1: entered promiscuous mode
[  119.344365][ T7574] EXT4-fs (loop4): failed to open journal device unknown-block(8,3) -6
[  119.384733][ T7665] EXT4-fs (loop5): Remounting filesystem read-only
[  119.419512][ T7665] EXT4-fs (loop5): 1 orphan inode deleted
[  119.555108][ T7693] loop4: detected capacity change from 0 to 128
[  119.583042][ T7686] netlink: 'syz.2.1541': attribute type 21 has an invalid length.
[  119.662194][ T7701] netlink: 'syz.4.1548': attribute type 13 has an invalid length.
[  119.700090][ T7705] loop5: detected capacity change from 0 to 512
[  119.707422][ T7705] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  119.721749][ T7705] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.727726][ T7708] loop4: detected capacity change from 0 to 512
[  119.750205][ T7708] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  119.770422][ T7708] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  119.778409][ T7708] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  119.810664][ T7708] System zones: 0-1, 15-15, 18-18, 34-34
[  119.837674][   T29] kauditd_printk_skb: 614 callbacks suppressed
[  119.837693][   T29] audit: type=1326 audit(1750376690.817:10031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf574c58e7 code=0x7ffc0000
[  119.837937][ T7708] EXT4-fs (loop4): orphan cleanup on readonly fs
[  119.844126][   T29] audit: type=1326 audit(1750376690.817:10032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf5746ab19 code=0x7ffc0000
[  119.897575][   T29] audit: type=1326 audit(1750376690.817:10033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf574c58e7 code=0x7ffc0000
[  119.917259][ T7715] loop1: detected capacity change from 0 to 512
[  119.921147][   T29] audit: type=1326 audit(1750376690.817:10034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf5746ab19 code=0x7ffc0000
[  119.950476][ T7708] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  119.950673][   T29] audit: type=1326 audit(1750376690.817:10035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  119.971963][ T7708] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  119.998174][ T7708] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  120.016294][ T7715] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  120.043262][   T29] audit: type=1326 audit(1750376690.907:10036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf574c58e7 code=0x7ffc0000
[  120.067234][   T29] audit: type=1326 audit(1750376690.907:10037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf5746ab19 code=0x7ffc0000
[  120.070272][ T1038] lo speed is unknown, defaulting to 1000
[  120.091144][   T29] audit: type=1326 audit(1750376690.907:10038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  120.099893][ T7719] loop5: detected capacity change from 0 to 512
[  120.120247][   T29] audit: type=1326 audit(1750376690.947:10039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7700 comm="syz.4.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf574c58e7 code=0x7ffc0000
[  120.149225][ T7719] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  120.153457][ T7708] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1548: bg 0: block 40: padding at end of block bitmap is not set
[  120.177854][ T7708] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  120.187315][ T7715] EXT4-fs (loop1): 1 truncate cleaned up
[  120.188023][ T7708] EXT4-fs (loop4): 1 truncate cleaned up
[  120.203265][ T7719] EXT4-fs (loop5): 1 truncate cleaned up
[  120.303463][ T7727] __vm_enough_memory: pid: 7727, comm: syz.5.1556, bytes: 21196233625600 not enough memory for the allocation
[  120.405896][ T7730] loop2: detected capacity change from 0 to 512
[  120.433919][ T7730] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  120.485498][ T7730] EXT4-fs (loop2): 1 truncate cleaned up
[  120.517470][ T7732] bridge_slave_0: left promiscuous mode
[  120.523258][ T7732] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.553822][ T7732] bridge_slave_1: left allmulticast mode
[  120.559532][ T7732] bridge_slave_1: left promiscuous mode
[  120.565285][ T7732] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.594584][ T7732] bond0: (slave bond_slave_0): Releasing backup interface
[  120.610388][ T7732] bond0: (slave bond_slave_1): Releasing backup interface
[  120.618647][ T7732] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.626660][ T7732] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.667793][ T7727] loop5: detected capacity change from 0 to 512
[  120.699544][ T7740] loop4: detected capacity change from 0 to 128
[  120.709927][ T7727] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  120.758461][ T7727] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  120.771021][ T7745] FAULT_INJECTION: forcing a failure.
[  120.771021][ T7745] name failslab, interval 1, probability 0, space 0, times 0
[  120.783732][ T7745] CPU: 1 UID: 0 PID: 7745 Comm: syz.4.1560 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  120.783764][ T7745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.783810][ T7745] Call Trace:
[  120.783817][ T7745]  <TASK>
[  120.783824][ T7745]  __dump_stack+0x1d/0x30
[  120.783851][ T7745]  dump_stack_lvl+0xe8/0x140
[  120.783942][ T7745]  dump_stack+0x15/0x1b
[  120.783961][ T7745]  should_fail_ex+0x265/0x280
[  120.784040][ T7745]  should_failslab+0x8c/0xb0
[  120.784062][ T7745]  kmem_cache_alloc_noprof+0x50/0x310
[  120.784107][ T7745]  ? security_file_alloc+0x32/0x100
[  120.784132][ T7745]  security_file_alloc+0x32/0x100
[  120.784154][ T7745]  init_file+0x5c/0x1d0
[  120.784178][ T7745]  alloc_empty_file+0x8b/0x200
[  120.784209][ T7745]  alloc_file_pseudo+0xc6/0x160
[  120.784232][ T7745]  __shmem_file_setup+0x1de/0x210
[  120.784265][ T7745]  shmem_file_setup+0x3b/0x50
[  120.784310][ T7745]  __se_sys_memfd_create+0x2c3/0x590
[  120.784394][ T7745]  __x64_sys_memfd_create+0x31/0x40
[  120.784428][ T7745]  x64_sys_call+0x122f/0x2fb0
[  120.784452][ T7745]  do_syscall_64+0xd2/0x200
[  120.784469][ T7745]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.784521][ T7745]  ? clear_bhb_loop+0x40/0x90
[  120.784545][ T7745]  ? clear_bhb_loop+0x40/0x90
[  120.784568][ T7745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.784587][ T7745] RIP: 0033:0x7fcf574ce929
[  120.784604][ T7745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.784625][ T7745] RSP: 002b:00007fcf55b36e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  120.784666][ T7745] RAX: ffffffffffffffda RBX: 0000000000000826 RCX: 00007fcf574ce929
[  120.784681][ T7745] RDX: 00007fcf55b36ef0 RSI: 0000000000000000 RDI: 00007fcf575514cc
[  120.784693][ T7745] RBP: 00002000000012c0 R08: 00007fcf55b36bb7 R09: 00007fcf55b36e40
[  120.784728][ T7745] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000c80
[  120.784819][ T7745] R13: 00007fcf55b36ef0 R14: 00007fcf55b36eb0 R15: 0000200000000380
[  120.784888][ T7745]  </TASK>
[  120.785077][ T7746] loop1: detected capacity change from 0 to 512
[  120.978997][ T7727] System zones: 
[  120.991416][ T7746] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  121.020566][ T7727] 1-12
[  121.030800][ T7746] ext4 filesystem being mounted at /372/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  121.044918][ T7727] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: inode #11: comm syz.5.1556: missing EA_INODE flag
[  121.053288][ T7748] netlink: 'syz.4.1563': attribute type 1 has an invalid length.
[  121.071414][ T7752] lo speed is unknown, defaulting to 1000
[  121.077353][ T7727] EXT4-fs (loop5): Remounting filesystem read-only
[  121.088619][ T7752] lo speed is unknown, defaulting to 1000
[  121.089636][ T7727] EXT4-fs (loop5): 1 orphan inode deleted
[  121.101837][ T7752] lo speed is unknown, defaulting to 1000
[  121.102079][ T7752] lo speed is unknown, defaulting to 1000
[  121.270073][ T7773] loop4: detected capacity change from 0 to 512
[  121.273310][ T7775] capability: warning: `syz.5.1571' uses deprecated v2 capabilities in a way that may be insecure
[  121.277927][ T7773] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  121.335947][ T7773] EXT4-fs (loop4): orphan cleanup on readonly fs
[  121.344017][ T7773] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1565: Block bitmap for bg 0 marked uninitialized
[  121.358104][ T7773] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  121.368140][ T7773] EXT4-fs (loop4): 1 orphan inode deleted
[  121.423817][ T7781] loop2: detected capacity change from 0 to 8192
[  121.479829][ T7785] loop3: detected capacity change from 0 to 512
[  121.486656][ T7785] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  121.498622][ T7785] EXT4-fs (loop3): 1 truncate cleaned up
[  121.622928][ T7791] lo speed is unknown, defaulting to 1000
[  121.632485][ T7791] lo speed is unknown, defaulting to 1000
[  121.639533][ T7791] lo speed is unknown, defaulting to 1000
[  121.645808][ T7791] lo speed is unknown, defaulting to 1000
[  121.712959][ T7794] loop2: detected capacity change from 0 to 512
[  121.724416][ T7794] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  121.748522][ T7794] EXT4-fs (loop2): 1 truncate cleaned up
[  121.841932][ T7802] loop3: detected capacity change from 0 to 128
[  121.903969][ T7808] __nla_validate_parse: 10 callbacks suppressed
[  121.903988][ T7808] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1582'.
[  122.015468][ T7817] loop4: detected capacity change from 0 to 512
[  122.051272][ T7818] xt_CT: You must specify a L4 protocol and not use inversions on it
[  122.069379][ T7817] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  122.100769][ T7817] EXT4-fs (loop4): 1 truncate cleaned up
[  122.327979][ T7832] __vm_enough_memory: pid: 7832, comm: syz.4.1592, bytes: 21200537550848 not enough memory for the allocation
[  122.475568][ T7832] loop4: detected capacity change from 0 to 512
[  122.494966][ T7832] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  122.512306][ T7832] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  122.521775][ T7832] System zones: 1-12
[  122.533705][ T7832] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.1592: missing EA_INODE flag
[  122.548850][ T7832] EXT4-fs (loop4): Remounting filesystem read-only
[  122.557917][ T7832] EXT4-fs (loop4): 1 orphan inode deleted
[  122.868553][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1599'.
[  122.910075][ T7852] sctp: [Deprecated]: syz.4.1600 (pid 7852) Use of int in max_burst socket option.
[  122.910075][ T7852] Use struct sctp_assoc_value instead
[  122.931432][ T7853] loop2: detected capacity change from 0 to 164
[  122.941673][ T7853] bio_check_eod: 73 callbacks suppressed
[  122.941687][ T7853] syz.2.1599: attempt to access beyond end of device
[  122.941687][ T7853] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  122.962805][ T7853] syz.2.1599: attempt to access beyond end of device
[  122.962805][ T7853] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  123.431479][ T7865] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1606'.
[  123.465929][ T7863] lo speed is unknown, defaulting to 1000
[  123.472019][ T7863] lo speed is unknown, defaulting to 1000
[  123.478291][ T7863] lo speed is unknown, defaulting to 1000
[  123.484210][ T7863] lo speed is unknown, defaulting to 1000
[  123.518094][ T7870] loop1: detected capacity change from 0 to 128
[  123.524891][ T7872] FAULT_INJECTION: forcing a failure.
[  123.524891][ T7872] name failslab, interval 1, probability 0, space 0, times 0
[  123.537619][ T7872] CPU: 1 UID: 0 PID: 7872 Comm: syz.3.1607 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  123.537647][ T7872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.537657][ T7872] Call Trace:
[  123.537663][ T7872]  <TASK>
[  123.537671][ T7872]  __dump_stack+0x1d/0x30
[  123.537756][ T7872]  dump_stack_lvl+0xe8/0x140
[  123.537772][ T7872]  dump_stack+0x15/0x1b
[  123.537786][ T7872]  should_fail_ex+0x265/0x280
[  123.537813][ T7872]  should_failslab+0x8c/0xb0
[  123.537905][ T7872]  __kmalloc_noprof+0xa5/0x3e0
[  123.537926][ T7872]  ? fib6_info_alloc+0x2e/0x90
[  123.538034][ T7872]  fib6_info_alloc+0x2e/0x90
[  123.538092][ T7872]  ip6_route_info_create+0xe7/0x390
[  123.538112][ T7872]  inet6_rtm_newroute+0x35e/0x1020
[  123.538151][ T7872]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  123.538224][ T7872]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  123.538244][ T7872]  ? avc_has_perm_noaudit+0x1b1/0x200
[  123.538269][ T7872]  netlink_rcv_skb+0x123/0x220
[  123.538295][ T7872]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  123.538356][ T7872]  rtnetlink_rcv+0x1c/0x30
[  123.538373][ T7872]  netlink_unicast+0x5a1/0x670
[  123.538474][ T7872]  netlink_sendmsg+0x58b/0x6b0
[  123.538557][ T7872]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.538574][ T7872]  __sock_sendmsg+0x145/0x180
[  123.538666][ T7872]  ____sys_sendmsg+0x31e/0x4e0
[  123.538712][ T7872]  ___sys_sendmsg+0x17b/0x1d0
[  123.538756][ T7872]  __x64_sys_sendmsg+0xd4/0x160
[  123.538787][ T7872]  x64_sys_call+0x2999/0x2fb0
[  123.538806][ T7872]  do_syscall_64+0xd2/0x200
[  123.538873][ T7872]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.538952][ T7872]  ? clear_bhb_loop+0x40/0x90
[  123.539017][ T7872]  ? clear_bhb_loop+0x40/0x90
[  123.539035][ T7872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.539053][ T7872] RIP: 0033:0x7ff48082e929
[  123.539067][ T7872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.539144][ T7872] RSP: 002b:00007ff47ee97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.539162][ T7872] RAX: ffffffffffffffda RBX: 00007ff480a55fa0 RCX: 00007ff48082e929
[  123.539173][ T7872] RDX: 0000000000048002 RSI: 0000200000000080 RDI: 0000000000000003
[  123.539211][ T7872] RBP: 00007ff47ee97090 R08: 0000000000000000 R09: 0000000000000000
[  123.539222][ T7872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.539281][ T7872] R13: 0000000000000000 R14: 00007ff480a55fa0 R15: 00007ffdaacaa568
[  123.539353][ T7872]  </TASK>
[  123.806167][ T7874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1609'.
[  123.816939][ T7874] 9pnet_fd: Insufficient options for proto=fd
[  123.871271][ T7878] vhci_hcd: invalid port number 96
[  123.876445][ T7878] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  123.892302][ T7878] loop3: detected capacity change from 0 to 512
[  123.901893][ T7879] loop2: detected capacity change from 0 to 512
[  123.908879][ T7879] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  123.953829][ T7879] EXT4-fs (loop2): 1 truncate cleaned up
[  123.963384][ T7888] netlink: 'syz.1.1613': attribute type 13 has an invalid length.
[  123.978921][ T7890] netlink: 'syz.4.1614': attribute type 1 has an invalid length.
[  123.980889][ T7878] ext4 filesystem being mounted at /267/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.986830][ T7890] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1614'.
[  124.041709][ T7896] loop1: detected capacity change from 0 to 512
[  124.049695][ T7896] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.070509][ T7896] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  124.078621][ T7896] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  124.098146][ T7900] loop3: detected capacity change from 0 to 1024
[  124.114069][ T7896] System zones: 0-1, 15-15, 18-18, 34-34
[  124.120189][ T7896] EXT4-fs (loop1): orphan cleanup on readonly fs
[  124.136117][ T7896] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  124.150836][ T7896] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  124.151839][ T7900] EXT4-fs: inline encryption not supported
[  124.164755][ T7896] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1613: bg 0: block 40: padding at end of block bitmap is not set
[  124.180768][ T7900] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.187600][ T7900] ext4: Bad value for 'barrier'
[  124.187740][ T7896] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  124.209126][ T7896] EXT4-fs (loop1): 1 truncate cleaned up
[  124.218983][ T7900] loop3: detected capacity change from 0 to 1024
[  124.228290][ T7900] EXT4-fs: Ignoring removed orlov option
[  124.300881][ T7914] FAULT_INJECTION: forcing a failure.
[  124.300881][ T7914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.314122][ T7914] CPU: 0 UID: 0 PID: 7914 Comm: syz.5.1621 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  124.314202][ T7914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.314215][ T7914] Call Trace:
[  124.314221][ T7914]  <TASK>
[  124.314229][ T7914]  __dump_stack+0x1d/0x30
[  124.314252][ T7914]  dump_stack_lvl+0xe8/0x140
[  124.314272][ T7914]  dump_stack+0x15/0x1b
[  124.314307][ T7914]  should_fail_ex+0x265/0x280
[  124.314340][ T7914]  should_fail+0xb/0x20
[  124.314369][ T7914]  should_fail_usercopy+0x1a/0x20
[  124.314457][ T7914]  strncpy_from_user+0x25/0x230
[  124.314547][ T7914]  strncpy_from_bpfptr+0x43/0x50
[  124.314573][ T7914]  bpf_prog_load+0x884/0x1070
[  124.314638][ T7914]  ? security_bpf+0x2b/0x90
[  124.314723][ T7914]  __sys_bpf+0x51d/0x790
[  124.314760][ T7914]  __x64_sys_bpf+0x41/0x50
[  124.314810][ T7914]  x64_sys_call+0x2478/0x2fb0
[  124.314843][ T7914]  do_syscall_64+0xd2/0x200
[  124.314862][ T7914]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.314965][ T7914]  ? clear_bhb_loop+0x40/0x90
[  124.314989][ T7914]  ? clear_bhb_loop+0x40/0x90
[  124.315011][ T7914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.315033][ T7914] RIP: 0033:0x7f6a327ae929
[  124.315049][ T7914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.315069][ T7914] RSP: 002b:00007f6a30e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  124.315113][ T7914] RAX: ffffffffffffffda RBX: 00007f6a329d5fa0 RCX: 00007f6a327ae929
[  124.315126][ T7914] RDX: 0000000000000080 RSI: 0000200000000300 RDI: 0000000000000005
[  124.315140][ T7914] RBP: 00007f6a30e17090 R08: 0000000000000000 R09: 0000000000000000
[  124.315153][ T7914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.315165][ T7914] R13: 0000000000000000 R14: 00007f6a329d5fa0 R15: 00007ffdfacc12f8
[  124.315184][ T7914]  </TASK>
[  124.541579][ T7920] netlink: 'syz.4.1623': attribute type 13 has an invalid length.
[  124.556807][ T7906] loop2: detected capacity change from 0 to 1024
[  124.627596][ T7918] lo speed is unknown, defaulting to 1000
[  124.634373][ T7918] lo speed is unknown, defaulting to 1000
[  124.642328][ T7918] lo speed is unknown, defaulting to 1000
[  124.648545][ T7918] lo speed is unknown, defaulting to 1000
[  124.666124][ T7921] loop4: detected capacity change from 0 to 512
[  124.674774][ T7921] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.687026][ T7924] loop5: detected capacity change from 0 to 128
[  124.723656][ T7921] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  124.731735][ T7921] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  124.745208][ T7921] System zones: 0-1, 15-15, 18-18, 34-34
[  124.751851][ T7921] EXT4-fs (loop4): orphan cleanup on readonly fs
[  124.758588][ T7921] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  124.773338][ T7921] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  124.782428][ T7921] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1623: bg 0: block 40: padding at end of block bitmap is not set
[  124.800261][ T7921] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  124.815412][ T7929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1624'.
[  124.824374][ T7929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1624'.
[  124.835144][ T7921] EXT4-fs (loop4): 1 truncate cleaned up
[  124.844469][   T29] kauditd_printk_skb: 640 callbacks suppressed
[  124.844486][   T29] audit: type=1326 audit(1750376695.827:10676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf574cd290 code=0x7ffc0000
[  124.874401][   T29] audit: type=1326 audit(1750376695.827:10677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fcf574cd677 code=0x7ffc0000
[  124.897996][   T29] audit: type=1326 audit(1750376695.827:10678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf574cd290 code=0x7ffc0000
[  124.921723][   T29] audit: type=1326 audit(1750376695.827:10679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  124.945506][   T29] audit: type=1326 audit(1750376695.827:10680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  124.953035][ T7921] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1623'.
[  124.983462][ T7933] netlink: 'syz.1.1625': attribute type 1 has an invalid length.
[  124.991284][ T7933] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1625'.
[  125.028892][ T7935] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  125.037094][ T7935] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  125.059651][   T29] audit: type=1326 audit(1750376695.937:10681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  125.073993][ T7938] loop2: detected capacity change from 0 to 512
[  125.083332][   T29] audit: type=1326 audit(1750376695.937:10682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  125.113455][   T29] audit: type=1326 audit(1750376695.937:10683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  125.137245][   T29] audit: type=1326 audit(1750376695.937:10684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  125.160810][   T29] audit: type=1326 audit(1750376695.937:10685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.4.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  125.206125][ T7940] netlink: 552 bytes leftover after parsing attributes in process `syz.5.1627'.
[  125.222871][ T7938] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1626: Failed to acquire dquot type 1
[  125.239339][ T7938] EXT4-fs (loop2): 1 truncate cleaned up
[  125.245737][ T7938] ext4 filesystem being mounted at /339/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.263920][ T7948] netlink: 'syz.5.1627': attribute type 1 has an invalid length.
[  125.338253][ T7953] loop1: detected capacity change from 0 to 512
[  125.345558][ T7953] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  125.377723][ T7953] EXT4-fs (loop1): 1 truncate cleaned up
[  125.672066][ T7985] FAULT_INJECTION: forcing a failure.
[  125.672066][ T7985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.685192][ T7985] CPU: 1 UID: 0 PID: 7985 Comm: syz.5.1643 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  125.685228][ T7985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.685241][ T7985] Call Trace:
[  125.685248][ T7985]  <TASK>
[  125.685257][ T7985]  __dump_stack+0x1d/0x30
[  125.685331][ T7985]  dump_stack_lvl+0xe8/0x140
[  125.685349][ T7985]  dump_stack+0x15/0x1b
[  125.685365][ T7985]  should_fail_ex+0x265/0x280
[  125.685398][ T7985]  should_fail+0xb/0x20
[  125.685461][ T7985]  should_fail_usercopy+0x1a/0x20
[  125.685568][ T7985]  _copy_from_user+0x1c/0xb0
[  125.685602][ T7985]  __se_sys_mount+0x10d/0x2e0
[  125.685620][ T7985]  ? fput+0x8f/0xc0
[  125.685645][ T7985]  ? ksys_write+0x192/0x1a0
[  125.685663][ T7985]  __x64_sys_mount+0x67/0x80
[  125.685742][ T7985]  x64_sys_call+0xd36/0x2fb0
[  125.685761][ T7985]  do_syscall_64+0xd2/0x200
[  125.685847][ T7985]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  125.685949][ T7985]  ? clear_bhb_loop+0x40/0x90
[  125.685969][ T7985]  ? clear_bhb_loop+0x40/0x90
[  125.685993][ T7985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.686042][ T7985] RIP: 0033:0x7f6a327ae929
[  125.686056][ T7985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.686076][ T7985] RSP: 002b:00007f6a30e17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  125.686130][ T7985] RAX: ffffffffffffffda RBX: 00007f6a329d5fa0 RCX: 00007f6a327ae929
[  125.686144][ T7985] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  125.686156][ T7985] RBP: 00007f6a30e17090 R08: 0000200000000400 R09: 0000000000000000
[  125.686167][ T7985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.686179][ T7985] R13: 0000000000000000 R14: 00007f6a329d5fa0 R15: 00007ffdfacc12f8
[  125.686198][ T7985]  </TASK>
[  125.955794][ T7993] loop3: detected capacity change from 0 to 764
[  125.997986][ T8002] lo speed is unknown, defaulting to 1000
[  126.014360][ T8002] lo speed is unknown, defaulting to 1000
[  126.021186][ T8002] lo speed is unknown, defaulting to 1000
[  126.027312][ T8002] lo speed is unknown, defaulting to 1000
[  126.029723][ T8008] netlink: 'syz.4.1652': attribute type 13 has an invalid length.
[  126.052476][ T8009] loop2: detected capacity change from 0 to 1024
[  126.070606][ T8011] loop1: detected capacity change from 0 to 512
[  126.082758][ T8009] EXT4-fs: Ignoring removed orlov option
[  126.088571][ T8009] EXT4-fs: Ignoring removed nomblk_io_submit option
[  126.099393][ T8011] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.117316][ T8011] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  126.138197][ T8018] loop4: detected capacity change from 0 to 512
[  126.150798][ T8017] loop3: detected capacity change from 0 to 512
[  126.158016][ T8018] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  126.167775][ T8017] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  126.179746][ T8018] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  126.187910][ T8018] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  126.190092][ T8017] EXT4-fs (loop3): 1 truncate cleaned up
[  126.196077][ T8018] System zones: 0-1, 15-15, 18-18, 34-34
[  126.207650][ T8018] EXT4-fs (loop4): orphan cleanup on readonly fs
[  126.214176][ T8018] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  126.228767][ T8018] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  126.236774][ T8018] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1652: bg 0: block 40: padding at end of block bitmap is not set
[  126.251652][ T8018] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  126.272553][ T8023] __vm_enough_memory: pid: 8023, comm: syz.2.1654, bytes: 21199877488640 not enough memory for the allocation
[  126.274282][ T8018] EXT4-fs (loop4): 1 truncate cleaned up
[  126.333631][ T8018] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  126.341712][ T8018] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  126.408916][ T3306] EXT4-fs unmount: 73 callbacks suppressed
[  126.408943][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.452615][ T8023] loop2: detected capacity change from 0 to 512
[  126.462575][ T8029] loop3: detected capacity change from 0 to 1024
[  126.467360][ T8023] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  126.469808][ T8029] EXT4-fs: inline encryption not supported
[  126.486002][ T8029] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.492895][ T8029] ext4: Bad value for 'barrier'
[  126.494831][ T8023] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  126.509211][ T8029] loop3: detected capacity change from 0 to 1024
[  126.518483][ T8023] System zones: 
[  126.523512][ T8029] EXT4-fs: Ignoring removed orlov option
[  126.525394][ T8029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.528314][ T8023] 1-12
[  126.563929][ T8023] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.1654: missing EA_INODE flag
[  126.579321][ T8023] EXT4-fs (loop2): Remounting filesystem read-only
[  126.588991][ T8023] EXT4-fs (loop2): 1 orphan inode deleted
[  126.603275][ T8023] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.628192][ T8023] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.734857][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.823474][ T8035] loop5: detected capacity change from 0 to 1024
[  126.856922][ T8037] lo speed is unknown, defaulting to 1000
[  126.878605][ T8037] lo speed is unknown, defaulting to 1000
[  126.889643][ T8035] EXT4-fs: inline encryption not supported
[  126.895881][ T8035] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.900653][ T8037] lo speed is unknown, defaulting to 1000
[  126.908799][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.918425][ T8035] ext4: Bad value for 'barrier'
[  126.933665][ T8035] loop5: detected capacity change from 0 to 1024
[  126.940842][ T8038] loop1: detected capacity change from 0 to 128
[  126.945220][ T8042] __nla_validate_parse: 5 callbacks suppressed
[  126.945251][ T8042] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1659'.
[  126.948475][ T8035] EXT4-fs: Ignoring removed orlov option
[  126.969943][ T8037] lo speed is unknown, defaulting to 1000
[  126.996591][ T8035] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.343909][ T8063] netlink: 'syz.1.1667': attribute type 4 has an invalid length.
[  127.368166][ T8063] netlink: 'syz.1.1667': attribute type 4 has an invalid length.
[  127.377344][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.388393][ T8065] loop4: detected capacity change from 0 to 512
[  127.406965][ T8066] loop2: detected capacity change from 0 to 512
[  127.439925][ T8065] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  127.441285][ T8063] syzkaller1: entered promiscuous mode
[  127.448675][ T8066] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  127.454164][ T8063] syzkaller1: entered allmulticast mode
[  127.514936][ T8063] loop1: detected capacity change from 0 to 1024
[  127.532086][ T8063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.555805][ T8065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.571597][ T8066] EXT4-fs (loop2): 1 truncate cleaned up
[  127.572589][ T8072] lo speed is unknown, defaulting to 1000
[  127.581497][ T8065] ext4 filesystem being mounted at /322/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  127.583665][ T8072] lo speed is unknown, defaulting to 1000
[  127.598867][ T8066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.643574][ T8078] loop3: detected capacity change from 0 to 128
[  127.651132][ T8072] lo speed is unknown, defaulting to 1000
[  127.657530][ T8072] lo speed is unknown, defaulting to 1000
[  127.701332][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.719510][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.719510][ T8078] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  127.732956][ T8078] buffer_io_error: 22 callbacks suppressed
[  127.733045][ T8078] Buffer I/O error on dev loop3, logical block 2065, async page read
[  127.778917][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.778917][ T8078] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[  127.785697][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.792242][ T8078] Buffer I/O error on dev loop3, logical block 2066, async page read
[  127.792605][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.792605][ T8078] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  127.822748][ T8078] Buffer I/O error on dev loop3, logical block 2067, async page read
[  127.855199][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.855199][ T8078] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[  127.868510][ T8078] Buffer I/O error on dev loop3, logical block 2068, async page read
[  127.878686][ T8082] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1671'.
[  127.906417][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.906417][ T8078] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[  127.919918][ T8078] Buffer I/O error on dev loop3, logical block 2069, async page read
[  127.929325][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.929325][ T8078] loop3: rw=0, sector=2070, nr_sectors = 1 limit=128
[  127.942659][ T8078] Buffer I/O error on dev loop3, logical block 2070, async page read
[  127.951338][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.951338][ T8078] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[  127.964643][ T8078] Buffer I/O error on dev loop3, logical block 2071, async page read
[  127.973664][ T7402] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.983284][ T8078] syz.3.1670: attempt to access beyond end of device
[  127.983284][ T8078] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  127.996690][ T8078] Buffer I/O error on dev loop3, logical block 2072, async page read
[  128.005324][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.005324][ T8078] loop3: rw=0, sector=2065, nr_sectors = 1 limit=128
[  128.018631][ T8078] Buffer I/O error on dev loop3, logical block 2065, async page read
[  128.028540][ T8089] netlink: 'syz.4.1676': attribute type 1 has an invalid length.
[  128.036453][ T8089] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1676'.
[  128.044890][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.044890][ T8078] loop3: rw=0, sector=2066, nr_sectors = 1 limit=128
[  128.058774][ T8078] Buffer I/O error on dev loop3, logical block 2066, async page read
[  128.126397][ T8093] lo speed is unknown, defaulting to 1000
[  128.134350][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.134350][ T8078] loop3: rw=0, sector=2067, nr_sectors = 1 limit=128
[  128.139131][ T8093] lo speed is unknown, defaulting to 1000
[  128.149005][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.149005][ T8078] loop3: rw=0, sector=2068, nr_sectors = 1 limit=128
[  128.168412][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.168412][ T8078] loop3: rw=0, sector=2069, nr_sectors = 1 limit=128
[  128.174658][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.183594][ T8101] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1680'.
[  128.192100][ T8093] lo speed is unknown, defaulting to 1000
[  128.206208][ T8093] lo speed is unknown, defaulting to 1000
[  128.215757][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.215757][ T8078] loop3: rw=0, sector=2070, nr_sectors = 1 limit=128
[  128.237911][ T8104] loop1: detected capacity change from 0 to 128
[  128.245003][ T8105] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1681'.
[  128.253949][ T8105] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1681'.
[  128.272350][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.272350][ T8078] loop3: rw=0, sector=2071, nr_sectors = 1 limit=128
[  128.279540][ T8112] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1683'.
[  128.287524][ T8078] syz.3.1670: attempt to access beyond end of device
[  128.287524][ T8078] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  128.342010][ T8118] loop5: detected capacity change from 0 to 1764
[  129.369529][ T8134] netlink: 'syz.1.1688': attribute type 1 has an invalid length.
[  129.377327][ T8134] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1688'.
[  129.441881][ T8131] loop4: detected capacity change from 0 to 512
[  129.534003][ T8131] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  129.583819][ T8131] EXT4-fs (loop4): 1 truncate cleaned up
[  129.659974][ T8131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.973408][ T8143] syz.3.1694 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  130.009174][ T8126] lo speed is unknown, defaulting to 1000
[  130.024861][ T8126] lo speed is unknown, defaulting to 1000
[  130.125966][ T8126] lo speed is unknown, defaulting to 1000
[  130.182905][ T8126] lo speed is unknown, defaulting to 1000
[  130.357037][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.489971][ T8151] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1696'.
[  130.615971][   T29] kauditd_printk_skb: 475 callbacks suppressed
[  130.615989][   T29] audit: type=1400 audit(1750376701.597:11156): avc:  denied  { create } for  pid=8152 comm="syz.2.1697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  130.834457][   T29] audit: type=1326 audit(1750376701.777:11157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48082e929 code=0x7ffc0000
[  130.858645][   T29] audit: type=1326 audit(1750376701.817:11158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff48082d290 code=0x7ffc0000
[  130.920352][ T8164] __vm_enough_memory: pid: 8164, comm: syz.2.1700, bytes: 21199877488640 not enough memory for the allocation
[  130.973546][ T8168] netlink: 'syz.4.1703': attribute type 13 has an invalid length.
[  130.988952][   T29] audit: type=1326 audit(1750376701.817:11159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff480830157 code=0x7ffc0000
[  131.012575][   T29] audit: type=1326 audit(1750376701.817:11160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff48082e929 code=0x7ffc0000
[  131.036015][   T29] audit: type=1326 audit(1750376701.837:11161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff480830157 code=0x7ffc0000
[  131.060174][   T29] audit: type=1326 audit(1750376701.837:11162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff48082d58a code=0x7ffc0000
[  131.083831][   T29] audit: type=1326 audit(1750376701.837:11163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48082e929 code=0x7ffc0000
[  131.107526][   T29] audit: type=1326 audit(1750376701.867:11164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7ff48082e929 code=0x7ffc0000
[  131.131245][   T29] audit: type=1326 audit(1750376701.867:11165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8159 comm="syz.3.1699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48082e929 code=0x7ffc0000
[  131.180469][ T8181] loop5: detected capacity change from 0 to 512
[  131.191342][ T8181] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  131.210786][ T8182] loop4: detected capacity change from 0 to 512
[  131.217980][ T8182] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  131.237291][ T8182] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  131.245475][ T8182] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  131.254172][ T8182] System zones: 0-1, 15-15, 18-18, 34-34
[  131.261673][ T8181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.264293][ T8182] EXT4-fs (loop4): orphan cleanup on readonly fs
[  131.297051][ T8182] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  131.309946][ T8181] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  131.311639][ T8182] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  131.329512][ T8182] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1703: bg 0: block 40: padding at end of block bitmap is not set
[  131.356900][ T8182] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  131.360942][ T8174] lo speed is unknown, defaulting to 1000
[  131.372019][ T8174] lo speed is unknown, defaulting to 1000
[  131.376315][ T8182] EXT4-fs (loop4): 1 truncate cleaned up
[  131.378398][ T8174] lo speed is unknown, defaulting to 1000
[  131.389558][ T8174] lo speed is unknown, defaulting to 1000
[  131.397310][ T8164] loop2: detected capacity change from 0 to 512
[  131.410766][ T8176] loop3: detected capacity change from 0 to 128
[  131.417662][ T8182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.472342][ T8164] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  131.480686][ T8182] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1703'.
[  131.500252][ T8182] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  131.508207][ T8182] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  131.538195][ T7402] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.559901][ T8190] lo speed is unknown, defaulting to 1000
[  131.566101][ T8190] lo speed is unknown, defaulting to 1000
[  131.572505][ T8190] lo speed is unknown, defaulting to 1000
[  131.578619][ T8190] lo speed is unknown, defaulting to 1000
[  131.630393][ T8173] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  131.638430][ T8173] FAT-fs (loop3): Filesystem has been set read-only
[  131.663829][ T8173] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  131.671922][ T8173] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  131.714085][ T8164] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  131.724417][ T8164] System zones: 1-12
[  131.736606][ T8164] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.1700: missing EA_INODE flag
[  131.753456][ T8164] EXT4-fs (loop2): Remounting filesystem read-only
[  131.786514][ T8164] EXT4-fs (loop2): 1 orphan inode deleted
[  131.809560][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.827754][ T8164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.898375][ T8194] netlink: 'syz.4.1710': attribute type 1 has an invalid length.
[  131.964289][ T8164] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.200888][ T8210] netlink: 'syz.4.1716': attribute type 1 has an invalid length.
[  132.208854][ T8210] __nla_validate_parse: 1 callbacks suppressed
[  132.208865][ T8210] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1716'.
[  132.285931][ T8215] netlink: 'syz.3.1718': attribute type 13 has an invalid length.
[  132.474752][ T8232] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1709'.
[  132.490265][ T8230] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1724'.
[  132.510820][ T8236] netlink: 'syz.3.1725': attribute type 13 has an invalid length.
[  132.560021][ T8238] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1727'.
[  132.593654][ T8241] loop3: detected capacity change from 0 to 512
[  132.600782][ T8241] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  132.611406][ T8246] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.630909][ T8247] netlink: 'syz.2.1731': attribute type 1 has an invalid length.
[  132.638687][ T8247] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1731'.
[  132.658892][ T8246] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.668041][ T8241] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  132.676030][ T8241] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  132.692086][ T8246] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1730'.
[  132.715312][ T8241] System zones: 0-1, 15-15, 18-18, 34-34
[  132.743955][ T8241] EXT4-fs (loop3): orphan cleanup on readonly fs
[  132.775789][ T8241] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  132.790547][ T8241] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  132.903387][ T8241] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1725: bg 0: block 40: padding at end of block bitmap is not set
[  132.919410][ T8241] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  132.928686][ T8241] EXT4-fs (loop3): 1 truncate cleaned up
[  132.935112][ T8241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.004142][ T8271] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1739'.
[  133.052862][ T8274] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1740'.
[  133.060987][ T8272] lo speed is unknown, defaulting to 1000
[  133.083663][ T8272] lo speed is unknown, defaulting to 1000
[  133.101524][ T8272] lo speed is unknown, defaulting to 1000
[  133.109738][ T8279] loop2: detected capacity change from 0 to 2048
[  133.116905][ T8279] EXT4-fs: dax option not supported
[  133.126598][ T8272] lo speed is unknown, defaulting to 1000
[  133.140944][ T8281] loop1: detected capacity change from 0 to 1024
[  133.157610][ T8281] EXT4-fs: inline encryption not supported
[  133.168543][ T8281] EXT4-fs: Ignoring removed mblk_io_submit option
[  133.175686][ T8281] ext4: Bad value for 'barrier'
[  133.198251][ T8281] loop1: detected capacity change from 0 to 1024
[  133.207611][ T8281] EXT4-fs: Ignoring removed orlov option
[  133.217377][ T8281] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.389086][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.417220][ T8288] netlink: 'syz.3.1744': attribute type 13 has an invalid length.
[  133.484011][ T8289] loop3: detected capacity change from 0 to 512
[  133.580327][ T8289] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.629426][ T8289] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  133.637714][ T8289] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  133.649548][ T8289] System zones: 0-1, 15-15, 18-18, 34-34
[  133.655681][ T8289] EXT4-fs (loop3): orphan cleanup on readonly fs
[  133.662636][ T8289] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  133.677242][ T8289] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  133.684482][ T8289] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1744: bg 0: block 40: padding at end of block bitmap is not set
[  133.700328][ T8289] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  133.709356][ T8289] EXT4-fs (loop3): 1 truncate cleaned up
[  133.715853][ T8289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  133.734732][ T8289] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1744'.
[  133.746417][ T8289] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  133.754400][ T8289] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  133.972450][ T8293] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1745'.
[  134.185101][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.270890][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.282777][ T8313] netlink: 'syz.2.1754': attribute type 13 has an invalid length.
[  134.356098][ T8323] netlink: 'syz.1.1759': attribute type 1 has an invalid length.
[  134.370899][ T8326] loop2: detected capacity change from 0 to 512
[  134.380023][ T8326] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.406362][ T8326] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  134.414631][ T8326] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  134.433399][ T8326] System zones: 0-1, 15-15, 18-18, 34-34
[  134.448826][ T8326] EXT4-fs (loop2): orphan cleanup on readonly fs
[  134.455356][ T8326] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  134.470116][ T8326] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  134.477469][ T8326] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1754: bg 0: block 40: padding at end of block bitmap is not set
[  134.495767][ T8326] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  134.505186][ T8326] EXT4-fs (loop2): 1 truncate cleaned up
[  134.512087][ T8340] netlink: 'syz.1.1765': attribute type 13 has an invalid length.
[  134.520371][ T8326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.589674][ T8347] loop1: detected capacity change from 0 to 512
[  134.597325][ T8347] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.630146][ T8347] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  134.638110][ T8347] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  134.646391][ T8347] System zones: 0-1, 15-15, 18-18, 34-34
[  134.652780][ T8347] EXT4-fs (loop1): orphan cleanup on readonly fs
[  134.661018][ T8347] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  134.675686][ T8347] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  134.684589][ T8347] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1765: bg 0: block 40: padding at end of block bitmap is not set
[  134.705063][ T8347] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  134.728943][ T8347] EXT4-fs (loop1): 1 truncate cleaned up
[  134.743828][ T8347] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.778077][ T8358] netlink: 'syz.3.1772': attribute type 1 has an invalid length.
[  134.791923][ T8347] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  134.800073][ T8347] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  135.051316][ T8376] loop3: detected capacity change from 0 to 512
[  135.059265][ T8376] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  135.080705][ T8376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.095483][ T8376] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  135.133821][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.144597][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.214568][ T8390] loop3: detected capacity change from 0 to 128
[  135.223830][ T8388] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  135.231873][ T8388] FAT-fs (loop3): Filesystem has been set read-only
[  135.239911][ T8388] bio_check_eod: 31 callbacks suppressed
[  135.239928][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.239928][ T8388] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  135.244286][ T8397] loop2: detected capacity change from 0 to 1024
[  135.245607][ T8388] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  135.259977][ T8397] EXT4-fs: inline encryption not supported
[  135.265681][ T8388] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  135.273726][ T8397] EXT4-fs: Ignoring removed mblk_io_submit option
[  135.281522][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.281522][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.287503][ T8397] ext4: Bad value for 'barrier'
[  135.322431][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.322431][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.334927][ T8397] loop2: detected capacity change from 0 to 1024
[  135.342938][ T8397] EXT4-fs: Ignoring removed orlov option
[  135.352014][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.353368][ T8397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.374629][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.374629][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.388823][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.388823][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.402387][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.402387][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.416032][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.416032][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.429564][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.429564][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.442870][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.442870][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.456318][ T8388] syz.3.1783: attempt to access beyond end of device
[  135.456318][ T8388] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  135.461837][ T8405] netlink: 'syz.1.1789': attribute type 1 has an invalid length.
[  135.671174][ T8415] loop3: detected capacity change from 0 to 512
[  135.684092][ T8415] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  135.751578][ T8416] lo speed is unknown, defaulting to 1000
[  135.762361][ T8419] loop4: detected capacity change from 0 to 512
[  135.770351][ T8415] EXT4-fs (loop3): 1 truncate cleaned up
[  135.784003][ T8416] lo speed is unknown, defaulting to 1000
[  135.790679][ T8416] lo speed is unknown, defaulting to 1000
[  135.796879][ T8416] lo speed is unknown, defaulting to 1000
[  135.822747][ T8419] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  135.831969][ T8415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.950499][ T8419] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.970026][ T8419] ext4 filesystem being mounted at /340/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.048458][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.061786][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.094891][   T29] kauditd_printk_skb: 1532 callbacks suppressed
[  136.094907][   T29] audit: type=1326 audit(1750376707.077:12693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.137372][   T29] audit: type=1326 audit(1750376707.117:12694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.137564][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.160989][   T29] audit: type=1326 audit(1750376707.117:12695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.193739][   T29] audit: type=1326 audit(1750376707.117:12696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.218952][   T29] audit: type=1326 audit(1750376707.207:12697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.266738][   T29] audit: type=1326 audit(1750376707.227:12698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.291005][   T29] audit: type=1326 audit(1750376707.227:12699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.314696][   T29] audit: type=1326 audit(1750376707.227:12700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.338245][   T29] audit: type=1326 audit(1750376707.227:12701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.362155][   T29] audit: type=1326 audit(1750376707.227:12702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8425 comm="syz.4.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf574ce929 code=0x7ffc0000
[  136.386879][ T8431] netlink: 'syz.4.1796': attribute type 1 has an invalid length.
[  136.411353][ T8433] xt_TPROXY: Can be used only with -p tcp or -p udp
[  136.504878][ T8445] loop2: detected capacity change from 0 to 1024
[  136.532485][ T8447] loop5: detected capacity change from 0 to 1024
[  136.555600][ T8445] EXT4-fs: inline encryption not supported
[  136.573454][ T8447] EXT4-fs: inline encryption not supported
[  136.578268][ T8445] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.585993][ T8445] ext4: Bad value for 'barrier'
[  136.588891][ T8447] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.619846][ T8445] loop2: detected capacity change from 0 to 1024
[  136.621370][ T8447] ext4: Bad value for 'barrier'
[  136.626919][ T8445] EXT4-fs: Ignoring removed orlov option
[  136.656608][ T8445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.707922][ T8447] loop5: detected capacity change from 0 to 1024
[  136.735381][ T8447] EXT4-fs: Ignoring removed orlov option
[  136.777887][ T8447] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.803311][ T8449] lo speed is unknown, defaulting to 1000
[  136.814878][ T8449] lo speed is unknown, defaulting to 1000
[  136.822207][ T8449] lo speed is unknown, defaulting to 1000
[  136.842281][ T8449] lo speed is unknown, defaulting to 1000
[  136.863921][ T8451] loop4: detected capacity change from 0 to 128
[  136.914103][ T8451] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  136.922047][ T8451] FAT-fs (loop4): Filesystem has been set read-only
[  136.964986][ T8447] ==================================================================
[  136.973128][ T8447] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read
[  136.979280][ T8451] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  136.981280][ T8447] 
[  136.981290][ T8447] write to 0xffff8881216c86a8 of 8 bytes by task 8460 on cpu 0:
[  136.981309][ T8447]  filemap_splice_read+0x47e/0x6b0
[  136.981340][ T8447]  ext4_file_splice_read+0x8f/0xb0
[  136.981359][ T8447]  splice_direct_to_actor+0x26c/0x680
[  137.014970][ T8447]  do_splice_direct+0xda/0x150
[  137.019864][ T8447]  do_sendfile+0x380/0x650
[  137.024299][ T8447]  __x64_sys_sendfile64+0x105/0x150
[  137.029649][ T8447]  x64_sys_call+0xb39/0x2fb0
[  137.034277][ T8447]  do_syscall_64+0xd2/0x200
[  137.038816][ T8447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.044757][ T8447] 
[  137.047106][ T8447] write to 0xffff8881216c86a8 of 8 bytes by task 8447 on cpu 1:
[  137.054861][ T8447]  filemap_splice_read+0x47e/0x6b0
[  137.060034][ T8447]  ext4_file_splice_read+0x8f/0xb0
[  137.065188][ T8447]  splice_direct_to_actor+0x26c/0x680
[  137.070601][ T8447]  do_splice_direct+0xda/0x150
[  137.075397][ T8447]  do_sendfile+0x380/0x650
[  137.079842][ T8447]  __x64_sys_sendfile64+0x105/0x150
[  137.085070][ T8447]  x64_sys_call+0xb39/0x2fb0
[  137.089684][ T8447]  do_syscall_64+0xd2/0x200
[  137.094219][ T8447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.100145][ T8447] 
[  137.102492][ T8447] value changed: 0x000000000000018b -> 0x000000000000018c
[  137.109625][ T8447] 
[  137.111976][ T8447] Reported by Kernel Concurrency Sanitizer on:
[  137.118153][ T8447] CPU: 1 UID: 0 PID: 8447 Comm: syz.5.1802 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(voluntary) 
[  137.130594][ T8447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.140661][ T8447] ==================================================================
[  137.771605][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.853486][ T7402] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.