last executing test programs:

3.619936526s ago: executing program 3 (id=3836):
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x18, 0x16, &(0x7f0000000280)=ANY=[], &(0x7f0000000ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
fchdir(0xffffffffffffffff)
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c00"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xfffffffffffffe54, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x14}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000a80)='qgroup_update_counters\x00', r2, 0x0, 0x10000}, 0x18)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="800000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="35e2000000000000600012800b000100697036746e6c00005000028008000100", @ANYRES32, @ANYBLOB="0800140000000000080008000a0000000500090089000000060010000d000000080008000c000000050009"], 0x80}}, 0x0)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYRES32=0x0, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x35, &(0x7f0000000540)=[{}], 0x8, 0x10, &(0x7f0000000a40), &(0x7f00000005c0), 0x8, 0xd2, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000206010200000000000000000500000005000100060000000d000300686173683a6e6574000000000900020073797a31000000000c00078008000640000000400500050002000000050004"], 0x54}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b00000000aced5b000000000000000000040000d8279b05df73ef1e7d8df64dfe91c1f80c4d1f6936af1f5dc3f0c41e5e041730584ec3c07f6e7d14c6701a5e10015d58b38057b196f1ce5840cdfdcb48a690ab509784e02de6a4d4980d67b6a96af6b489a60ef2c730513bf5a4c4d18b5d342ccafd55161f974f14e6ccc76cd3a97fdf938dba5aa42d604c9a9b91f6b8c1fcaf44028e8abae6de0c795b7fef54b39b50dfdc4dc4c0f2b7ad0df69b192b275078f24aa71db459ebbdf550dc8bc7c8f1386824dcacbe3129f61c46393d837fffc889fd9d04af9d2240e878c5463c81e17df768c39afbae4439c75cfc03e56afa23d8b25726fdc88a879f0af65a368ba92c", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000020000000000000000181100005cb5af4d183e46d0ccb69901d603634c2fbe27bf4f87ecfddc7d17c3fee5679c43c44e3ea5e872a62bca24c2d80ac343dfd59f0eb1e60379f3934df708e41acd04ec76f16e6a262f885118698e6c4a82e588df5c18c3dbc1ff0401dddd0d4426dc419f8e8d950c9d9092dbebe4c85ba9229a8fc8367bbff8d5b87c4d09", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet(r10, &(0x7f0000000700)={&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000680)=[{&(0x7f00000000c0)="81", 0x1}], 0x1}, 0x24000881)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x40, 0x0, 0x1, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@CTA_LABELS_MASK={0x2c, 0x17, [0x5, 0x3, 0xbc17, 0xfffffff7, 0xa41, 0x401c, 0xff, 0x80, 0x796, 0xf55d]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000014)
ioctl$AUTOFS_IOC_FAIL(r10, 0x9361, 0x4)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)
write$selinux_load(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)

3.402586544s ago: executing program 3 (id=3839):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0000}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
flistxattr(0xffffffffffffffff, 0x0, 0x2)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002200)=ANY=[], 0x250}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000805)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r4 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f00000001c0)={0x28, 0x0, 0x0, @hyper}, 0x10, 0x80800)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r4, 0x8008f513, &(0x7f0000000200))
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in6=@ipv4, @in=@dev={0xac, 0x14, 0x14, 0x27}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x4d3, 0x3c}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {0x2}, {}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x26}}, 0xf0}}, 0x0)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x1}, 0x8)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r7, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000340)="00000064c6ee84b46cd2525d13c96b5dbe1a8843", 0x14}], 0x1}}], 0x1, 0x0)

3.331816009s ago: executing program 2 (id=3843):
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x18, 0x16, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
fchdir(0xffffffffffffffff)
r0 = socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xfffffffffffffe54, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x14}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000a80)='qgroup_update_counters\x00', 0xffffffffffffffff, 0x0, 0x10000}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="800000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="35e2000000000000600012800b000100697036746e6c00005000028008000100", @ANYRES32, @ANYBLOB="0800140000000000080008000a0000000500090089000000060010000d000000080008000c000000050009"], 0x80}}, 0x0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="ffffffff00"/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x35, &(0x7f0000000540)=[{}], 0x8, 0x10, &(0x7f0000000a40), &(0x7f00000005c0), 0x8, 0xd2, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000206010200000000000000000500000005000100060000000d000300686173683a6e6574000000000900020073797a31000000000c00078008000640000000400500050002000000050004"], 0x54}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b00000000aced5b000000000000000000040000d8279b05df73ef1e7d8df64dfe91c1f80c4d1f6936af1f5dc3f0c41e5e041730584ec3c07f6e7d14c6701a5e10015d58b38057b196f1ce5840cdfdcb48a690ab509784e02de6a4d4980d67b6a96af6b489a60ef2c730513bf5a4c4d18b5d342ccafd55161f974f14e6ccc76cd3a97fdf938dba5aa42d604c9a9b91f6b8c1fcaf44028e8abae6de0c795b7fef54b39b50dfdc4dc4c0f2b7ad0df69b192b275078f24aa71db459ebbdf550dc8bc7c8f1386824dcacbe3129f61c46393d837fffc889fd9d04af9d2240e878c5463c81e17df768c39afbae4439c75cfc03e56afa23d8b25726fdc88a879f0af65a368ba92c", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000020000000000000000181100005cb5af4d183e46d0ccb69901d603634c2fbe27bf4f87ecfddc7d17c3fee5679c43c44e3ea5e872a62bca24c2d80ac343dfd59f0eb1e60379f3934df708e41acd04ec76f16e6a262f885118698e6c4a82e588df5c18c3dbc1ff0401dddd0d4426dc419f8e8d950c9d9092dbebe4c85ba9229a8fc8367bbff8d5b87c4d09", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet(r8, &(0x7f0000000700)={&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000680)=[{&(0x7f00000000c0)="81", 0x1}], 0x1}, 0x24000881)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x40, 0x0, 0x1, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@CTA_LABELS_MASK={0x2c, 0x17, [0x5, 0x3, 0xbc17, 0xfffffff7, 0xa41, 0x401c, 0xff, 0x80, 0x796, 0xf55d]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000014)
ioctl$AUTOFS_IOC_FAIL(r8, 0x9361, 0x4)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)
write$selinux_load(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)

3.277440944s ago: executing program 3 (id=3845):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580), 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000007000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0x4, &(0x7f0000000a00)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x65, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r6 = open_tree(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', 0x800)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r6, 0x65, 0x4, &(0x7f0000000900), 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, &(0x7f0000000980)=0x5, 0x2, 0x2)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$rds(r9, &(0x7f0000000880)={&(0x7f00000000c0)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10, &(0x7f0000000140)=[{&(0x7f00000018c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/185, 0xb9}, {&(0x7f00000028c0)=""/4096, 0x1000}, {&(0x7f0000000300)=""/116, 0x74}], 0x4, &(0x7f0000000700)=[@fadd={0x58, 0x114, 0x6, {{0x4, 0x6}, &(0x7f00000003c0), &(0x7f0000000400)=0xfffffffffffffffd, 0x84c, 0x5, 0x1, 0x1, 0x21, 0xc}}, @mask_cswp={0x58, 0x114, 0x9, {{0x6}, &(0x7f0000000440)=0x80000000, &(0x7f0000000480)=0x5a94, 0x8, 0x45000, 0x40, 0x1, 0x20, 0x4}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f00000004c0)=""/239, 0xef}, &(0x7f00000005c0), 0x4}}, @rdma_dest={0x18, 0x114, 0x2, {0x5, 0x9ac4}}], 0xf8, 0x44084}, 0x400c010)
sendmsg$IPVS_CMD_SET_INFO(r9, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r10 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000a00), 0x141220, 0x0)
getpeername$inet6(r10, &(0x7f0000000a40)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000a80)=0x1c)
ioctl$BTRFS_IOC_SET_FEATURES(r7, 0x40309439, &(0x7f0000000940)={0x1, 0x1, 0x9})
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000b40)={{0x1, 0x1, 0x18, <r12=>r5, {0x9}}, './bus\x00'})
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f00000039c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r13, &(0x7f0000003ac0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r14, @ANYBLOB="510843bd7000fddbdf251b000000070021006189dc"], 0x1c}}, 0x20000000)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r12, &(0x7f0000001280)={&(0x7f0000000b80), 0xc, &(0x7f0000001240)={&(0x7f0000001200)={0x14, r14, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4054}, 0x4000)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r11, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
creat(&(0x7f00000009c0)='./file0/file0\x00', 0x109)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x870bd2b, 0x10000, {0x0, 0x0, 0x0, r11, {0xc, 0xffff}, {0x0, 0xf}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8014}, 0x0)

2.759413616s ago: executing program 2 (id=3847):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000000)=0x4)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r5, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

2.670132843s ago: executing program 2 (id=3848):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000000906010300000000000000000100000a0c0007800800094000000004"], 0x44}, 0x1, 0x0, 0x0, 0x90}, 0x20000000)

2.493223187s ago: executing program 2 (id=3852):
r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@xdp, &(0x7f0000000080)=0x80, 0x800)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xb}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x4000)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240), 0x440000, 0x0)
write$selinux_user(r2, &(0x7f0000000280)={'system_u:object_r:usbtty_device_t:s0', 0x20, 'staff_u\x00'}, 0x2d)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r3=>r0, {<r4=>r0}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r2, <r5=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xd, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0xeb9, 0x0, 0x0, 0x0, 0x67}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @map_val={0x18, 0x1, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x101}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @alu={0x0, 0x1, 0x0, 0x6, 0x4, 0x50, 0x8}]}, &(0x7f0000000380)='GPL\x00', 0x9, 0xe7, &(0x7f00000003c0)=""/231, 0x41100, 0x4a, '\x00', 0x0, @fallback=0x2, r2, 0x8, &(0x7f00000004c0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x8, 0x9, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)=[r2, r2, r2, r2, 0xffffffffffffffff, r2, r5], 0x0, 0x10, 0x3}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r6, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r7, 0x400, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000850}, 0x40c0000)
semctl$GETZCNT(0x0, 0x3, 0xf, &(0x7f00000007c0)=""/252)
sendmsg$sock(r6, &(0x7f0000000b40)={&(0x7f00000008c0)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e23, 0x1}}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000940)="665ba88f7a850cd980f0a3ff4801f01073ee5f805d83379ad11dc582b1b3244b38cbb66220f6032ddbf8e96413f35e0aa652ebf1121132e80a4c72a61416a21b64593989a9cf95cb2ab6889a03510b13bab21de6946e9b03b76bb664ecbc303d23d8bf75c9648969fe8fcb7b3ceba976bef07caf403baf09559cdf1ca3f4e6116d7df06730303064f4327ac419e5d082adbd84b1e5ef2fc7d86f25497d7741af481c4ca4e01f369199b7ae92169cf4eaa95f7e63a3594e87727e78d4bea4946b1d65a4cd2b8d4c7492ecd545bcddba0c766dab2f8a63f8161d7b8cef1aae5b19180f24ed49f6dad6256bd3ad", 0xec}], 0x1, &(0x7f0000000a80)=[@timestamping={{0x14, 0x1, 0x25, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0xc}}, @timestamping={{0x14, 0x1, 0x25, 0xfffffffc}}], 0xc0}, 0x20040804)
ftruncate(r4, 0x2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000c00)={r3, &(0x7f0000000b80)="1f0a4c73fb4c9f56abd76be25d91c952cd257b7345fec1a7e0d394b3350b1cb006e17f17352cf05ace39483f", &(0x7f0000000bc0)=""/43}, 0x20)
ioctl$BTRFS_IOC_DEFRAG(r2, 0x50009402, 0x0)
r8 = creat(&(0x7f0000000c40)='./file0\x00', 0x100)
ioctl$EXT4_IOC_MIGRATE(r8, 0x6609)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000c80)='/sys/kernel/warn_count', 0x48100, 0x42)
sync()
chdir(&(0x7f0000000cc0)='./file0\x00')
sync()
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000d00)={0x1, 0x40, 0x0, 'queue0\x00', 0x1})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000dc0)={0x20000001})
syz_genetlink_get_family_id$team(&(0x7f0000000e00), r4)
sync()
fsconfig$FSCONFIG_SET_FD(r9, 0x5, &(0x7f0000000e40)='\x00', 0x0, r6)
sendmsg$NFT_BATCH(r0, &(0x7f0000001100)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000010c0)={&(0x7f0000000ec0)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x401, 0x0, 0x0, {0x6, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x19c, 0x8, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_RULE_EXPRESSIONS={0xb4, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xee}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xed}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}]}}}, {0x10, 0x1, 0x0, 0x1, @tproxy={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}, {0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xb}]}}}, {0x20, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0xa}]}}}, {0x10, 0x1, 0x0, 0x1, @socket={{0xb}, @void}}]}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT={0x34, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xf5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x29}, @NFTA_RULE_COMPAT_FLAGS={0x8}]}, @NFTA_RULE_EXPRESSIONS={0x8c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @socket={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x1f0}, 0x1, 0x0, 0x0, 0x4000}, 0x4044005)
cachestat(r6, &(0x7f0000001140)={0x2, 0x4}, &(0x7f0000001180), 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r3, 0x0, 0x48c, &(0x7f00000011c0)={0x0, 'wlan1\x00', 0x4}, 0x18)

2.349724829s ago: executing program 3 (id=3855):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

2.302538053s ago: executing program 2 (id=3856):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0x7000000)

1.97122368s ago: executing program 4 (id=3858):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000000)=0x4)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r5, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

1.881195427s ago: executing program 3 (id=3859):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0x6, 0x0, 0x1, 0xffffff80})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x2982, 0x0)
ioctl$TCSBRKP(r1, 0x5425, 0x4)
ppoll(&(0x7f0000000100)=[{r1, 0xf38fa597db41d6bb}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000000)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1.85231045s ago: executing program 1 (id=3860):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="80000000000000000000ffff0000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x2}, 0x18)
unshare(0x2c020600)
r2 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r2, &(0x7f0000000200)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x2, {0x4e23}}, 0x10, 0x0, 0x0, &(0x7f00000007c0)="7ed0067df370244eb9453ebd3d4ef9065118fbb5cbdbdb73518d2664f613314401e2fa460121b2e32d737d08", 0x2c}, 0x44)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='yeah\x00', 0x5)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x13, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="180040991934cc0fbcfea45fb7020fa3935d44b2760127440000a52f4edd55b3ba757031613f19dcddb09f781300000200000000007d4185153c57028942e4b10e5af17215a5e8cc7160bc5eb21761733f2769897605f8cabcb0b7420a6e8dde47a0ffccfe5aaeb426c655dbc684026a032b3bf71c8f340058e7c5af3206dc943175e169cf7d7c9b18e93f71c5afa360813d2bbfd7fb5cedbd9724a2ba800f2ceeb0c48a27767096fe7d7359735348cb64e0d9d009f661c505ffbe1da72a8cf2591be9c2af23a1adee6711a974940ef82a50740088a6a87d8e2659930ac9386f22401c05dd79e7922dab4333992c041e15fb5d35f0769228dc4b4f5de2674fe09131bdb35fbc3684c4cbfecb73000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES64=r0], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r4}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
r6 = fsopen(&(0x7f0000000100)='cramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r5, 0xffffffffffffffff, 0x0)

1.739714359s ago: executing program 4 (id=3861):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
lstat(&(0x7f0000000440)='./file0\x00', 0x0)

1.696665592s ago: executing program 4 (id=3862):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
open(&(0x7f0000000180)='./bus\x00', 0x14947e, 0x0)

1.568141263s ago: executing program 4 (id=3865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sendmsg$NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x7c, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "64946da8918f72a96b9c7199cdf0b9df"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "9686d82af12cc1448e40955d2cbe0734"}, @NL80211_ATTR_PMK={0x14, 0xfe, "69e60f5602273861fe66439d764d700a"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "65784be1a81829175021df9fbd2a0101"}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040000)
unshare(0x22020400)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

1.507259818s ago: executing program 4 (id=3867):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="09000000040700000004627bb2", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="010000000000000000000400"/27], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b000000000000"], 0x50)
prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0)
setreuid(0xee01, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
write$selinux_attr(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
unshare(0x2c020400)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

1.417897275s ago: executing program 2 (id=3868):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYRESHEX=0x0, @ANYRES32=r1, @ANYRESHEX=r1], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='kvm_fpu\x00', r2, 0x0, 0x5a4b}, 0x18)
socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
ioctl$sock_ifreq(r5, 0x8949, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x1c1202, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, &(0x7f0000000000))
shutdown(0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380000000314010029bd7000ffdbdf250900040073797a310000000008004100736977001400330076657468305f746f5f6272696467650051c827b83f3b86a3f30a5288957468cb7bb55c7517706b14a4fc1152b387658db34b3fc1c0b3d3c3079676026eaf2ccbe59b71902bac18edaef471f6bae41df6efaac7b96559a117ed76d11b82182096884b0baa2d24948b69d13b683a7fd90ac805581ac10191a54cccdcba95c63f0dc5f8c190ff2126f8"], 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)

984.48461ms ago: executing program 0 (id=3873):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x6}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8509}}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x458, &(0x7f0000000d80)="$eJzs3c9vFFUcAPDvzG7Lb1sVf4CgVTQSf7S0/Dx4wWjiQRMTPWA81bYQZKFKayKEKHrAoyHxbjya+Bd40otRTyZe9W5IiOECmpismdmZsi67pUsXtrifTzLw3s7bvvedmbf75r3dNoCBNZb9k0RsjojfImKkkf1vgbHGf9eunJv568q5mSTq9Tf+TPJyV6+cmymLls/b1MjU60V+XZt6L7wdMV2rzZ0u8hOLJ9+bWDhz9vnjJ6ePzR2bOzV16NC+vTuHD0zt70mcWVxXt380v2PbK29dfG3myMV3fvoma+/mYn9zHL0y1ji6bT3V68r6bEtTOqn2sSF0pRIR2ekayvv/SFRiw9K+kXj50742Drit6vV6vd37c+F8HfgfS6LfLQD6o3yjz+5/y+0ODT3WhMuHI94/2Ij/WrE19lQjLcoMtdzf9tJYRBw5//eX2Ra3aR4CAKDZd4cj4rl24780Hmwqd0+xhjIaEfdGxH0RcX9EbI2IByLysg9FxMNd1t+6QnLj+Ce9dEuBrVA2/nuhWNtaGv/9U8/jL4xWityWPP6h5Ojx2tye4pjsjqF1WX5ymTq+f+nXzzvtax7/ZVtWfzkWbEgvVVsm6GanF6dXGfaSy59EbK+2xJ9LolzGSSJiW0Rs7+onX7/DOP7M1zs6lbp5/MvowTpT/auIpxvn/3y0xF9KOq5PTh48MLV/Yn3U5vZMlFfFjX7+5cLrnepfVfw9kJ3/ja3Xf24p/tFkfcTCmbMn8vXahe7ruPD7Zx3vaW71+h9O3szTw8VjH04vLp6ejBhOXr3x8anrzy3zZfks/t272sWf5q9x5ZF4JCKyi3hnRDwaEY8VbX88Ip6IiF3LxP/ji0++2338y8zK91AW/+zNzn80n//uE5UTP3zbffyl7Pzvy1O7i0dW8vq30gau5tgBAADA3SLNPwOfpONL6TQdH298hn9rbExr8wuLzx6d/+DUbOOz8qMxlJYzXSNN86GTxdxwmZ9qye8t5o2/qGzI8+Mz87XZfgcPA25Th/6f+aPS79YBt53va8Hg0v9hcOn/MLj0fxhc+j8Mrnb9/+M+tAO487z/w+DS/2Fw6f8wuPR/GEgdvxufruor/2s1kYW8MYo/PbAG2nMXJyLt/lnVWCONv5sS1RX/MotbTKxru6vfr0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC98W8AAAD///we6rk=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

978.271481ms ago: executing program 1 (id=3874):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

944.698223ms ago: executing program 3 (id=3875):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000000906010300000000000000000100000a0c00078008000940000000040500010007570000080009e916e5f108"], 0x44}, 0x1, 0x0, 0x0, 0x90}, 0x20000000)

878.296699ms ago: executing program 1 (id=3876):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000003c0)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x6}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8509}}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x458, &(0x7f0000000d80)="$eJzs3c9vFFUcAPDvzG7Lb1sVf4CgVTQSf7S0/Dx4wWjiQRMTPWA81bYQZKFKayKEKHrAoyHxbjya+Bd40otRTyZe9W5IiOECmpismdmZsi67pUsXtrifTzLw3s7bvvedmbf75r3dNoCBNZb9k0RsjojfImKkkf1vgbHGf9eunJv568q5mSTq9Tf+TPJyV6+cmymLls/b1MjU60V+XZt6L7wdMV2rzZ0u8hOLJ9+bWDhz9vnjJ6ePzR2bOzV16NC+vTuHD0zt70mcWVxXt380v2PbK29dfG3myMV3fvoma+/mYn9zHL0y1ji6bT3V68r6bEtTOqn2sSF0pRIR2ekayvv/SFRiw9K+kXj50742Drit6vV6vd37c+F8HfgfS6LfLQD6o3yjz+5/y+0ODT3WhMuHI94/2Ij/WrE19lQjLcoMtdzf9tJYRBw5//eX2Ra3aR4CAKDZd4cj4rl24780Hmwqd0+xhjIaEfdGxH0RcX9EbI2IByLysg9FxMNd1t+6QnLj+Ce9dEuBrVA2/nuhWNtaGv/9U8/jL4xWityWPP6h5Ojx2tye4pjsjqF1WX5ymTq+f+nXzzvtax7/ZVtWfzkWbEgvVVsm6GanF6dXGfaSy59EbK+2xJ9LolzGSSJiW0Rs7+onX7/DOP7M1zs6lbp5/MvowTpT/auIpxvn/3y0xF9KOq5PTh48MLV/Yn3U5vZMlFfFjX7+5cLrnepfVfw9kJ3/ja3Xf24p/tFkfcTCmbMn8vXahe7ruPD7Zx3vaW71+h9O3szTw8VjH04vLp6ejBhOXr3x8anrzy3zZfks/t272sWf5q9x5ZF4JCKyi3hnRDwaEY8VbX88Ip6IiF3LxP/ji0++2338y8zK91AW/+zNzn80n//uE5UTP3zbffyl7Pzvy1O7i0dW8vq30gau5tgBAADA3SLNPwOfpONL6TQdH298hn9rbExr8wuLzx6d/+DUbOOz8qMxlJYzXSNN86GTxdxwmZ9qye8t5o2/qGzI8+Mz87XZfgcPA25Th/6f+aPS79YBt53va8Hg0v9hcOn/MLj0fxhc+j8Mrnb9/+M+tAO487z/w+DS/2Fw6f8wuPR/GEgdvxufruor/2s1kYW8MYo/PbAG2nMXJyLt/lnVWCONv5sS1RX/MotbTKxru6vfr0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC98W8AAAD///we6rk=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

693.294764ms ago: executing program 1 (id=3877):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xf, 0x4, 0x8, 0x4, 0x0, 0xffffffffffffffff, 0x400000}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r2}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r3, &(0x7f0000000040), 0x0}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r7, 0x8990, &(0x7f0000000000)={'bond0\x00', @ifru_names='ip6tnl0\x00'})
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r6, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000000000085000000a800000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r3, &(0x7f00000001c0)="8e4f8d24bee29e34516d4eb35a82eca119dcd027f349afd2aad2f45e54483d", &(0x7f0000000400)=""/93}, 0x20)
socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r11, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r10, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000b40)=@newtfilter={0x5d0, 0x2c, 0x800, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0xe, 0xd}, {0x2, 0xd}, {0x10, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0xad, 0x40}}, @filter_kind_options=@f_u32={{0x8}, {0x594, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'dummy0\x00'}, @TCA_U32_HASH={0x8, 0x2, 0x9}, @TCA_U32_SEL={0x564, 0x5, {0xd, 0x38, 0x55, 0x2, 0x8, 0x2209, 0x7de1, 0xfffffffc, [{0x9, 0x0, 0xfffff1af, 0x6}, {0x7, 0x3, 0x80000000, 0x8}, {0x1, 0x3, 0x7ac, 0x5}, {0x1000, 0x80000000, 0x0, 0xffff}, {0xdd96, 0x5, 0x4, 0x401}, {0x8000, 0x3809, 0xcca4de0, 0x1}, {0x0, 0x81, 0x9, 0xb}, {0x0, 0x40, 0xff, 0x4}, {0x1, 0x3, 0x2, 0x5d7d}, {0x10000, 0x40, 0x8, 0xd}, {0x0, 0x3, 0x5, 0x7}, {0x8, 0x4, 0xfffffffe, 0x400}, {0x3, 0x2, 0x8, 0x9}, {0x40, 0x0, 0x8000, 0x9}, {0xfffffffe, 0x0, 0x4f9, 0x8}, {0x4, 0x7, 0x9, 0x1}, {0xa0, 0x5, 0x8, 0x1}, {0x3, 0x50d6516d, 0x6, 0x9}, {0x6, 0x1, 0x8000, 0x6e19}, {0x3, 0x6, 0x9f, 0x5}, {0x7f, 0xc79, 0xf, 0x7}, {0xd90, 0x42, 0x80000, 0xffff}, {0x0, 0x6b5cc872, 0x1, 0x10000}, {0x4, 0x5, 0x1, 0x6}, {0x0, 0x4c, 0x8, 0x800}, {0xfff, 0xda25, 0x285b, 0x3}, {0x1ff, 0x40, 0xb, 0x2}, {0x8000, 0x7f, 0x9, 0x5}, {0x0, 0x400, 0x6, 0x6}, {0x5, 0x40, 0xeff, 0x9}, {0xfffffffa, 0x6, 0x80, 0x96}, {0xffffffbf, 0x800, 0xa0b8, 0xffffffb8}, {0x8, 0x2, 0x4, 0x2747}, {0x2, 0xa, 0x8001}, {0x9, 0x5, 0x3, 0x10001}, {0x5, 0x80000000, 0x0, 0x8}, {0xfffffff3, 0x6, 0x2bf5, 0x3ff}, {0x3, 0x200, 0x6, 0x8}, {0x4, 0x1, 0x10000}, {0x81, 0x6, 0x9, 0xfffffff8}, {0x2e5d, 0x10000, 0x6, 0x8}, {0x4, 0x7, 0x4d, 0x8000}, {0x5, 0x2f, 0x5, 0xf}, {0xe1, 0x7, 0x3, 0x3}, {0x9, 0x81, 0x3b82, 0xf196}, {0x4, 0x3, 0x2548, 0x3ff}, {0x3, 0x8, 0x0, 0x8}, {0xfffffffb, 0x50, 0xf, 0x5}, {0xb5, 0x0, 0x2, 0x8}, {0x200, 0x200, 0x1, 0x7}, {0x8, 0x2, 0xc1, 0xffff}, {0xfffffffe, 0x8001, 0x1000, 0x5}, {0xffffffff, 0x7, 0x1, 0x6}, {0x497f, 0x8000, 0x200000, 0x6}, {0x5, 0xeab6, 0x3ff, 0xc}, {0xfff, 0xfffffffc, 0xf8, 0x4}, {0x4, 0x3, 0x6, 0x9}, {0xffff7fff, 0x8, 0x2, 0x9d}, {0x7fff, 0x4, 0xfffffff7}, {0xff0, 0x400, 0x9, 0xfffffffd}, {0x8, 0x8, 0x4, 0x200}, {0x5, 0x7c, 0x5, 0xff}, {0x4, 0x8, 0x0, 0xfffffff9}, {0xffffffff, 0xeec, 0x1, 0x5}, {0x4, 0x3, 0x9, 0x5}, {0x4, 0x2a1e, 0x4, 0xe}, {0x7, 0xffffff14, 0x7, 0x2}, {0x4, 0xd, 0x6, 0xea}, {0xd, 0x7, 0x5, 0x6}, {0x5, 0x8, 0x10000, 0x80}, {0xffff, 0xfd3, 0xe, 0x5}, {0x6, 0x8, 0x9}, {0x1ff, 0x20f, 0x8, 0x64df}, {0x8, 0x5, 0x80000001, 0x6}, {0xfff, 0x7, 0x5}, {0x4, 0x1, 0x4, 0x5}, {0x7, 0xff, 0x7f, 0x4}, {0x8, 0x0, 0x5, 0x7fffffff}, {0x3, 0xa, 0x8, 0xc2}, {0x5, 0x6, 0x0, 0x3ff}, {0x6, 0x0, 0x4a, 0xfffffffa}, {0x7, 0x4, 0x0, 0x6}, {0x1, 0x80000001, 0x2, 0x6}, {0x6, 0xaf5, 0xc9, 0xf4b8}, {0x7, 0x9, 0x1, 0x7f}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0x10}}, @TCA_U32_DIVISOR={0x8, 0x4, 0x4b}]}}, @TCA_CHAIN={0x8, 0xb, 0x4}]}, 0x5d0}, 0x1, 0x0, 0x0, 0x84}, 0x4004010)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r9}, 0xc)

628.152439ms ago: executing program 4 (id=3878):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0x7000000)

605.302431ms ago: executing program 1 (id=3879):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sendmsg$NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x7c, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "64946da8918f72a96b9c7199cdf0b9df"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "9686d82af12cc1448e40955d2cbe0734"}, @NL80211_ATTR_PMK={0x14, 0xfe, "69e60f5602273861fe66439d764d700a"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "65784be1a81829175021df9fbd2a0101"}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040000)
unshare(0x22020400)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

587.163893ms ago: executing program 0 (id=3880):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r1])

511.405749ms ago: executing program 0 (id=3881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

482.290841ms ago: executing program 0 (id=3882):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x20, r1, 0xc4fc9e906872338b, 0x70bd2c, 0x0, {{0x5}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x4}]}, 0x20}}, 0x4c002)

457.338433ms ago: executing program 1 (id=3883):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="180100000000000000000000040000008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f0000001440)='syzkaller\x00', 0x5, 0xf1, &(0x7f0000000580)=""/241, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000009500000095000000000000008881c88f6fd6b50b74213b4dda23311bb43f9e26f736af488811eb192def0ac819099717056a5c11133b799126bd6ffcacbcdbda3edc0750ea5908da6547526768c8e2ecdf57400442"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x2c, 0x803, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000300)=ANY=[], 0x1b0)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x8, 0x2)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)

429.169375ms ago: executing program 0 (id=3884):
r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@xdp, &(0x7f0000000080)=0x80, 0x800)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xb}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x4000)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240), 0x440000, 0x0)
write$selinux_user(r2, &(0x7f0000000280)={'system_u:object_r:usbtty_device_t:s0', 0x20, 'staff_u\x00'}, 0x2d)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r3=>r0, {<r4=>r0}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r2, <r5=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xd, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0xeb9, 0x0, 0x0, 0x0, 0x67}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @map_val={0x18, 0x1, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x101}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @alu={0x0, 0x1, 0x0, 0x6, 0x4, 0x50, 0x8}]}, &(0x7f0000000380)='GPL\x00', 0x9, 0xe7, &(0x7f00000003c0)=""/231, 0x41100, 0x4a, '\x00', 0x0, @fallback=0x2, r2, 0x8, &(0x7f00000004c0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x8, 0x9, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)=[r2, r2, r2, r2, 0xffffffffffffffff, r2, r5], 0x0, 0x10, 0x3}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), r0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r6, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r7, 0x400, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000850}, 0x40c0000)
semctl$GETZCNT(0x0, 0x3, 0xf, &(0x7f00000007c0)=""/252)
sendmsg$sock(r6, &(0x7f0000000b40)={&(0x7f00000008c0)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e23, 0x1}}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000940)="665ba88f7a850cd980f0a3ff4801f01073ee5f805d83379ad11dc582b1b3244b38cbb66220f6032ddbf8e96413f35e0aa652ebf1121132e80a4c72a61416a21b64593989a9cf95cb2ab6889a03510b13bab21de6946e9b03b76bb664ecbc303d23d8bf75c9648969fe8fcb7b3ceba976bef07caf403baf09559cdf1ca3f4e6116d7df06730303064f4327ac419e5d082adbd84b1e5ef2fc7d86f25497d7741af481c4ca4e01f369199b7ae92169cf4eaa95f7e63a3594e87727e78d4bea4946b1d65a4cd2b8d4c7492ecd545bcddba0c766dab2f8a63f8161d7b8cef1aae5b19180f24ed49f6dad6256bd3ad", 0xec}], 0x1, &(0x7f0000000a80)=[@timestamping={{0x14, 0x1, 0x25, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0xc}}, @timestamping={{0x14, 0x1, 0x25, 0xfffffffc}}], 0xc0}, 0x20040804)
ftruncate(r4, 0x2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000c00)={r3, &(0x7f0000000b80)="1f0a4c73fb4c9f56abd76be25d91c952cd257b7345fec1a7e0d394b3350b1cb006e17f17352cf05ace39483f", &(0x7f0000000bc0)=""/43}, 0x20)
ioctl$BTRFS_IOC_DEFRAG(r2, 0x50009402, 0x0)
r8 = creat(&(0x7f0000000c40)='./file0\x00', 0x100)
ioctl$EXT4_IOC_MIGRATE(r8, 0x6609)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000c80)='/sys/kernel/warn_count', 0x48100, 0x42)
sync()
chdir(&(0x7f0000000cc0)='./file0\x00')
sync()
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000d00)={0x1, 0x40, 0x0, 'queue0\x00', 0x1})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000dc0)={0x20000001})
syz_genetlink_get_family_id$team(&(0x7f0000000e00), r4)
sync()
fsconfig$FSCONFIG_SET_FD(r9, 0x5, &(0x7f0000000e40)='\x00', 0x0, r6)
sendmsg$NFT_BATCH(r0, &(0x7f0000001100)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000010c0)={&(0x7f0000000ec0)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x401, 0x0, 0x0, {0x6, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x11c, 0x8, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_RULE_EXPRESSIONS={0xb4, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xee}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xed}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}]}}}, {0x10, 0x1, 0x0, 0x1, @tproxy={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}, {0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xb}]}}}, {0x20, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0xa}]}}}, {0x10, 0x1, 0x0, 0x1, @socket={{0xb}, @void}}]}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT={0x34, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xf5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x29}, @NFTA_RULE_COMPAT_FLAGS={0x8}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x170}, 0x1, 0x0, 0x0, 0x4000}, 0x4044005)
cachestat(r6, &(0x7f0000001140)={0x2, 0x4}, &(0x7f0000001180), 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r3, 0x0, 0x48c, &(0x7f00000011c0)={0x0, 'wlan1\x00', 0x4}, 0x18)

0s ago: executing program 0 (id=3885):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="80000000000000000000ffff0000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x2}, 0x18)
unshare(0x2c020600)
r2 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r2, &(0x7f0000000200)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x2, {0x4e23}}, 0x10, 0x0, 0x0, &(0x7f00000007c0)="7ed0067df370244eb9453ebd3d4ef9065118fbb5cbdbdb73518d2664f613314401e2fa460121b2e32d737d08", 0x2c}, 0x44)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='yeah\x00', 0x5)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x13, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="180040991934cc0fbcfea45fb7020fa3935d44b2760127440000a52f4edd55b3ba757031613f19dcddb09f781300000200000000007d4185153c57028942e4b10e5af17215a5e8cc7160bc5eb21761733f2769897605f8cabcb0b7420a6e8dde47a0ffccfe5aaeb426c655dbc684026a032b3bf71c8f340058e7c5af3206dc943175e169cf7d7c9b18e93f71c5afa360813d2bbfd7fb5cedbd9724a2ba800f2ceeb0c48a27767096fe7d7359735348cb64e0d9d009f661c505ffbe1da72a8cf2591be9c2af23a1adee6711a974940ef82a50740088a6a87d8e2659930ac9386f22401c05dd79e7922dab4333992c041e15fb5d35f0769228dc4b4f5de2674fe09131bdb35fbc3684c4cbfecb73000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES64=r0], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r5}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
r7 = fsopen(&(0x7f0000000100)='cramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
fchdir(r8)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r6, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

detected capacity change from 0 to 2048
[  274.605560][T13820]  loop2: p2 p3 p7
[  274.650335][T13825] loop1: detected capacity change from 0 to 8192
[  274.741195][T13830] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3496'.
[  274.809428][ T3726] udevd[3726]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  274.834621][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  274.861061][ T3725] udevd[3725]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  274.944886][T13845] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  274.975158][T13843] sch_fq: defrate 2 ignored.
[  274.980254][T13841] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3502'.
[  274.992220][T13844] loop1: detected capacity change from 0 to 1024
[  274.998907][T13844] EXT4-fs: Ignoring removed orlov option
[  275.050539][T13847] loop4: detected capacity change from 0 to 512
[  275.063615][T13847] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  275.094043][T13847] EXT4-fs (loop4): 1 truncate cleaned up
[  275.134113][T13845] syz.2.3499 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  275.264166][T13853] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  275.272707][T13853] SELinux: failed to load policy
[  275.384069][   T29] kauditd_printk_skb: 556 callbacks suppressed
[  275.384084][   T29] audit: type=1326 audit(1756066445.891:9154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.387093][T13861] loop2: detected capacity change from 0 to 256
[  275.400747][   T29] audit: type=1326 audit(1756066445.891:9155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff2dd9fd69f code=0x7ffc0000
[  275.444075][   T29] audit: type=1326 audit(1756066445.891:9156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.467600][   T29] audit: type=1326 audit(1756066445.891:9157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.491188][   T29] audit: type=1326 audit(1756066445.891:9158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.515567][   T29] audit: type=1326 audit(1756066445.891:9159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.539404][   T29] audit: type=1326 audit(1756066445.891:9160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.562921][   T29] audit: type=1326 audit(1756066445.891:9161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff2dd9febe9 code=0x7ffc0000
[  275.586387][   T29] audit: type=1326 audit(1756066445.891:9162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff2dd9fec23 code=0x7ffc0000
[  275.609837][   T29] audit: type=1326 audit(1756066445.891:9163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13860 comm="syz.2.3508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff2dd9fd69f code=0x7ffc0000
[  275.656003][T13836] syz.1.3500 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  275.670198][T13836] CPU: 1 UID: 0 PID: 13836 Comm: syz.1.3500 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  275.670308][T13836] Tainted: [W]=WARN
[  275.670315][T13836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  275.670326][T13836] Call Trace:
[  275.670333][T13836]  <TASK>
[  275.670340][T13836]  __dump_stack+0x1d/0x30
[  275.670440][T13836]  dump_stack_lvl+0xe8/0x140
[  275.670521][T13836]  dump_stack+0x15/0x1b
[  275.670539][T13836]  dump_header+0x81/0x220
[  275.670573][T13836]  oom_kill_process+0x342/0x400
[  275.670647][T13836]  out_of_memory+0x979/0xb80
[  275.670677][T13836]  try_charge_memcg+0x5e6/0x9e0
[  275.670702][T13836]  obj_cgroup_charge_pages+0xa6/0x150
[  275.670791][T13836]  __memcg_kmem_charge_page+0x9f/0x170
[  275.670818][T13836]  __alloc_frozen_pages_noprof+0x188/0x360
[  275.670850][T13836]  alloc_pages_mpol+0xb3/0x250
[  275.670984][T13836]  alloc_pages_noprof+0x90/0x130
[  275.671074][T13836]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  275.671112][T13836]  __kvmalloc_node_noprof+0x30f/0x4e0
[  275.671205][T13836]  ? ip_set_alloc+0x1f/0x30
[  275.671232][T13836]  ? ip_set_alloc+0x1f/0x30
[  275.671398][T13836]  ? __kmalloc_cache_noprof+0x189/0x320
[  275.671428][T13836]  ip_set_alloc+0x1f/0x30
[  275.671464][T13836]  hash_netiface_create+0x282/0x740
[  275.671563][T13836]  ? __pfx_hash_netiface_create+0x10/0x10
[  275.671591][T13836]  ip_set_create+0x3cc/0x960
[  275.671615][T13836]  ? __nla_parse+0x40/0x60
[  275.671715][T13836]  nfnetlink_rcv_msg+0x4c3/0x590
[  275.671758][T13836]  netlink_rcv_skb+0x123/0x220
[  275.671776][T13836]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  275.671807][T13836]  nfnetlink_rcv+0x16b/0x1690
[  275.671872][T13836]  ? nlmon_xmit+0x4f/0x60
[  275.671896][T13836]  ? consume_skb+0x49/0x150
[  275.671912][T13836]  ? nlmon_xmit+0x4f/0x60
[  275.671936][T13836]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  275.672000][T13836]  ? __dev_queue_xmit+0x1200/0x2000
[  275.672024][T13836]  ? __dev_queue_xmit+0x182/0x2000
[  275.672047][T13836]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  275.672075][T13836]  ? ref_tracker_free+0x37d/0x3e0
[  275.672126][T13836]  ? __netlink_deliver_tap+0x4dc/0x500
[  275.672149][T13836]  netlink_unicast+0x5bd/0x690
[  275.672183][T13836]  netlink_sendmsg+0x58b/0x6b0
[  275.672273][T13836]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.672355][T13836]  __sock_sendmsg+0x145/0x180
[  275.672384][T13836]  ____sys_sendmsg+0x31e/0x4e0
[  275.672405][T13836]  ___sys_sendmsg+0x17b/0x1d0
[  275.672484][T13836]  __x64_sys_sendmsg+0xd4/0x160
[  275.672513][T13836]  x64_sys_call+0x191e/0x2ff0
[  275.672533][T13836]  do_syscall_64+0xd2/0x200
[  275.672582][T13836]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  275.672613][T13836]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  275.672634][T13836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.672657][T13836] RIP: 0033:0x7f7b1b2aebe9
[  275.672673][T13836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.672776][T13836] RSP: 002b:00007f7b19d17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  275.672793][T13836] RAX: ffffffffffffffda RBX: 00007f7b1b4d5fa0 RCX: 00007f7b1b2aebe9
[  275.672807][T13836] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000007
[  275.672821][T13836] RBP: 00007f7b1b331e19 R08: 0000000000000000 R09: 0000000000000000
[  275.672909][T13836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  275.672920][T13836] R13: 00007f7b1b4d6038 R14: 00007f7b1b4d5fa0 R15: 00007ffc1d3f2048
[  275.672937][T13836]  </TASK>
[  275.678947][T13863] loop2: detected capacity change from 0 to 1024
[  275.684572][T13836] memory: usage 307200kB, limit 307200kB, failcnt 340
[  275.730275][T13865] tmpfs: Bad value for 'mpol'
[  275.731546][T13836] memory+swap: usage 307908kB, limit 9007199254740988kB, failcnt 0
[  275.756785][T13865] loop4: detected capacity change from 0 to 512
[  275.757861][T13836] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  275.757875][T13836] Memory cgroup stats for /syz1:
[  276.068839][T13863] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3509'.
[  276.078071][T13836] cache 4096
[  276.086030][T13836] rss 0
[  276.088784][T13836] shmem 0
[  276.090272][T13865] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  276.091740][T13836] mapped_file 0
[  276.091748][T13836] dirty 0
[  276.091756][T13836] writeback 0
[  276.091763][T13836] workingset_refault_anon 112
[  276.091770][T13836] workingset_refault_file 1152
[  276.106193][T13865] EXT4-fs (loop4): shut down requested (0)
[  276.108396][T13836] swap 724992
[  276.108482][T13836] swapcached 4096
[  276.124782][T13870] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3509'.
[  276.127110][T13836] pgpgin 218211
[  276.138423][T13863] 8021q: adding VLAN 0 to HW filter on device bond1
[  276.143046][T13836] pgpgout 218208
[  276.143057][T13836] pgfault 226964
[  276.143131][T13836] pgmajfault 85
[  276.143138][T13836] inactive_anon 0
[  276.143146][T13836] active_anon 4096
[  276.143153][T13836] inactive_file 0
[  276.143161][T13836] active_file 8192
[  276.143168][T13836] unevictable 0
[  276.143175][T13836] hierarchical_memory_limit 314572800
[  276.143184][T13836] hierarchical_memsw_limit 9223372036854771712
[  276.194220][T13836] total_cache 4096
[  276.197933][T13836] total_rss 0
[  276.201353][T13836] total_shmem 0
[  276.204815][T13836] total_mapped_file 0
[  276.208793][T13836] total_dirty 0
[  276.212262][T13836] total_writeback 0
[  276.216207][T13836] total_workingset_refault_anon 112
[  276.221446][T13836] total_workingset_refault_file 1152
[  276.226714][T13836] total_swap 724992
[  276.230500][T13836] total_swapcached 4096
[  276.234759][T13836] total_pgpgin 218211
[  276.238724][T13836] total_pgpgout 218208
[  276.242787][T13836] total_pgfault 226964
[  276.246838][T13836] total_pgmajfault 85
[  276.250843][T13836] total_inactive_anon 0
[  276.254990][T13836] total_active_anon 4096
[  276.259223][T13836] total_inactive_file 0
[  276.263411][T13836] total_active_file 8192
[  276.267637][T13836] total_unevictable 0
[  276.271634][T13836] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3500,pid=13835,uid=0
[  276.286280][T13836] Memory cgroup out of memory: Killed process 13835 (syz.1.3500) total-vm:95808kB, anon-rss:1072kB, file-rss:22448kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  276.307503][T13870] bond1 (unregistering): Released all slaves
[  276.438154][T13877] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3512'.
[  276.547749][T13882] loop4: detected capacity change from 0 to 512
[  276.593768][T13882] EXT4-fs (loop4): too many log groups per flexible block group
[  276.593847][T13886] 9pnet_fd: Insufficient options for proto=fd
[  276.601580][T13882] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  276.614851][T13882] EXT4-fs (loop4): mount failed
[  276.633545][T13836] syz.1.3500 (13836) used greatest stack depth: 6216 bytes left
[  276.706480][T13893] loop2: detected capacity change from 0 to 1024
[  276.790560][T13813] Set syz1 is full, maxelem 65536 reached
[  276.840356][T13898] loop1: detected capacity change from 0 to 512
[  276.923237][T13898] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.958692][T13893] lo speed is unknown, defaulting to 1000
[  277.267466][T13909] loop1: detected capacity change from 0 to 2048
[  277.295674][T13909] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.3522: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  277.313865][T13909] EXT4-fs (loop1): Remounting filesystem read-only
[  277.424232][T13849] Set syz1 is full, maxelem 65536 reached
[  277.471700][T13915] loop1: detected capacity change from 0 to 512
[  277.481170][T13915] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  277.514753][T13915] EXT4-fs (loop1): 1 truncate cleaned up
[  277.561592][T13922] 9pnet_fd: Insufficient options for proto=fd
[  277.808819][T13940] loop1: detected capacity change from 0 to 1024
[  277.831755][T13940] EXT4-fs: Ignoring removed orlov option
[  278.068749][T13947] lo speed is unknown, defaulting to 1000
[  278.377318][T13953] sch_fq: defrate 4294967295 ignored.
[  278.512200][   T30] kworker/u8:1 invoked oom-killer: gfp_mask=0x100c0a(GFP_NOIO|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_HARDWALL), order=0, oom_score_adj=0
[  278.525918][   T30] CPU: 0 UID: 0 PID: 30 Comm: kworker/u8:1 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  278.525952][   T30] Tainted: [W]=WARN
[  278.525959][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  278.526020][   T30] Workqueue: loop1 loop_rootcg_workfn
[  278.526052][   T30] Call Trace:
[  278.526058][   T30]  <TASK>
[  278.526065][   T30]  __dump_stack+0x1d/0x30
[  278.526082][   T30]  dump_stack_lvl+0xe8/0x140
[  278.526102][   T30]  dump_stack+0x15/0x1b
[  278.526119][   T30]  dump_header+0x81/0x220
[  278.526203][   T30]  oom_kill_process+0x342/0x400
[  278.526289][   T30]  out_of_memory+0x979/0xb80
[  278.526335][   T30]  try_charge_memcg+0x5e6/0x9e0
[  278.526364][   T30]  charge_memcg+0x51/0xc0
[  278.526382][   T30]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  278.526405][   T30]  __read_swap_cache_async+0x1df/0x350
[  278.526433][   T30]  swap_cluster_readahead+0x376/0x3e0
[  278.526524][   T30]  shmem_swapin_folio+0xa2f/0x13e0
[  278.526574][   T30]  ? xas_load+0x413/0x430
[  278.526623][   T30]  shmem_get_folio_gfp+0x26c/0xd60
[  278.526652][   T30]  ? probe_sched_wakeup+0x85/0xa0
[  278.526674][   T30]  shmem_write_begin+0xa8/0x190
[  278.526695][   T30]  generic_perform_write+0x184/0x490
[  278.526794][   T30]  shmem_file_write_iter+0xc5/0xf0
[  278.526819][   T30]  lo_rw_aio+0x69d/0x760
[  278.526852][   T30]  loop_process_work+0x52d/0xa60
[  278.526979][   T30]  ? probe_sched_wakeup+0x85/0xa0
[  278.526998][   T30]  ? ttwu_do_activate+0x1d0/0x210
[  278.527021][   T30]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  278.527108][   T30]  ? try_to_wake_up+0x3e7/0x630
[  278.527132][   T30]  loop_rootcg_workfn+0x22/0x30
[  278.527226][   T30]  process_scheduled_works+0x4ce/0x9d0
[  278.527254][   T30]  worker_thread+0x582/0x770
[  278.527281][   T30]  kthread+0x486/0x510
[  278.527336][   T30]  ? finish_task_switch+0xad/0x2b0
[  278.527351][   T30]  ? __pfx_worker_thread+0x10/0x10
[  278.527393][   T30]  ? __pfx_kthread+0x10/0x10
[  278.527413][   T30]  ret_from_fork+0xda/0x150
[  278.527485][   T30]  ? __pfx_kthread+0x10/0x10
[  278.527576][   T30]  ret_from_fork_asm+0x1a/0x30
[  278.527597][   T30]  </TASK>
[  278.527604][   T30] memory: usage 307200kB, limit 307200kB, failcnt 802
[  278.741185][   T30] memory+swap: usage 307912kB, limit 9007199254740988kB, failcnt 0
[  278.749102][   T30] kmem: usage 307052kB, limit 9007199254740988kB, failcnt 0
[  278.756469][   T30] Memory cgroup stats for /syz1:
[  278.759972][   T30] cache 147456
[  278.768467][   T30] rss 0
[  278.771341][   T30] shmem 0
[  278.774564][   T30] mapped_file 0
[  278.778028][   T30] dirty 0
[  278.781057][   T30] writeback 8192
[  278.784583][   T30] workingset_refault_anon 238
[  278.789236][   T30] workingset_refault_file 1574
[  278.794020][   T30] swap 729088
[  278.797294][   T30] swapcached 0
[  278.800676][   T30] pgpgin 219637
[  278.804120][   T30] pgpgout 219600
[  278.807674][   T30] pgfault 228190
[  278.811305][   T30] pgmajfault 160
[  278.814863][   T30] inactive_anon 0
[  278.818479][   T30] active_anon 0
[  278.821976][   T30] inactive_file 151552
[  278.826041][   T30] active_file 0
[  278.829487][   T30] unevictable 0
[  278.832944][   T30] hierarchical_memory_limit 314572800
[  278.838299][   T30] hierarchical_memsw_limit 9223372036854771712
[  278.844472][   T30] total_cache 147456
[  278.848355][   T30] total_rss 0
[  278.851678][   T30] total_shmem 0
[  278.855125][   T30] total_mapped_file 0
[  278.859086][   T30] total_dirty 0
[  278.862574][   T30] total_writeback 8192
[  278.866624][   T30] total_workingset_refault_anon 238
[  278.871858][   T30] total_workingset_refault_file 1574
[  278.877128][   T30] total_swap 729088
[  278.880952][   T30] total_swapcached 0
[  278.884864][   T30] total_pgpgin 219637
[  278.888853][   T30] total_pgpgout 219600
[  278.892969][   T30] total_pgfault 228190
[  278.897031][   T30] total_pgmajfault 160
[  278.901151][   T30] total_inactive_anon 0
[  278.905302][   T30] total_active_anon 0
[  278.909270][   T30] total_inactive_file 151552
[  278.913937][   T30] total_active_file 0
[  278.917913][   T30] total_unevictable 0
[  278.921913][   T30] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3530,pid=13932,uid=0
[  278.936706][   T30] Memory cgroup out of memory: Killed process 13932 (syz.1.3530) total-vm:93760kB, anon-rss:1072kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  279.013284][T13956] __nla_validate_parse: 11 callbacks suppressed
[  279.013299][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  279.033430][T13963] loop4: detected capacity change from 0 to 512
[  279.051340][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  279.060686][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  279.070175][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  279.079575][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  279.090115][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  279.109930][T13963] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.3541: casefold flag without casefold feature
[  279.152240][T13963] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3541: couldn't read orphan inode 15 (err -117)
[  279.167020][T13963] EXT4-fs mount: 28 callbacks suppressed
[  279.167035][T13963] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.291886][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.416849][T13977] loop4: detected capacity change from 0 to 512
[  279.426958][T13977] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  279.448006][T13977] EXT4-fs (loop4): 1 truncate cleaned up
[  279.470118][T13977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.489094][T13979] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  279.499888][T13000] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.517094][T13979] SELinux: failed to load policy
[  279.542112][T13984] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3550'.
[  279.624479][T13990] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3552'.
[  279.704556][T13984] loop3: detected capacity change from 0 to 8192
[  279.743939][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.753436][ T3503]  loop3: p1 p2 p4
[  279.757260][ T3503] loop3: p1 size 65536 extends beyond EOD, truncated
[  279.766136][ T3503] loop3: p2 start 861536256 is beyond EOD, truncated
[  279.772854][ T3503] loop3: p4 size 65536 extends beyond EOD, truncated
[  279.798245][T13996] loop1: detected capacity change from 0 to 512
[  279.806241][T13996] msdos: Unknown parameter 'errrs'
[  279.868504][T13984]  loop3: p1 p2 p4
[  279.868829][T14004] siw: device registration error -23
[  279.872549][T13984] loop3: p1 size 65536 extends beyond EOD, truncated
[  279.940724][T13984] loop3: p2 start 861536256 is beyond EOD, truncated
[  279.947510][T13984] loop3: p4 size 65536 extends beyond EOD, truncated
[  280.002992][T14017] loop1: detected capacity change from 0 to 512
[  280.060329][T14017] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm +}[@: invalid block
[  280.106720][T14023] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3564'.
[  280.262896][T14026] sch_fq: defrate 4294967295 ignored.
[  280.289551][T14017] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm +}[@: invalid indirect mapped block 4294967295 (level 1)
[  280.308154][T14017] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm +}[@: invalid indirect mapped block 4294967295 (level 1)
[  280.334064][T14032] loop3: detected capacity change from 0 to 256
[  280.349085][T14017] EXT4-fs (loop1): 2 truncates cleaned up
[  280.363228][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  280.370599][T14017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.374422][ T3725] udevd[3725]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  280.403131][   T29] kauditd_printk_skb: 122 callbacks suppressed
[  280.403195][   T29] audit: type=1326 audit(1756066450.911:9286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.478485][T14017] FAULT_INJECTION: forcing a failure.
[  280.478485][T14017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.491781][T14017] CPU: 1 UID: 0 PID: 14017 Comm: +}[@ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  280.491818][T14017] Tainted: [W]=WARN
[  280.491824][T14017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  280.491836][T14017] Call Trace:
[  280.491845][T14017]  <TASK>
[  280.491853][T14017]  __dump_stack+0x1d/0x30
[  280.491871][T14017]  dump_stack_lvl+0xe8/0x140
[  280.491923][T14017]  dump_stack+0x15/0x1b
[  280.491940][T14017]  should_fail_ex+0x265/0x280
[  280.491962][T14017]  should_fail+0xb/0x20
[  280.491980][T14017]  should_fail_usercopy+0x1a/0x20
[  280.492072][T14017]  _copy_from_user+0x1c/0xb0
[  280.492100][T14017]  ext4_ioctl+0x718/0x2080
[  280.492199][T14017]  ? __pfx_ext4_ioctl+0x10/0x10
[  280.492234][T14017]  __se_sys_ioctl+0xce/0x140
[  280.492250][T14017]  __x64_sys_ioctl+0x43/0x50
[  280.492281][T14017]  x64_sys_call+0x1816/0x2ff0
[  280.492302][T14017]  do_syscall_64+0xd2/0x200
[  280.492398][T14017]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  280.492418][T14017]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  280.492439][T14017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.492461][T14017] RIP: 0033:0x7f7b1b2aebe9
[  280.492553][T14017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.492567][T14017] RSP: 002b:00007f7b19d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  280.492586][T14017] RAX: ffffffffffffffda RBX: 00007f7b1b4d5fa0 RCX: 00007f7b1b2aebe9
[  280.492597][T14017] RDX: 0000200000000e00 RSI: 00000000c0c0583b RDI: 0000000000000006
[  280.492608][T14017] RBP: 00007f7b19d17090 R08: 0000000000000000 R09: 0000000000000000
[  280.492618][T14017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.492648][T14017] R13: 00007f7b1b4d6038 R14: 00007f7b1b4d5fa0 R15: 00007ffc1d3f2048
[  280.492665][T14017]  </TASK>
[  280.495064][   T29] audit: type=1326 audit(1756066450.951:9287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.702430][   T29] audit: type=1326 audit(1756066450.951:9288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.716056][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  280.726104][   T29] audit: type=1326 audit(1756066450.951:9289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.759298][   T29] audit: type=1326 audit(1756066450.951:9290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.762882][ T3725] udevd[3725]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  280.782821][   T29] audit: type=1326 audit(1756066450.951:9291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.782851][   T29] audit: type=1326 audit(1756066450.951:9292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.839597][   T29] audit: type=1326 audit(1756066450.951:9293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.863033][   T29] audit: type=1326 audit(1756066450.951:9294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.886579][   T29] audit: type=1326 audit(1756066450.951:9295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14034 comm="syz.3.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  280.927179][T13000] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.016268][T14043] syz_tun: entered allmulticast mode
[  281.028801][T14047] loop3: detected capacity change from 0 to 512
[  281.097609][T14049] syz_tun: entered allmulticast mode
[  281.112141][T14049] FAULT_INJECTION: forcing a failure.
[  281.112141][T14049] name failslab, interval 1, probability 0, space 0, times 0
[  281.124916][T14049] CPU: 0 UID: 0 PID: 14049 Comm: syz.4.3574 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  281.124946][T14049] Tainted: [W]=WARN
[  281.124952][T14049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  281.124961][T14049] Call Trace:
[  281.124966][T14049]  <TASK>
[  281.124973][T14049]  __dump_stack+0x1d/0x30
[  281.124990][T14049]  dump_stack_lvl+0xe8/0x140
[  281.125006][T14049]  dump_stack+0x15/0x1b
[  281.125127][T14049]  should_fail_ex+0x265/0x280
[  281.125144][T14049]  should_failslab+0x8c/0xb0
[  281.125164][T14049]  kmem_cache_alloc_noprof+0x50/0x310
[  281.125266][T14049]  ? getname_flags+0x80/0x3b0
[  281.125368][T14049]  getname_flags+0x80/0x3b0
[  281.125390][T14049]  do_sys_openat2+0x60/0x110
[  281.125415][T14049]  __x64_sys_openat+0xf2/0x120
[  281.125496][T14049]  x64_sys_call+0x2e9c/0x2ff0
[  281.125514][T14049]  do_syscall_64+0xd2/0x200
[  281.125535][T14049]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  281.125555][T14049]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  281.125604][T14049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.125622][T14049] RIP: 0033:0x7f33c597d550
[  281.125635][T14049] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  281.125650][T14049] RSP: 002b:00007f33c43deb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  281.125733][T14049] RAX: ffffffffffffffda RBX: 0000000000022081 RCX: 00007f33c597d550
[  281.125769][T14049] RDX: 0000000000022081 RSI: 00007f33c43dec10 RDI: 00000000ffffff9c
[  281.125844][T14049] RBP: 00007f33c43dec10 R08: 0000000000000000 R09: 002367732f766564
[  281.125855][T14049] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  281.125865][T14049] R13: 00007f33c5ba6038 R14: 00007f33c5ba5fa0 R15: 00007ffed19ad768
[  281.125879][T14049]  </TASK>
[  281.127245][T14053] loop3: detected capacity change from 0 to 2048
[  281.244185][T14057] loop1: detected capacity change from 0 to 128
[  281.320792][T14048] syz_tun: left allmulticast mode
[  281.336016][T14057] FAT-fs (loop1): Directory bread(block 32) failed
[  281.346065][T14057] FAT-fs (loop1): Directory bread(block 33) failed
[  281.356812][T14057] FAT-fs (loop1): Directory bread(block 34) failed
[  281.363916][T14053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.368941][T14057] FAT-fs (loop1): Directory bread(block 35) failed
[  281.384106][T14053] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.3575: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  281.390763][T14057] FAT-fs (loop1): Directory bread(block 36) failed
[  281.417696][T14062] loop4: detected capacity change from 0 to 256
[  281.419730][T14057] FAT-fs (loop1): Directory bread(block 37) failed
[  281.424514][T14053] EXT4-fs (loop3): Remounting filesystem read-only
[  281.430800][T14057] FAT-fs (loop1): Directory bread(block 38) failed
[  281.443745][T14057] FAT-fs (loop1): Directory bread(block 39) failed
[  281.450270][T14057] FAT-fs (loop1): Directory bread(block 40) failed
[  281.456881][T14057] FAT-fs (loop1): Directory bread(block 41) failed
[  281.483089][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.539407][T14057] bio_check_eod: 5558 callbacks suppressed
[  281.539472][T14057] syz.1.3577: attempt to access beyond end of device
[  281.539472][T14057] loop1: rw=0, sector=4112, nr_sectors = 4 limit=128
[  281.542100][T14071] loop2: detected capacity change from 0 to 512
[  281.545348][T14057] buffer_io_error: 5558 callbacks suppressed
[  281.545362][T14057] Buffer I/O error on dev loop1, logical block 1028, async page read
[  281.589643][T14075] loop4: detected capacity change from 0 to 512
[  281.596219][T14057] syz.1.3577: attempt to access beyond end of device
[  281.596219][T14057] loop1: rw=0, sector=167964, nr_sectors = 4 limit=128
[  281.609683][T14057] Buffer I/O error on dev loop1, logical block 41991, async page read
[  281.617887][T14057] FAT-fs (loop1): Filesystem has been set read-only
[  281.627783][T14057] syz.1.3577: attempt to access beyond end of device
[  281.627783][T14057] loop1: rw=0, sector=4112, nr_sectors = 4 limit=128
[  281.634772][T14076] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3580'.
[  281.641110][T14057] Buffer I/O error on dev loop1, logical block 1028, async page read
[  281.661176][T14057] syz.1.3577: attempt to access beyond end of device
[  281.661176][T14057] loop1: rw=0, sector=167964, nr_sectors = 4 limit=128
[  281.674875][T14057] Buffer I/O error on dev loop1, logical block 41991, async page read
[  281.696511][T14075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.710859][T14075] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.781945][T14089] FAULT_INJECTION: forcing a failure.
[  281.781945][T14089] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.795048][T14089] CPU: 1 UID: 0 PID: 14089 Comm: syz.1.3589 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  281.795152][T14089] Tainted: [W]=WARN
[  281.795159][T14089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  281.795170][T14089] Call Trace:
[  281.795175][T14089]  <TASK>
[  281.795183][T14089]  __dump_stack+0x1d/0x30
[  281.795203][T14089]  dump_stack_lvl+0xe8/0x140
[  281.795219][T14089]  dump_stack+0x15/0x1b
[  281.795273][T14089]  should_fail_ex+0x265/0x280
[  281.795291][T14089]  should_fail+0xb/0x20
[  281.795306][T14089]  should_fail_usercopy+0x1a/0x20
[  281.795386][T14089]  _copy_to_user+0x20/0xa0
[  281.795465][T14089]  simple_read_from_buffer+0xb5/0x130
[  281.795545][T14089]  proc_fail_nth_read+0x10e/0x150
[  281.795604][T14089]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  281.795630][T14089]  vfs_read+0x1a8/0x770
[  281.795654][T14089]  ? do_fcntl+0x5dd/0xdf0
[  281.795715][T14089]  ? selinux_file_fcntl+0x1cb/0x1e0
[  281.795747][T14089]  ksys_read+0xda/0x1a0
[  281.795770][T14089]  __x64_sys_read+0x40/0x50
[  281.795798][T14089]  x64_sys_call+0x27bc/0x2ff0
[  281.795853][T14089]  do_syscall_64+0xd2/0x200
[  281.795881][T14089]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  281.795973][T14089]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  281.795999][T14089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.796098][T14089] RIP: 0033:0x7f7b1b2ad5fc
[  281.796114][T14089] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  281.796131][T14089] RSP: 002b:00007f7b19d17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  281.796152][T14089] RAX: ffffffffffffffda RBX: 00007f7b1b4d5fa0 RCX: 00007f7b1b2ad5fc
[  281.796166][T14089] RDX: 000000000000000f RSI: 00007f7b19d170a0 RDI: 0000000000000004
[  281.796229][T14089] RBP: 00007f7b19d17090 R08: 0000000000000000 R09: 0000000000000000
[  281.796242][T14089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.796256][T14089] R13: 00007f7b1b4d6038 R14: 00007f7b1b4d5fa0 R15: 00007ffc1d3f2048
[  281.796274][T14089]  </TASK>
[  281.798065][T14042] syz_tun: left allmulticast mode
[  281.940341][T14093] loop2: detected capacity change from 0 to 2048
[  281.961910][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.008754][T14094] loop3: detected capacity change from 0 to 512
[  282.041853][T14097] loop1: detected capacity change from 0 to 512
[  282.067977][T14097] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  282.081119][T14100] loop4: detected capacity change from 0 to 512
[  282.088307][T14100] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  282.101480][T14097] EXT4-fs (loop1): 1 truncate cleaned up
[  282.106774][T14100] EXT4-fs (loop4): 1 truncate cleaned up
[  282.112647][T14097] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.120373][T14100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.127445][T14093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.170873][T14093] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3591: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  282.170994][T14094] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3590: Failed to acquire dquot type 1
[  282.199388][T14094] EXT4-fs (loop3): 1 truncate cleaned up
[  282.205419][T14094] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.218065][T14094] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.246376][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.291395][T14093] EXT4-fs (loop2): Remounting filesystem read-only
[  282.303003][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.324063][T13000] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.336728][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.361503][T14116] loop3: detected capacity change from 0 to 512
[  282.484689][T14129] batadv0: entered promiscuous mode
[  282.490362][T14129] macsec1: entered promiscuous mode
[  282.508946][T14129] batadv0: left promiscuous mode
[  282.516638][T14132] loop4: detected capacity change from 0 to 1024
[  282.526811][T14132] EXT4-fs: Ignoring removed orlov option
[  282.539742][T14132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.568792][T14137] loop3: detected capacity change from 0 to 1024
[  282.590096][T14137] ext4: Unknown parameter 'uid<18446744073709551615'
[  282.723975][T14141] loop2: detected capacity change from 0 to 512
[  282.741511][T14141] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  282.766850][T14141] EXT4-fs (loop2): 1 truncate cleaned up
[  282.781208][T14141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.877503][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.929399][T14154] FAULT_INJECTION: forcing a failure.
[  282.929399][T14154] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.942565][T14154] CPU: 1 UID: 0 PID: 14154 Comm: syz.2.3612 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  282.942705][T14154] Tainted: [W]=WARN
[  282.942711][T14154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  282.942723][T14154] Call Trace:
[  282.942729][T14154]  <TASK>
[  282.942737][T14154]  __dump_stack+0x1d/0x30
[  282.942837][T14154]  dump_stack_lvl+0xe8/0x140
[  282.942855][T14154]  dump_stack+0x15/0x1b
[  282.942869][T14154]  should_fail_ex+0x265/0x280
[  282.942887][T14154]  should_fail+0xb/0x20
[  282.942940][T14154]  should_fail_usercopy+0x1a/0x20
[  282.942960][T14154]  strncpy_from_user+0x25/0x230
[  282.942985][T14154]  ? __kmalloc_cache_noprof+0x189/0x320
[  282.943012][T14154]  __se_sys_memfd_create+0x1ff/0x590
[  282.943091][T14154]  __x64_sys_memfd_create+0x31/0x40
[  282.943108][T14154]  x64_sys_call+0x2abe/0x2ff0
[  282.943175][T14154]  do_syscall_64+0xd2/0x200
[  282.943199][T14154]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  282.943221][T14154]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  282.943244][T14154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.943302][T14154] RIP: 0033:0x7ff2dd9febe9
[  282.943394][T14154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.943407][T14154] RSP: 002b:00007ff2dc45ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  282.943423][T14154] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007ff2dd9febe9
[  282.943434][T14154] RDX: 00007ff2dc45eef0 RSI: 0000000000000000 RDI: 00007ff2dda827e8
[  282.943445][T14154] RBP: 0000200000000f00 R08: 00007ff2dc45ebb7 R09: 00007ff2dc45ee40
[  282.943456][T14154] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  282.943534][T14154] R13: 00007ff2dc45eef0 R14: 00007ff2dc45eeb0 R15: 0000200000000080
[  282.943551][T14154]  </TASK>
[  283.154279][T14157] loop2: detected capacity change from 0 to 256
[  283.177962][T14126] syz.4.3602 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  283.189188][T14126] CPU: 1 UID: 0 PID: 14126 Comm: syz.4.3602 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  283.189299][T14126] Tainted: [W]=WARN
[  283.189305][T14126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  283.189315][T14126] Call Trace:
[  283.189321][T14126]  <TASK>
[  283.189329][T14126]  __dump_stack+0x1d/0x30
[  283.189379][T14126]  dump_stack_lvl+0xe8/0x140
[  283.189395][T14126]  dump_stack+0x15/0x1b
[  283.189411][T14126]  dump_header+0x81/0x220
[  283.189501][T14126]  oom_kill_process+0x342/0x400
[  283.189531][T14126]  out_of_memory+0x979/0xb80
[  283.189655][T14126]  try_charge_memcg+0x5e6/0x9e0
[  283.189756][T14126]  charge_memcg+0x51/0xc0
[  283.189774][T14126]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  283.189792][T14126]  __read_swap_cache_async+0x1df/0x350
[  283.189819][T14126]  swap_cluster_readahead+0x277/0x3e0
[  283.189963][T14126]  swapin_readahead+0xde/0x6f0
[  283.189993][T14126]  ? __filemap_get_folio+0x4f7/0x6b0
[  283.190017][T14126]  ? ktime_get+0x1eb/0x210
[  283.190037][T14126]  ? swap_cache_get_folio+0x77/0x200
[  283.190106][T14126]  do_swap_page+0x301/0x2430
[  283.190125][T14126]  ? finish_task_switch+0xad/0x2b0
[  283.190203][T14126]  ? __pfx_default_wake_function+0x10/0x10
[  283.190227][T14126]  handle_mm_fault+0x9a5/0x2c20
[  283.190258][T14126]  do_user_addr_fault+0x636/0x1090
[  283.190288][T14126]  ? fpregs_restore_userregs+0xe2/0x1d0
[  283.190372][T14126]  ? switch_fpu_return+0xe/0x20
[  283.190396][T14126]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  283.190417][T14126]  exc_page_fault+0x62/0xa0
[  283.190437][T14126]  asm_exc_page_fault+0x26/0x30
[  283.190462][T14126] RIP: 0033:0x7f33c59b1453
[  283.190478][T14126] Code: f6 08 00 48 8d 3d f6 f6 08 00 e8 08 49 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d fe 70 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[  283.190493][T14126] RSP: 002b:00007ffed19ad888 EFLAGS: 00010293
[  283.190507][T14126] RAX: 00000000fffffffa RBX: 00007f33c5ba5fa0 RCX: 0000000000000000
[  283.190518][T14126] RDX: 00007ffed19ad8a0 RSI: 0000000000000000 RDI: 0000000000000000
[  283.190598][T14126] RBP: 00007f33c5ba7da0 R08: 0000000008a0a7ea R09: 7fffffffffffffff
[  283.190615][T14126] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000045262
[  283.190626][T14126] R13: 00007f33c5ba6090 R14: ffffffffffffffff R15: 00007ffed19ad9e0
[  283.190680][T14126]  </TASK>
[  283.418347][T14126] memory: usage 307200kB, limit 307200kB, failcnt 298
[  283.425296][T14126] memory+swap: usage 307900kB, limit 9007199254740988kB, failcnt 0
[  283.433207][T14126] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  283.440491][T14126] Memory cgroup stats for /syz4:
[  283.442110][T14126] cache 4096
[  283.450285][T14126] rss 0
[  283.453078][T14126] shmem 0
[  283.456000][T14126] mapped_file 0
[  283.459447][T14126] dirty 0
[  283.462406][T14126] writeback 4096
[  283.466011][T14126] workingset_refault_anon 17
[  283.470744][T14126] workingset_refault_file 384
[  283.475428][T14126] swap 716800
[  283.478719][T14126] swapcached 8192
[  283.482480][T14126] pgpgin 227278
[  283.486125][T14126] pgpgout 227275
[  283.489663][T14126] pgfault 264332
[  283.493425][T14126] pgmajfault 13
[  283.496969][T14126] inactive_anon 8192
[  283.501000][T14126] active_anon 0
[  283.504456][T14126] inactive_file 4096
[  283.508339][T14126] active_file 0
[  283.511892][T14126] unevictable 0
[  283.515342][T14126] hierarchical_memory_limit 314572800
[  283.520810][T14126] hierarchical_memsw_limit 9223372036854771712
[  283.526976][T14126] total_cache 4096
[  283.530760][T14126] total_rss 0
[  283.534159][T14126] total_shmem 0
[  283.537751][T14126] total_mapped_file 0
[  283.541980][T14126] total_dirty 0
[  283.545460][T14126] total_writeback 4096
[  283.549514][T14126] total_workingset_refault_anon 17
[  283.554820][T14126] total_workingset_refault_file 384
[  283.560007][T14126] total_swap 716800
[  283.563873][T14126] total_swapcached 8192
[  283.568017][T14126] total_pgpgin 227278
[  283.572036][T14126] total_pgpgout 227275
[  283.576167][T14126] total_pgfault 264332
[  283.580214][T14126] total_pgmajfault 13
[  283.584248][T14126] total_inactive_anon 8192
[  283.588667][T14126] total_active_anon 0
[  283.592671][T14126] total_inactive_file 4096
[  283.597114][T14126] total_active_file 0
[  283.601173][T14126] total_unevictable 0
[  283.605164][T14126] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.3602,pid=14126,uid=0
[  283.619834][T14126] Memory cgroup out of memory: Killed process 14126 (syz.4.3602) total-vm:95808kB, anon-rss:1072kB, file-rss:22584kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  283.700070][T14174] FAULT_INJECTION: forcing a failure.
[  283.700070][T14174] name failslab, interval 1, probability 0, space 0, times 0
[  283.712808][T14174] CPU: 1 UID: 0 PID: 14174 Comm: syz.3.3620 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  283.712846][T14174] Tainted: [W]=WARN
[  283.712853][T14174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  283.712866][T14174] Call Trace:
[  283.712874][T14174]  <TASK>
[  283.712948][T14174]  __dump_stack+0x1d/0x30
[  283.712967][T14174]  dump_stack_lvl+0xe8/0x140
[  283.713019][T14174]  dump_stack+0x15/0x1b
[  283.713033][T14174]  should_fail_ex+0x265/0x280
[  283.713050][T14174]  should_failslab+0x8c/0xb0
[  283.713072][T14174]  kmem_cache_alloc_node_noprof+0x57/0x320
[  283.713101][T14174]  ? __alloc_skb+0x101/0x320
[  283.713198][T14174]  __alloc_skb+0x101/0x320
[  283.713218][T14174]  netlink_alloc_large_skb+0xba/0xf0
[  283.713251][T14174]  netlink_sendmsg+0x3cf/0x6b0
[  283.713347][T14174]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.713367][T14174]  __sock_sendmsg+0x145/0x180
[  283.713405][T14174]  ____sys_sendmsg+0x31e/0x4e0
[  283.713430][T14174]  ___sys_sendmsg+0x17b/0x1d0
[  283.713504][T14174]  __x64_sys_sendmsg+0xd4/0x160
[  283.713546][T14174]  x64_sys_call+0x191e/0x2ff0
[  283.713564][T14174]  do_syscall_64+0xd2/0x200
[  283.713595][T14174]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  283.713615][T14174]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  283.713660][T14174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.713761][T14174] RIP: 0033:0x7ff90eccebe9
[  283.713775][T14174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.713792][T14174] RSP: 002b:00007ff90d737038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.713812][T14174] RAX: ffffffffffffffda RBX: 00007ff90eef5fa0 RCX: 00007ff90eccebe9
[  283.713902][T14174] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[  283.713913][T14174] RBP: 00007ff90d737090 R08: 0000000000000000 R09: 0000000000000000
[  283.713923][T14174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.713933][T14174] R13: 00007ff90eef6038 R14: 00007ff90eef5fa0 R15: 00007fff1c37c598
[  283.713948][T14174]  </TASK>
[  284.094992][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.110090][T14184] loop3: detected capacity change from 0 to 512
[  284.170892][T14170] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  284.179166][T14170] SELinux: failed to load policy
[  284.236023][T14188] __nla_validate_parse: 5 callbacks suppressed
[  284.236039][T14188] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  284.277832][T14192] loop3: detected capacity change from 0 to 128
[  284.316092][T14195] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3629'.
[  284.328022][T14192] FAT-fs (loop3): Directory bread(block 32) failed
[  284.347038][T14192] FAT-fs (loop3): Directory bread(block 33) failed
[  284.375570][T14192] FAT-fs (loop3): Directory bread(block 34) failed
[  284.417789][T14199] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14199 comm=syz.4.3631
[  284.440744][T14192] FAT-fs (loop3): Directory bread(block 35) failed
[  284.447483][T14192] FAT-fs (loop3): Directory bread(block 36) failed
[  284.501347][T14200] sch_fq: defrate 4294967295 ignored.
[  284.502039][T14192] FAT-fs (loop3): Directory bread(block 37) failed
[  284.513376][T14192] FAT-fs (loop3): Directory bread(block 38) failed
[  284.519960][T14192] FAT-fs (loop3): Directory bread(block 39) failed
[  284.544456][T14192] FAT-fs (loop3): Directory bread(block 40) failed
[  284.551116][T14192] FAT-fs (loop3): Directory bread(block 41) failed
[  284.668847][T14192] syz.3.3626: attempt to access beyond end of device
[  284.668847][T14192] loop3: rw=0, sector=4112, nr_sectors = 4 limit=128
[  284.682140][T14192] Buffer I/O error on dev loop3, logical block 1028, async page read
[  284.703657][T14192] syz.3.3626: attempt to access beyond end of device
[  284.703657][T14192] loop3: rw=0, sector=167964, nr_sectors = 4 limit=128
[  284.717268][T14192] Buffer I/O error on dev loop3, logical block 41991, async page read
[  284.725469][T14192] FAT-fs (loop3): Filesystem has been set read-only
[  284.759613][T14192] syz.3.3626: attempt to access beyond end of device
[  284.759613][T14192] loop3: rw=0, sector=4112, nr_sectors = 4 limit=128
[  284.772923][T14192] Buffer I/O error on dev loop3, logical block 1028, async page read
[  284.780599][T14175] Set syz1 is full, maxelem 65536 reached
[  284.802276][T14192] syz.3.3626: attempt to access beyond end of device
[  284.802276][T14192] loop3: rw=0, sector=167964, nr_sectors = 4 limit=128
[  284.815702][T14192] Buffer I/O error on dev loop3, logical block 41991, async page read
[  284.823956][T14207] loop4: detected capacity change from 0 to 128
[  284.830741][T14207] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  284.853765][T14207] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  284.885955][T14209] rdma_op ffff888100064d80 conn xmit_rdma 0000000000000000
[  284.907330][T14207] FAULT_INJECTION: forcing a failure.
[  284.907330][T14207] name failslab, interval 1, probability 0, space 0, times 0
[  284.920017][T14207] CPU: 0 UID: 0 PID: 14207 Comm: syz.4.3633 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  284.920196][T14207] Tainted: [W]=WARN
[  284.920203][T14207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  284.920215][T14207] Call Trace:
[  284.920223][T14207]  <TASK>
[  284.920232][T14207]  __dump_stack+0x1d/0x30
[  284.920254][T14207]  dump_stack_lvl+0xe8/0x140
[  284.920272][T14207]  dump_stack+0x15/0x1b
[  284.920286][T14207]  should_fail_ex+0x265/0x280
[  284.920340][T14207]  should_failslab+0x8c/0xb0
[  284.920365][T14207]  kmem_cache_alloc_noprof+0x50/0x310
[  284.920391][T14207]  ? getname_flags+0x80/0x3b0
[  284.920430][T14207]  getname_flags+0x80/0x3b0
[  284.920502][T14207]  __x64_sys_renameat2+0x6c/0x90
[  284.920521][T14207]  x64_sys_call+0x3f9/0x2ff0
[  284.920538][T14207]  do_syscall_64+0xd2/0x200
[  284.920559][T14207]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  284.920620][T14207]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  284.920708][T14207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.920729][T14207] RIP: 0033:0x7f33c597ebe9
[  284.920745][T14207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.920759][T14207] RSP: 002b:00007f33c43df038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  284.920811][T14207] RAX: ffffffffffffffda RBX: 00007f33c5ba5fa0 RCX: 00007f33c597ebe9
[  284.920863][T14207] RDX: ffffffffffffff9c RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  284.920922][T14207] RBP: 00007f33c43df090 R08: 0000000000000000 R09: 0000000000000000
[  284.920935][T14207] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  284.920948][T14207] R13: 00007f33c5ba6038 R14: 00007f33c5ba5fa0 R15: 00007ffed19ad768
[  284.920967][T14207]  </TASK>
[  285.137348][ T2135] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  285.202834][T14217] loop2: detected capacity change from 0 to 512
[  285.211878][T14215] loop3: detected capacity change from 0 to 2048
[  285.218263][T14217] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  285.244282][T14219] loop4: detected capacity change from 0 to 512
[  285.253717][T14222] loop1: detected capacity change from 0 to 256
[  285.260848][T14215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.277875][T14217] EXT4-fs (loop2): 1 truncate cleaned up
[  285.278894][T14215] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.3636: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  285.284419][T14217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.302707][T14215] EXT4-fs (loop3): Remounting filesystem read-only
[  285.335085][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.345152][T14219] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.366806][T14219] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.394202][T14229] loop3: detected capacity change from 0 to 256
[  285.415478][T14231] loop1: detected capacity change from 0 to 512
[  285.425043][T14219] __quota_error: 540 callbacks suppressed
[  285.425058][T14219] Quota error (device loop4): do_check_range: Getting block 4128768 out of range 0-5
[  285.432414][   T29] audit: type=1326 audit(1756066455.941:9834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff90eccd84a code=0x7ffc0000
[  285.442180][T14231] ext4: Unknown parameter 'uid>00000000004294967295'
[  285.487474][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.526656][   T29] audit: type=1326 audit(1756066455.971:9835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff90eccd84a code=0x7ffc0000
[  285.550076][   T29] audit: type=1326 audit(1756066455.971:9836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7ff90eccd457 code=0x7ffc0000
[  285.550161][   T29] audit: type=1326 audit(1756066455.971:9837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7ff90ecd038a code=0x7ffc0000
[  285.550180][   T29] audit: type=1326 audit(1756066455.981:9838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff90eccd550 code=0x7ffc0000
[  285.550201][   T29] audit: type=1326 audit(1756066455.981:9839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7ff90eccd937 code=0x7ffc0000
[  285.550277][   T29] audit: type=1326 audit(1756066455.981:9840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff90eccd550 code=0x7ffc0000
[  285.550302][   T29] audit: type=1326 audit(1756066455.981:9841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  285.550400][   T29] audit: type=1326 audit(1756066455.981:9842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14228 comm="syz.3.3641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  285.708354][T14242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3643'.
[  285.756076][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.776317][T14246] FAULT_INJECTION: forcing a failure.
[  285.776317][T14246] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.789598][T14246] CPU: 1 UID: 0 PID: 14246 Comm: syz.0.3648 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  285.789626][T14246] Tainted: [W]=WARN
[  285.789632][T14246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  285.789643][T14246] Call Trace:
[  285.789668][T14246]  <TASK>
[  285.789676][T14246]  __dump_stack+0x1d/0x30
[  285.789697][T14246]  dump_stack_lvl+0xe8/0x140
[  285.789762][T14246]  dump_stack+0x15/0x1b
[  285.789777][T14246]  should_fail_ex+0x265/0x280
[  285.789797][T14246]  should_fail+0xb/0x20
[  285.789811][T14246]  should_fail_usercopy+0x1a/0x20
[  285.789876][T14246]  _copy_from_user+0x1c/0xb0
[  285.789903][T14246]  ___sys_sendmsg+0xc1/0x1d0
[  285.789934][T14246]  __x64_sys_sendmsg+0xd4/0x160
[  285.789983][T14246]  x64_sys_call+0x191e/0x2ff0
[  285.790002][T14246]  do_syscall_64+0xd2/0x200
[  285.790024][T14246]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  285.790121][T14246]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  285.790195][T14246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.790306][T14246] RIP: 0033:0x7f483e29ebe9
[  285.790321][T14246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.790337][T14246] RSP: 002b:00007f483cd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.790352][T14246] RAX: ffffffffffffffda RBX: 00007f483e4c5fa0 RCX: 00007f483e29ebe9
[  285.790363][T14246] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  285.790373][T14246] RBP: 00007f483cd07090 R08: 0000000000000000 R09: 0000000000000000
[  285.790383][T14246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.790445][T14246] R13: 00007f483e4c6038 R14: 00007f483e4c5fa0 R15: 00007ffedea200c8
[  285.790464][T14246]  </TASK>
[  285.974224][T14248] loop4: detected capacity change from 0 to 512
[  285.983440][T14244] loop3: detected capacity change from 0 to 512
[  286.042160][T14248] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  286.057628][T14254] loop2: detected capacity change from 0 to 2048
[  286.064172][T14244] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4)
[  286.080820][T14248] EXT4-fs (loop4): 1 truncate cleaned up
[  286.090569][T14248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.117208][T14244] FAT-fs (loop3): FAT read failed (blocknr 52768)
[  286.134193][T14254] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.155427][T14244] loop3: detected capacity change from 0 to 736
[  286.171635][T14254] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3651: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  286.186283][T14244] iso9660: Unknown parameter 'msdos'
[  286.195029][T14254] EXT4-fs (loop2): Remounting filesystem read-only
[  286.216309][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.226150][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.259046][T14265] sch_fq: defrate 4294967295 ignored.
[  286.286043][T14244] loop3: detected capacity change from 0 to 512
[  286.297843][T14267] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3654'.
[  286.307278][T14244] EXT4-fs: Ignoring removed i_version option
[  286.328789][T14244] EXT4-fs (loop3): 1 truncate cleaned up
[  286.339074][T14268] loop4: detected capacity change from 0 to 1024
[  286.340362][T14244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.359783][T14267] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3654'.
[  286.368913][T14267] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3654'.
[  286.381457][T14268] EXT4-fs: Ignoring removed orlov option
[  286.417556][T14268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.449859][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.887921][T14276] netlink: 'syz.1.3656': attribute type 3 has an invalid length.
[  286.911907][T14278] FAULT_INJECTION: forcing a failure.
[  286.911907][T14278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.925084][T14278] CPU: 0 UID: 0 PID: 14278 Comm: syz.1.3657 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  286.925114][T14278] Tainted: [W]=WARN
[  286.925121][T14278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  286.925182][T14278] Call Trace:
[  286.925187][T14278]  <TASK>
[  286.925194][T14278]  __dump_stack+0x1d/0x30
[  286.925212][T14278]  dump_stack_lvl+0xe8/0x140
[  286.925228][T14278]  dump_stack+0x15/0x1b
[  286.925243][T14278]  should_fail_ex+0x265/0x280
[  286.925263][T14278]  should_fail+0xb/0x20
[  286.925286][T14278]  should_fail_usercopy+0x1a/0x20
[  286.925353][T14278]  strncpy_from_user+0x25/0x230
[  286.925379][T14278]  ? kstrtouint_from_user+0x9f/0xf0
[  286.925452][T14278]  keyctl_keyring_search+0x5b/0x2e0
[  286.925476][T14278]  __se_sys_keyctl+0x2d4/0xb80
[  286.925497][T14278]  ? __rcu_read_unlock+0x4f/0x70
[  286.925561][T14278]  ? __fget_files+0x184/0x1c0
[  286.925600][T14278]  ? fput+0x8f/0xc0
[  286.925626][T14278]  __x64_sys_keyctl+0x67/0x80
[  286.925718][T14278]  x64_sys_call+0x2f6d/0x2ff0
[  286.925767][T14278]  do_syscall_64+0xd2/0x200
[  286.925857][T14278]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  286.925876][T14278]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  286.925896][T14278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.925941][T14278] RIP: 0033:0x7f7b1b2aebe9
[  286.925955][T14278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.925985][T14278] RSP: 002b:00007f7b19d17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  286.926001][T14278] RAX: ffffffffffffffda RBX: 00007f7b1b4d5fa0 RCX: 00007f7b1b2aebe9
[  286.926012][T14278] RDX: 0000200000000180 RSI: 000000002d9c9ccd RDI: 000000000000000a
[  286.926023][T14278] RBP: 00007f7b19d17090 R08: 0000000000000000 R09: 0000000000000000
[  286.926034][T14278] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  286.926045][T14278] R13: 00007f7b1b4d6038 R14: 00007f7b1b4d5fa0 R15: 00007ffc1d3f2048
[  286.926073][T14278]  </TASK>
[  287.148857][ T8528] kworker/u8:10 invoked oom-killer: gfp_mask=0x100c0a(GFP_NOIO|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_HARDWALL), order=0, oom_score_adj=0
[  287.162687][ T8528] CPU: 0 UID: 0 PID: 8528 Comm: kworker/u8:10 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  287.162716][ T8528] Tainted: [W]=WARN
[  287.162722][ T8528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  287.162733][ T8528] Workqueue: loop4 loop_rootcg_workfn
[  287.162829][ T8528] Call Trace:
[  287.162836][ T8528]  <TASK>
[  287.162881][ T8528]  __dump_stack+0x1d/0x30
[  287.162908][ T8528]  dump_stack_lvl+0xe8/0x140
[  287.162928][ T8528]  dump_stack+0x15/0x1b
[  287.162942][ T8528]  dump_header+0x81/0x220
[  287.162984][ T8528]  oom_kill_process+0x342/0x400
[  287.163010][ T8528]  out_of_memory+0x979/0xb80
[  287.163043][ T8528]  try_charge_memcg+0x5e6/0x9e0
[  287.163145][ T8528]  charge_memcg+0x51/0xc0
[  287.163165][ T8528]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  287.163246][ T8528]  __read_swap_cache_async+0x1df/0x350
[  287.163346][ T8528]  swap_cluster_readahead+0x277/0x3e0
[  287.163375][ T8528]  shmem_swapin_folio+0xa2f/0x13e0
[  287.163418][ T8528]  ? xas_load+0x413/0x430
[  287.163447][ T8528]  shmem_get_folio_gfp+0x26c/0xd60
[  287.163478][ T8528]  ? probe_sched_wakeup+0x85/0xa0
[  287.163499][ T8528]  shmem_write_begin+0xa8/0x190
[  287.163594][ T8528]  generic_perform_write+0x184/0x490
[  287.163619][ T8528]  shmem_file_write_iter+0xc5/0xf0
[  287.163642][ T8528]  lo_rw_aio+0x69d/0x760
[  287.163697][ T8528]  loop_process_work+0x52d/0xa60
[  287.163741][ T8528]  ? probe_sched_wakeup+0x85/0xa0
[  287.163832][ T8528]  ? ttwu_do_activate+0x1d0/0x210
[  287.163859][ T8528]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  287.163887][ T8528]  ? try_to_wake_up+0x3e7/0x630
[  287.163999][ T8528]  loop_rootcg_workfn+0x22/0x30
[  287.164036][ T8528]  process_scheduled_works+0x4ce/0x9d0
[  287.164136][ T8528]  worker_thread+0x582/0x770
[  287.164165][ T8528]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  287.164268][ T8528]  kthread+0x486/0x510
[  287.164284][ T8528]  ? finish_task_switch+0xad/0x2b0
[  287.164305][ T8528]  ? __pfx_worker_thread+0x10/0x10
[  287.164340][ T8528]  ? __pfx_kthread+0x10/0x10
[  287.164421][ T8528]  ret_from_fork+0xda/0x150
[  287.164437][ T8528]  ? __pfx_kthread+0x10/0x10
[  287.164455][ T8528]  ret_from_fork_asm+0x1a/0x30
[  287.164482][ T8528]  </TASK>
[  287.164489][ T8528] memory: usage 307200kB, limit 307200kB, failcnt 620
[  287.305036][T14287] loop2: detected capacity change from 0 to 512
[  287.309302][ T8528] memory+swap: usage 307896kB, limit 9007199254740988kB, failcnt 0
[  287.309373][ T8528] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0
[  287.364576][T14287] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.368944][ T8528] Memory cgroup stats for /syz4:
[  287.371538][ T8528] cache 40960
[  287.424674][T14287] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.425793][ T8528] rss 0
[  287.425802][ T8528] shmem 0
[  287.425807][ T8528] mapped_file 0
[  287.425813][ T8528] dirty 0
[  287.425819][ T8528] writeback 12288
[  287.425881][ T8528] workingset_refault_anon 156
[  287.425888][ T8528] workingset_refault_file 780
[  287.425894][ T8528] swap 724992
[  287.425900][ T8528] swapcached 0
[  287.442866][T14284] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  287.445381][ T8528] pgpgin 228485
[  287.445391][ T8528] pgpgout 228475
[  287.445398][ T8528] pgfault 265423
[  287.487317][ T8528] pgmajfault 112
[  287.490883][ T8528] inactive_anon 0
[  287.494568][ T8528] active_anon 0
[  287.498013][ T8528] inactive_file 12288
[  287.502029][ T8528] active_file 28672
[  287.505867][ T8528] unevictable 0
[  287.509320][ T8528] hierarchical_memory_limit 314572800
[  287.514714][ T8528] hierarchical_memsw_limit 9223372036854771712
[  287.520903][ T8528] total_cache 40960
[  287.524838][ T8528] total_rss 0
[  287.528356][ T8528] total_shmem 0
[  287.531906][ T8528] total_mapped_file 0
[  287.535895][ T8528] total_dirty 0
[  287.538240][T14291] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3661'.
[  287.539382][ T8528] total_writeback 12288
[  287.551808][T14291] IPVS: Error joining to the multicast group
[  287.552436][ T8528] total_workingset_refault_anon 156
[  287.563591][ T8528] total_workingset_refault_file 780
[  287.568859][ T8528] total_swap 724992
[  287.572689][ T8528] total_swapcached 0
[  287.576574][ T8528] total_pgpgin 228485
[  287.580697][ T8528] total_pgpgout 228475
[  287.584781][ T8528] total_pgfault 265423
[  287.588855][ T8528] total_pgmajfault 112
[  287.592935][ T8528] total_inactive_anon 0
[  287.597076][ T8528] total_active_anon 0
[  287.601173][ T8528] total_inactive_file 12288
[  287.605663][ T8528] total_active_file 28672
[  287.609991][ T8528] total_unevictable 0
[  287.614000][ T8528] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.3653,pid=14263,uid=0
[  287.628676][ T8528] Memory cgroup out of memory: Killed process 14263 (syz.4.3653) total-vm:95808kB, anon-rss:944kB, file-rss:22576kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  287.717341][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.777056][T14304] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3666'.
[  287.897774][T14309] loop1: detected capacity change from 0 to 256
[  287.948355][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.948434][T14304] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  287.966554][T14304] SELinux: failed to load policy
[  287.988580][T14315] loop1: detected capacity change from 0 to 512
[  288.010973][T14315] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  288.020449][T14315] EXT4-fs (loop1): 1 truncate cleaned up
[  288.028400][T14315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.032520][T14318] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  288.103083][T14326] loop4: detected capacity change from 0 to 1024
[  288.109784][T14326] EXT4-fs: inline encryption not supported
[  288.122496][T13000] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.130893][T14326] EXT4-fs (loop4): can't mount with commit=, fs mounted w/o journal
[  288.146584][T14329] FAULT_INJECTION: forcing a failure.
[  288.146584][T14329] name failslab, interval 1, probability 0, space 0, times 0
[  288.159325][T14329] CPU: 0 UID: 0 PID: 14329 Comm: syz.0.3674 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  288.159354][T14329] Tainted: [W]=WARN
[  288.159360][T14329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  288.159430][T14329] Call Trace:
[  288.159437][T14329]  <TASK>
[  288.159445][T14329]  __dump_stack+0x1d/0x30
[  288.159464][T14329]  dump_stack_lvl+0xe8/0x140
[  288.159479][T14329]  dump_stack+0x15/0x1b
[  288.159541][T14329]  should_fail_ex+0x265/0x280
[  288.159561][T14329]  should_failslab+0x8c/0xb0
[  288.159583][T14329]  kmem_cache_alloc_node_noprof+0x57/0x320
[  288.159610][T14329]  ? __alloc_skb+0x101/0x320
[  288.159626][T14329]  __alloc_skb+0x101/0x320
[  288.159711][T14329]  netlink_alloc_large_skb+0xba/0xf0
[  288.159858][T14329]  netlink_sendmsg+0x3cf/0x6b0
[  288.159877][T14329]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.159895][T14329]  __sock_sendmsg+0x145/0x180
[  288.159917][T14329]  ____sys_sendmsg+0x31e/0x4e0
[  288.159937][T14329]  ___sys_sendmsg+0x17b/0x1d0
[  288.160043][T14329]  __x64_sys_sendmsg+0xd4/0x160
[  288.160063][T14329]  x64_sys_call+0x191e/0x2ff0
[  288.160080][T14329]  do_syscall_64+0xd2/0x200
[  288.160171][T14329]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  288.160190][T14329]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  288.160211][T14329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.160228][T14329] RIP: 0033:0x7f483e29ebe9
[  288.160241][T14329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.160267][T14329] RSP: 002b:00007f483cce6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.160284][T14329] RAX: ffffffffffffffda RBX: 00007f483e4c6090 RCX: 00007f483e29ebe9
[  288.160295][T14329] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000004
[  288.160305][T14329] RBP: 00007f483cce6090 R08: 0000000000000000 R09: 0000000000000000
[  288.160316][T14329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.160326][T14329] R13: 00007f483e4c6128 R14: 00007f483e4c6090 R15: 00007ffedea200c8
[  288.160340][T14329]  </TASK>
[  288.394931][T14334] loop1: detected capacity change from 0 to 256
[  288.426595][T14335] loop4: detected capacity change from 0 to 512
[  288.447401][T14335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.465453][T14335] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.590113][T14347] loop1: detected capacity change from 0 to 256
[  288.793828][T12356] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.882062][T14365] loop2: detected capacity change from 0 to 256
[  288.978738][T14373] loop3: detected capacity change from 0 to 512
[  289.014475][T14373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.028090][T14373] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.052169][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.342273][T14390] sch_fq: defrate 4294967295 ignored.
[  289.553455][T14393] __nla_validate_parse: 2 callbacks suppressed
[  289.553471][T14393] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  289.742578][T14371] syz.2.3693 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  289.756716][T14371] CPU: 1 UID: 0 PID: 14371 Comm: syz.2.3693 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  289.756746][T14371] Tainted: [W]=WARN
[  289.756752][T14371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  289.756826][T14371] Call Trace:
[  289.756834][T14371]  <TASK>
[  289.756841][T14371]  __dump_stack+0x1d/0x30
[  289.756860][T14371]  dump_stack_lvl+0xe8/0x140
[  289.756877][T14371]  dump_stack+0x15/0x1b
[  289.756893][T14371]  dump_header+0x81/0x220
[  289.756960][T14371]  oom_kill_process+0x342/0x400
[  289.757003][T14371]  out_of_memory+0x979/0xb80
[  289.757090][T14371]  try_charge_memcg+0x5e6/0x9e0
[  289.757133][T14371]  obj_cgroup_charge_pages+0xa6/0x150
[  289.757183][T14371]  __memcg_kmem_charge_page+0x9f/0x170
[  289.757210][T14371]  __alloc_frozen_pages_noprof+0x188/0x360
[  289.757251][T14371]  alloc_pages_mpol+0xb3/0x250
[  289.757284][T14371]  alloc_pages_noprof+0x90/0x130
[  289.757316][T14371]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  289.757365][T14371]  __kvmalloc_node_noprof+0x30f/0x4e0
[  289.757394][T14371]  ? ip_set_alloc+0x1f/0x30
[  289.757462][T14371]  ? ip_set_alloc+0x1f/0x30
[  289.757486][T14371]  ? __kmalloc_cache_noprof+0x189/0x320
[  289.757509][T14371]  ip_set_alloc+0x1f/0x30
[  289.757598][T14371]  hash_netiface_create+0x282/0x740
[  289.757627][T14371]  ? __pfx_hash_netiface_create+0x10/0x10
[  289.757658][T14371]  ip_set_create+0x3cc/0x960
[  289.757738][T14371]  ? __nla_parse+0x40/0x60
[  289.757760][T14371]  nfnetlink_rcv_msg+0x4c3/0x590
[  289.757801][T14371]  netlink_rcv_skb+0x123/0x220
[  289.757822][T14371]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  289.757924][T14371]  nfnetlink_rcv+0x16b/0x1690
[  289.757953][T14371]  ? nlmon_xmit+0x4f/0x60
[  289.757986][T14371]  ? consume_skb+0x49/0x150
[  289.758007][T14371]  ? nlmon_xmit+0x4f/0x60
[  289.758111][T14371]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  289.758137][T14371]  ? __dev_queue_xmit+0x1200/0x2000
[  289.758156][T14371]  ? __dev_queue_xmit+0x182/0x2000
[  289.758178][T14371]  ? ref_tracker_free+0x37d/0x3e0
[  289.758241][T14371]  ? __netlink_deliver_tap+0x4dc/0x500
[  289.758268][T14371]  netlink_unicast+0x5bd/0x690
[  289.758323][T14371]  netlink_sendmsg+0x58b/0x6b0
[  289.758348][T14371]  ? __pfx_netlink_sendmsg+0x10/0x10
[  289.758369][T14371]  __sock_sendmsg+0x145/0x180
[  289.758393][T14371]  ____sys_sendmsg+0x31e/0x4e0
[  289.758463][T14371]  ___sys_sendmsg+0x17b/0x1d0
[  289.758498][T14371]  __x64_sys_sendmsg+0xd4/0x160
[  289.758576][T14371]  x64_sys_call+0x191e/0x2ff0
[  289.758594][T14371]  do_syscall_64+0xd2/0x200
[  289.758662][T14371]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.758732][T14371]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  289.758829][T14371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.758847][T14371] RIP: 0033:0x7ff2dd9febe9
[  289.758868][T14371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.758897][T14371] RSP: 002b:00007ff2dc45f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  289.758918][T14371] RAX: ffffffffffffffda RBX: 00007ff2ddc25fa0 RCX: 00007ff2dd9febe9
[  289.758932][T14371] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  289.758946][T14371] RBP: 00007ff2dda81e19 R08: 0000000000000000 R09: 0000000000000000
[  289.758960][T14371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  289.758977][T14371] R13: 00007ff2ddc26038 R14: 00007ff2ddc25fa0 R15: 00007ffc6beae738
[  289.759045][T14371]  </TASK>
[  289.759051][T14371] memory: usage 307200kB, limit 307200kB, failcnt 119
[  289.959472][T14400] FAULT_INJECTION: forcing a failure.
[  289.959472][T14400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.962171][T14371] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[  289.962187][T14371] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  289.962206][T14371] Memory cgroup stats for /syz2:
[  289.967002][T14400] CPU: 0 UID: 0 PID: 14400 Comm: syz.0.3703 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  289.967033][T14400] Tainted: [W]=WARN
[  289.967040][T14400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  289.967051][T14400] Call Trace:
[  289.967059][T14400]  <TASK>
[  289.967067][T14400]  __dump_stack+0x1d/0x30
[  289.967099][T14400]  dump_stack_lvl+0xe8/0x140
[  289.967117][T14400]  dump_stack+0x15/0x1b
[  289.967133][T14400]  should_fail_ex+0x265/0x280
[  289.967154][T14400]  should_fail+0xb/0x20
[  289.967171][T14400]  should_fail_usercopy+0x1a/0x20
[  289.967192][T14400]  _copy_from_iter+0xd2/0xe80
[  289.967239][T14400]  ? sock_alloc_send_pskb+0x456/0x4f0
[  289.967268][T14400]  hci_sock_sendmsg+0x36d/0x910
[  289.967296][T14400]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  289.967377][T14400]  __sock_sendmsg+0x145/0x180
[  289.967403][T14400]  sock_write_iter+0x165/0x1b0
[  289.967431][T14400]  aio_write+0x2e5/0x410
[  289.967462][T14400]  io_submit_one+0xacd/0x11d0
[  289.967545][T14400]  __se_sys_io_submit+0xfb/0x280
[  289.967570][T14400]  __x64_sys_io_submit+0x43/0x50
[  289.967642][T14400]  x64_sys_call+0x2d5d/0x2ff0
[  289.967742][T14400]  do_syscall_64+0xd2/0x200
[  289.967871][T14400]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.967936][T14400]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  289.968016][T14400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.968037][T14400] RIP: 0033:0x7f483e29ebe9
[  289.968052][T14400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.968068][T14400] RSP: 002b:00007f483cd07038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  289.968129][T14400] RAX: ffffffffffffffda RBX: 00007f483e4c5fa0 RCX: 00007f483e29ebe9
[  289.968141][T14400] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f483efff000
[  289.968153][T14400] RBP: 00007f483cd07090 R08: 0000000000000000 R09: 0000000000000000
[  289.968200][T14400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.968212][T14400] R13: 00007f483e4c6038 R14: 00007f483e4c5fa0 R15: 00007ffedea200c8
[  289.968277][T14400]  </TASK>
[  290.187287][T14410] loop4: detected capacity change from 0 to 512
[  290.192983][T14371] cache 0
[  290.317743][T14410] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.3707: corrupted in-inode xattr: invalid ea_ino
[  290.325031][T14371] rss 0
[  290.325042][T14371] shmem 0
[  290.335245][T14410] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3707: couldn't read orphan inode 15 (err -117)
[  290.341038][T14371] mapped_file 0
[  290.341048][T14371] dirty 0
[  290.341055][T14371] writeback 0
[  290.344730][T14410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.350266][T14371] workingset_refault_anon 112
[  290.350275][T14371] workingset_refault_file 800
[  290.350283][T14371] swap 188416
[  290.350289][T14371] swapcached 12288
[  290.350296][T14371] pgpgin 207440
[  290.350303][T14371] pgpgout 207436
[  290.350358][T14371] pgfault 258417
[  290.350365][T14371] pgmajfault 72
[  290.350374][T14371] inactive_anon 4096
[  290.350380][T14371] active_anon 8192
[  290.350387][T14371] inactive_file 0
[  290.350395][T14371] active_file 4096
[  290.350471][T14371] unevictable 0
[  290.350478][T14371] hierarchical_memory_limit 314572800
[  290.350485][T14371] hierarchical_memsw_limit 9223372036854771712
[  290.350493][T14371] total_cache 0
[  290.408604][T14422] netlink: 'syz.3.3711': attribute type 13 has an invalid length.
[  290.410415][T14371] total_rss 0
[  290.429144][T14371] total_shmem 0
[  290.429155][T14371] total_mapped_file 0
[  290.429162][T14371] total_dirty 0
[  290.429169][T14371] total_writeback 0
[  290.429176][T14371] total_workingset_refault_anon 112
[  290.429184][T14371] total_workingset_refault_file 800
[  290.488012][   T29] kauditd_printk_skb: 549 callbacks suppressed
[  290.488026][   T29] audit: type=1326 audit(1756066460.991:10390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.4.3707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  290.488156][T14371] total_swap 188416
[  290.492101][   T29] audit: type=1326 audit(1756066461.001:10391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.4.3707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  290.495404][T14371] total_swapcached 12288
[  290.495413][T14371] total_pgpgin 207440
[  290.543372][   T29] audit: type=1326 audit(1756066461.051:10392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.4.3707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  290.562837][T14371] total_pgpgout 207436
[  290.567054][   T29] audit: type=1326 audit(1756066461.051:10393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.4.3707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  290.571048][T14371] total_pgfault 258417
[  290.571057][T14371] total_pgmajfault 72
[  290.571064][T14371] total_inactive_anon 4096
[  290.571072][T14371] total_active_anon 8192
[  290.594585][   T29] audit: type=1326 audit(1756066461.051:10394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.4.3707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  290.598543][T14371] total_inactive_file 0
[  290.598553][T14371] total_active_file 4096
[  290.622130][   T29] audit: type=1326 audit(1756066461.051:10395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14409 comm="syz.4.3707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  290.626208][T14371] total_unevictable 0
[  290.626218][T14371] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  290.688995][T14425] loop1: detected capacity change from 0 to 1024
[  290.694410][T14371] ,cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3693,pid=14370,uid=0
[  290.714901][T14426] netlink: 88 bytes leftover after parsing attributes in process `syz.4.3707'.
[  290.721942][T14371] Memory cgroup out of memory: Killed process 14370 (syz.2.3693) total-vm:93764kB, anon-rss:1072kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  290.750201][T14425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.765033][T14422] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  290.804264][T14425] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3712'.
[  290.903097][T14432] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3713'.
[  290.918941][T14430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3712'.
[  290.938224][T14425] 8021q: adding VLAN 0 to HW filter on device bond1
[  290.957498][T14430] bond1 (unregistering): Released all slaves
[  291.028933][T14434] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3714'.
[  291.061139][T14436] loop3: detected capacity change from 0 to 2048
[  291.084007][T14436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.121718][T14436] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.3715: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  291.142681][T14436] EXT4-fs (loop3): Remounting filesystem read-only
[  291.152488][T13000] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.196044][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.218767][T14443] loop2: detected capacity change from 0 to 1024
[  291.237453][T14443] EXT4-fs: Ignoring removed orlov option
[  291.285701][   T29] audit: type=1326 audit(1756066461.791:10396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14448 comm="syz.3.3719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  291.317533][T14449] loop3: detected capacity change from 0 to 256
[  291.352668][   T29] audit: type=1326 audit(1756066461.821:10397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14448 comm="syz.3.3719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff90eccd69f code=0x7ffc0000
[  291.376558][   T29] audit: type=1326 audit(1756066461.821:10398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14448 comm="syz.3.3719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  291.400178][   T29] audit: type=1326 audit(1756066461.821:10399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14448 comm="syz.3.3719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff90eccebe9 code=0x7ffc0000
[  291.480355][T14443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.604047][T14458] loop3: detected capacity change from 0 to 512
[  291.691287][T14466] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  291.732254][T14458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.752741][T14458] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.895431][T14472] lo speed is unknown, defaulting to 1000
[  292.089590][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.449088][T14440] syz.2.3716 (14440) used greatest stack depth: 6184 bytes left
[  292.484132][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.842067][T14483] loop3: detected capacity change from 0 to 1024
[  292.855786][T14484] loop2: detected capacity change from 0 to 2048
[  292.878111][T14483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.914186][T14484] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.958403][T14483] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3728'.
[  292.978343][T14484] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3729: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  293.023712][T14483] 8021q: adding VLAN 0 to HW filter on device bond1
[  293.036671][T14484] EXT4-fs (loop2): Remounting filesystem read-only
[  293.054956][T14483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3728'.
[  293.093652][T14483] bond1 (unregistering): Released all slaves
[  293.100291][T12847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.313428][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.411238][T14499] loop3: detected capacity change from 0 to 512
[  293.425160][T14499] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  293.445223][T14503] loop1: detected capacity change from 0 to 256
[  293.471747][T14499] EXT4-fs (loop3): 1 truncate cleaned up
[  293.477613][T14499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.524098][T14505] loop2: detected capacity change from 0 to 256
[  293.623231][T14514] loop1: detected capacity change from 0 to 128
[  293.648303][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.670198][T14514] FAT-fs (loop1): Directory bread(block 32) failed
[  293.686401][T14518] loop3: detected capacity change from 0 to 512
[  293.690725][T14514] FAT-fs (loop1): Directory bread(block 33) failed
[  293.699521][T14514] FAT-fs (loop1): Directory bread(block 34) failed
[  293.710667][T14518] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  293.724551][T14514] FAT-fs (loop1): Directory bread(block 35) failed
[  293.735059][T14514] FAT-fs (loop1): Directory bread(block 36) failed
[  293.735141][T14518] EXT4-fs (loop3): 1 truncate cleaned up
[  293.741757][T14514] FAT-fs (loop1): Directory bread(block 37) failed
[  293.756442][T14514] FAT-fs (loop1): Directory bread(block 38) failed
[  293.763294][T14514] FAT-fs (loop1): Directory bread(block 39) failed
[  293.769981][T14514] FAT-fs (loop1): Directory bread(block 40) failed
[  293.776679][T14514] FAT-fs (loop1): Directory bread(block 41) failed
[  293.779953][T14518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.828011][T14514] syz.1.3741: attempt to access beyond end of device
[  293.828011][T14514] loop1: rw=0, sector=4112, nr_sectors = 4 limit=128
[  293.841472][T14514] Buffer I/O error on dev loop1, logical block 1028, async page read
[  293.850921][T14514] syz.1.3741: attempt to access beyond end of device
[  293.850921][T14514] loop1: rw=0, sector=167964, nr_sectors = 4 limit=128
[  293.864377][T14514] Buffer I/O error on dev loop1, logical block 41991, async page read
[  293.872661][T14514] FAT-fs (loop1): Filesystem has been set read-only
[  293.898678][T14514] syz.1.3741: attempt to access beyond end of device
[  293.898678][T14514] loop1: rw=0, sector=4112, nr_sectors = 4 limit=128
[  293.911999][T14514] Buffer I/O error on dev loop1, logical block 1028, async page read
[  293.925125][T14514] syz.1.3741: attempt to access beyond end of device
[  293.925125][T14514] loop1: rw=0, sector=167964, nr_sectors = 4 limit=128
[  293.929379][T12114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.938563][T14514] Buffer I/O error on dev loop1, logical block 41991, async page read
[  294.030251][T14527] loop3: detected capacity change from 0 to 512
[  294.039226][T14533] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3750'.
[  294.048329][T14531] loop2: detected capacity change from 0 to 512
[  294.069502][T14527] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  294.078547][T14531] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  294.090449][T14527] EXT4-fs (loop3): 1 truncate cleaned up
[  294.102604][T14527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.121779][T14531] EXT4-fs (loop2): 1 truncate cleaned up
[  294.127744][T14531] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.357399][T14546] loop2: detected capacity change from 0 to 512
[  294.364806][T14543] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  294.392500][T14546] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  294.401377][T14543] SELinux: failed to load policy
[  294.437563][T14546] EXT4-fs (loop2): 1 truncate cleaned up
[  294.849282][T14566] sch_fq: defrate 2 ignored.
[  294.866848][T14567] sch_fq: defrate 4294967295 ignored.
[  294.948325][T14541] Set syz1 is full, maxelem 65536 reached
[  295.146630][T14575] loop2: detected capacity change from 0 to 1024
[  295.175472][T14578] __nla_validate_parse: 4 callbacks suppressed
[  295.175486][T14578] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  295.184487][T14575] EXT4-fs: Ignoring removed orlov option
[  295.369931][T14586] loop4: detected capacity change from 0 to 256
[  295.449407][T14589] loop4: detected capacity change from 0 to 512
[  295.496929][T14589] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  295.539578][T14589] EXT4-fs (loop4): 1 truncate cleaned up
[  295.748341][T14568] syz.2.3764 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  295.759364][T14568] CPU: 0 UID: 0 PID: 14568 Comm: syz.2.3764 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  295.759450][T14568] Tainted: [W]=WARN
[  295.759456][T14568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  295.759467][T14568] Call Trace:
[  295.759474][T14568]  <TASK>
[  295.759482][T14568]  __dump_stack+0x1d/0x30
[  295.759503][T14568]  dump_stack_lvl+0xe8/0x140
[  295.759573][T14568]  dump_stack+0x15/0x1b
[  295.759590][T14568]  dump_header+0x81/0x220
[  295.759615][T14568]  oom_kill_process+0x342/0x400
[  295.759646][T14568]  out_of_memory+0x979/0xb80
[  295.759708][T14568]  try_charge_memcg+0x5e6/0x9e0
[  295.759730][T14568]  charge_memcg+0x51/0xc0
[  295.759745][T14568]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  295.759827][T14568]  __read_swap_cache_async+0x1df/0x350
[  295.759859][T14568]  swap_cluster_readahead+0x277/0x3e0
[  295.759890][T14568]  swapin_readahead+0xde/0x6f0
[  295.760002][T14568]  ? __filemap_get_folio+0x4f7/0x6b0
[  295.760037][T14568]  ? swap_cache_get_folio+0x77/0x200
[  295.760060][T14568]  do_swap_page+0x301/0x2430
[  295.760081][T14568]  ? css_rstat_updated+0xb7/0x240
[  295.760170][T14568]  ? __pfx_default_wake_function+0x10/0x10
[  295.760261][T14568]  handle_mm_fault+0x9a5/0x2c20
[  295.760288][T14568]  do_user_addr_fault+0x636/0x1090
[  295.760320][T14568]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  295.760417][T14568]  exc_page_fault+0x62/0xa0
[  295.760521][T14568]  asm_exc_page_fault+0x26/0x30
[  295.760541][T14568] RIP: 0033:0x7ff2dd8d5618
[  295.760555][T14568] Code: 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d aa 27 35 00 00 0f 8e 09 fe ff ff e8 43 9e fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 <69> 3d 76 00 e8 00 e8 03 00 00 48 8d 1d 77 09 35 00 e8 12 95 12 00
[  295.760569][T14568] RSP: 002b:00007ffc6beae8a0 EFLAGS: 00010212
[  295.760583][T14568] RAX: 00000000000482fc RBX: 00007ff2ddc27da0 RCX: 0000000000048058
[  295.760594][T14568] RDX: 00000000000002a4 RSI: 00007ffc6beae880 RDI: 0000000000000001
[  295.760652][T14568] RBP: 00007ff2ddc27da0 R08: 000000002852560d R09: 7fffffffffffffff
[  295.760662][T14568] R10: 3fffffffffffffff R11: 0000000000000293 R12: 0000000000048367
[  295.760673][T14568] R13: 00007ff2ddc26090 R14: ffffffffffffffff R15: 00007ffc6beae9b0
[  295.760689][T14568]  </TASK>
[  295.973964][T14568] memory: usage 307200kB, limit 307200kB, failcnt 519
[  295.980814][T14568] memory+swap: usage 307880kB, limit 9007199254740988kB, failcnt 0
[  295.988761][T14568] kmem: usage 307148kB, limit 9007199254740988kB, failcnt 0
[  295.996119][T14568] Memory cgroup stats for /syz2:
[  296.016547][T14592] lo speed is unknown, defaulting to 1000
[  296.059835][T14594] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3773'.
[  296.106062][T14568] cache 20480
[  296.109381][T14568] rss 4096
[  296.112493][T14568] shmem 0
[  296.115518][T14568] mapped_file 0
[  296.118980][T14568] dirty 0
[  296.121958][T14568] writeback 28672
[  296.125575][T14568] workingset_refault_anon 275
[  296.130301][T14568] workingset_refault_file 1825
[  296.135386][T14568] swap 700416
[  296.138682][T14568] swapcached 24576
[  296.142497][T14568] pgpgin 210084
[  296.145957][T14568] pgpgout 210072
[  296.149491][T14568] pgfault 260647
[  296.153042][T14568] pgmajfault 152
[  296.156640][T14568] inactive_anon 24576
[  296.160603][T14568] active_anon 0
[  296.164073][T14568] inactive_file 20480
[  296.168098][T14568] active_file 4096
[  296.171842][T14568] unevictable 0
[  296.175302][T14568] hierarchical_memory_limit 314572800
[  296.180772][T14568] hierarchical_memsw_limit 9223372036854771712
[  296.186981][T14568] total_cache 20480
[  296.190845][T14568] total_rss 4096
[  296.194444][T14568] total_shmem 0
[  296.197884][T14568] total_mapped_file 0
[  296.201902][T14568] total_dirty 0
[  296.205345][T14568] total_writeback 28672
[  296.209551][T14568] total_workingset_refault_anon 275
[  296.214822][T14568] total_workingset_refault_file 1825
[  296.220126][T14568] total_swap 700416
[  296.223963][T14568] total_swapcached 24576
[  296.228258][T14568] total_pgpgin 210084
[  296.232291][T14568] total_pgpgout 210072
[  296.234044][T14602] 9pnet_fd: Insufficient options for proto=fd
[  296.236424][T14568] total_pgfault 260647
[  296.236433][T14568] total_pgmajfault 152
[  296.236440][T14568] total_inactive_anon 24576
[  296.236448][T14568] total_active_anon 0
[  296.259099][T14568] total_inactive_file 20480
[  296.263637][T14568] total_active_file 4096
[  296.267862][T14568] total_unevictable 0
[  296.271864][T14568] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3764,pid=14568,uid=0
[  296.286673][T14568] Memory cgroup out of memory: Killed process 14568 (syz.2.3764) total-vm:93764kB, anon-rss:944kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  296.409331][T14608] netlink: 32 bytes leftover after parsing attributes in process `+}[@'.
[  296.537309][T14615] loop4: detected capacity change from 0 to 512
[  296.554443][T14615] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  296.572298][T14615] EXT4-fs (loop4): 1 truncate cleaned up
[  296.670477][T14621] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3782'.
[  296.730852][T14625] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3784'.
[  296.836016][T14627] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  296.846646][T14628] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  296.855170][T14628] SELinux: failed to load policy
[  296.888697][T14630] 9pnet_fd: Insufficient options for proto=fd
[  296.901265][T14627] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  296.990175][   T29] kauditd_printk_skb: 299 callbacks suppressed
[  296.990195][   T29] audit: type=1326 audit(1756066467.491:10699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.042344][T14633] loop4: detected capacity change from 0 to 256
[  297.049222][T14634] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3787'.
[  297.129829][   T29] audit: type=1326 audit(1756066467.541:10700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f33c597d69f code=0x7ffc0000
[  297.153292][   T29] audit: type=1326 audit(1756066467.541:10701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.176872][   T29] audit: type=1326 audit(1756066467.541:10702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.186270][T14634] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  297.200742][   T29] audit: type=1326 audit(1756066467.541:10703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.209499][T14634] SELinux: failed to load policy
[  297.232435][   T29] audit: type=1326 audit(1756066467.541:10704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.260930][   T29] audit: type=1326 audit(1756066467.541:10705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.284503][   T29] audit: type=1326 audit(1756066467.551:10706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f33c597ebe9 code=0x7ffc0000
[  297.308094][   T29] audit: type=1326 audit(1756066467.551:10707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f33c597ec23 code=0x7ffc0000
[  297.331529][   T29] audit: type=1326 audit(1756066467.551:10708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14632 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f33c597d69f code=0x7ffc0000
[  297.503735][T14642] 9pnet_fd: Insufficient options for proto=fd
[  297.512096][T14643] loop2: detected capacity change from 0 to 512
[  297.544583][T14643] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  297.578757][T14625] Set syz1 is full, maxelem 65536 reached
[  297.608285][T14648] loop3: detected capacity change from 0 to 512
[  297.623410][T14651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3795'.
[  297.645720][T14643] EXT4-fs (loop2): 1 truncate cleaned up
[  297.652340][T14648] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.715226][T14657] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3797'.
[  297.722123][T14658] loop4: detected capacity change from 0 to 1024
[  297.748705][T14657] 8021q: adding VLAN 0 to HW filter on device bond1
[  297.756811][T14658] EXT4-fs: Ignoring removed orlov option
[  297.770200][T14660] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3797'.
[  297.849512][T14660] bond1 (unregistering): Released all slaves
[  297.881506][T14665] 9pnet_fd: Insufficient options for proto=fd
[  297.941407][T14667] loop2: detected capacity change from 0 to 2048
[  297.953856][T14669] netlink: 'syz.3.3801': attribute type 13 has an invalid length.
[  297.996448][T14669] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  298.023474][T14667] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3800: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  298.094184][T14667] EXT4-fs (loop2): Remounting filesystem read-only
[  298.163080][T14680] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3804'.
[  298.398196][T14695] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  298.421899][T14686] siw: device registration error -23
[  298.428101][T14695] SELinux: failed to load policy
[  298.461272][T14697] program syz.3.3809 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  298.566090][T14654] syz.4.3796 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  298.577145][T14654] CPU: 0 UID: 0 PID: 14654 Comm: syz.4.3796 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  298.577198][T14654] Tainted: [W]=WARN
[  298.577205][T14654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  298.577216][T14654] Call Trace:
[  298.577222][T14654]  <TASK>
[  298.577229][T14654]  __dump_stack+0x1d/0x30
[  298.577249][T14654]  dump_stack_lvl+0xe8/0x140
[  298.577272][T14654]  dump_stack+0x15/0x1b
[  298.577323][T14654]  dump_header+0x81/0x220
[  298.577350][T14654]  oom_kill_process+0x342/0x400
[  298.577382][T14654]  out_of_memory+0x979/0xb80
[  298.577409][T14654]  try_charge_memcg+0x5e6/0x9e0
[  298.577529][T14654]  charge_memcg+0x51/0xc0
[  298.577548][T14654]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  298.577656][T14654]  __read_swap_cache_async+0x1df/0x350
[  298.577682][T14654]  swap_cluster_readahead+0x376/0x3e0
[  298.577711][T14654]  swapin_readahead+0xde/0x6f0
[  298.577743][T14654]  ? __filemap_get_folio+0x4f7/0x6b0
[  298.577775][T14654]  ? __rcu_read_unlock+0x34/0x70
[  298.577863][T14654]  ? swap_cache_get_folio+0x77/0x200
[  298.577891][T14654]  do_swap_page+0x301/0x2430
[  298.577915][T14654]  ? css_rstat_updated+0xb7/0x240
[  298.577981][T14654]  ? __pfx_default_wake_function+0x10/0x10
[  298.578004][T14654]  handle_mm_fault+0x9a5/0x2c20
[  298.578029][T14654]  do_user_addr_fault+0x636/0x1090
[  298.578095][T14654]  exc_page_fault+0x62/0xa0
[  298.578118][T14654]  asm_exc_page_fault+0x26/0x30
[  298.578169][T14654] RIP: 0033:0x7f33c5855629
[  298.578184][T14654] Code: 35 00 00 0f 8e 09 fe ff ff e8 43 9e fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 69 3d 76 00 e8 00 e8 03 00 00 48 8d 1d 77 09 35 00 <e8> 12 95 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 80 7b 20
[  298.578198][T14654] RSP: 002b:00007ffed19ad8d0 EFLAGS: 00010206
[  298.578214][T14654] RAX: 0000000000048dd9 RBX: 00007f33c5ba5fa0 RCX: 0000000000048c10
[  298.578228][T14654] RDX: 00000000000001c9 RSI: 00007ffed19ad8b0 RDI: 00000000000003e8
[  298.578241][T14654] RBP: 00007f33c5ba7da0 R08: 000000001b47608f R09: 7fffffffffffffff
[  298.578255][T14654] R10: 3fffffffffffffff R11: 0000000000000293 R12: 0000000000048de2
[  298.578298][T14654] R13: 00007f33c5ba6090 R14: ffffffffffffffff R15: 00007ffed19ad9e0
[  298.578359][T14654]  </TASK>
[  298.578367][T14654] memory: usage 307200kB, limit 307200kB, failcnt 1413
[  298.801376][T14654] memory+swap: usage 307916kB, limit 9007199254740988kB, failcnt 0
[  298.809301][T14654] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  298.816644][T14654] Memory cgroup stats for /syz4:
[  298.817250][T14654] cache 4096
[  298.825456][T14654] rss 0
[  298.828204][T14654] shmem 0
[  298.831270][T14654] mapped_file 0
[  298.834714][T14654] dirty 0
[  298.837687][T14654] writeback 0
[  298.841033][T14654] workingset_refault_anon 310
[  298.845722][T14654] workingset_refault_file 1617
[  298.850659][T14654] swap 733184
[  298.853929][T14654] swapcached 0
[  298.857283][T14654] pgpgin 241131
[  298.860777][T14654] pgpgout 241130
[  298.864324][T14654] pgfault 279780
[  298.867856][T14654] pgmajfault 221
[  298.871423][T14654] inactive_anon 0
[  298.875046][T14654] active_anon 0
[  298.878534][T14654] inactive_file 0
[  298.882184][T14654] active_file 4096
[  298.885921][T14654] unevictable 0
[  298.889372][T14654] hierarchical_memory_limit 314572800
[  298.894770][T14654] hierarchical_memsw_limit 9223372036854771712
[  298.901014][T14654] total_cache 4096
[  298.904725][T14654] total_rss 0
[  298.908006][T14654] total_shmem 0
[  298.911547][T14654] total_mapped_file 0
[  298.915508][T14654] total_dirty 0
[  298.918994][T14654] total_writeback 0
[  298.922838][T14654] total_workingset_refault_anon 310
[  298.928021][T14654] total_workingset_refault_file 1617
[  298.933310][T14654] total_swap 733184
[  298.937104][T14654] total_swapcached 0
[  298.941079][T14654] total_pgpgin 241131
[  298.945046][T14654] total_pgpgout 241130
[  298.949124][T14654] total_pgfault 279780
[  298.953243][T14654] total_pgmajfault 221
[  298.957290][T14654] total_inactive_anon 0
[  298.961518][T14654] total_active_anon 0
[  298.965549][T14654] total_inactive_file 0
[  298.969685][T14654] total_active_file 4096
[  298.973943][T14654] total_unevictable 0
[  298.977916][T14654] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.3796,pid=14654,uid=0
[  298.992702][T14654] Memory cgroup out of memory: Killed process 14654 (syz.4.3796) total-vm:93896kB, anon-rss:1072kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  299.044419][T14711] program syz.3.3816 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.158806][T14716] loop3: detected capacity change from 0 to 512
[  299.185059][T14716] EXT4-fs (loop3): orphan cleanup on readonly fs
[  299.203433][T14716] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.3817: bad orphan inode 13
[  299.232472][T14716] ext4_test_bit(bit=12, block=18) = 1
[  299.237873][T14716] is_bad_inode(inode)=0
[  299.242062][T14716] NEXT_ORPHAN(inode)=2130706432
[  299.246921][T14716] max_ino=32
[  299.250172][T14716] i_nlink=1
[  299.253911][T14719] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  299.272956][T14719] SELinux: failed to load policy
[  299.422918][T14716] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  299.491421][T14716] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3817: bg 0: block 248: padding at end of block bitmap is not set
[  299.508537][T14716] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3817: Failed to acquire dquot type 1
[  299.586128][T14732] program syz.4.3822 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.597712][T14730] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  299.608758][T14716] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  299.644411][T14730] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  299.795927][T14684] Set syz1 is full, maxelem 65536 reached
[  299.868570][T14744] loop2: detected capacity change from 0 to 2048
[  299.892341][T14750] 9pnet_fd: Insufficient options for proto=fd
[  299.949653][T14744] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3826: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  300.010556][T14764] program syz.3.3834 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  300.020290][T14744] EXT4-fs (loop2): Remounting filesystem read-only
[  300.179939][T14774] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  300.193572][T14774] SELinux: failed to load policy
[  300.198608][T14762] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  300.207107][T14762] SELinux: failed to load policy
[  300.215585][T14776] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  300.229263][T14776] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  300.288839][T14780] __nla_validate_parse: 7 callbacks suppressed
[  300.288853][T14780] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3840'.
[  300.350255][T14785] 9pnet_fd: Insufficient options for proto=fd
[  300.360242][T14786] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3843'.
[  300.412447][T14790] loop3: detected capacity change from 0 to 1024
[  300.487620][T14790] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3845'.
[  300.538094][T14790] 8021q: adding VLAN 0 to HW filter on device bond1
[  300.591179][T14790] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3845'.
[  300.782458][T14797] SELinux:  policydb table sizes (830110067,0) do not match mine (8,7)
[  300.793870][T14797] SELinux: failed to load policy
[  300.932625][T14801] loop2: detected capacity change from 0 to 2048
[  300.964565][T14801] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.3847: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  300.982695][T14801] EXT4-fs (loop2): Remounting filesystem read-only
[  301.077250][T14758] Set syz1 is full, maxelem 65536 reached
[  301.098368][T14790] bond1 (unregistering): Released all slaves
[  301.105344][T14805] loop1: detected capacity change from 0 to 128
[  301.125548][T14809] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3848'.
[  301.156539][T14805] FAT-fs (loop1): Directory bread(block 32) failed
[  301.170899][T14805] FAT-fs (loop1): Directory bread(block 33) failed
[  301.177672][T14805] FAT-fs (loop1): Directory bread(block 34) failed
[  301.195504][T14805] FAT-fs (loop1): Directory bread(block 35) failed
[  301.205130][T14805] FAT-fs (loop1): Directory bread(block 36) failed
[  301.211859][T14815] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3853'.
[  301.221225][T14805] FAT-fs (loop1): Directory bread(block 37) failed
[  301.227763][T14805] FAT-fs (loop1): Directory bread(block 38) failed
[  301.234884][T14805] FAT-fs (loop1): Directory bread(block 39) failed
[  301.241496][T14805] FAT-fs (loop1): Directory bread(block 40) failed
[  301.248009][T14805] FAT-fs (loop1): Directory bread(block 41) failed
[  301.275154][T14805] syz.1.3849: attempt to access beyond end of device
[  301.275154][T14805] loop1: rw=0, sector=4112, nr_sectors = 4 limit=128
[  301.288489][T14805] Buffer I/O error on dev loop1, logical block 1028, async page read
[  301.322090][T14805] syz.1.3849: attempt to access beyond end of device
[  301.322090][T14805] loop1: rw=0, sector=167964, nr_sectors = 4 limit=128
[  301.335571][T14805] Buffer I/O error on dev loop1, logical block 41991, async page read
[  301.335665][T14815] loop4: detected capacity change from 0 to 8192
[  301.343776][T14805] FAT-fs (loop1): Filesystem has been set read-only
[  301.369938][T14805] syz.1.3849: attempt to access beyond end of device
[  301.369938][T14805] loop1: rw=0, sector=4112, nr_sectors = 4 limit=128
[  301.383230][T14805] Buffer I/O error on dev loop1, logical block 1028, async page read
[  301.395680][T14805] syz.1.3849: attempt to access beyond end of device
[  301.395680][T14805] loop1: rw=0, sector=167964, nr_sectors = 4 limit=128
[  301.409152][T14805] Buffer I/O error on dev loop1, logical block 41991, async page read
[  301.473839][ T3725]  loop4: p1 p2 p4
[  301.477481][T14828] loop3: detected capacity change from 0 to 128
[  301.478126][ T3725] loop4: p1 size 65536 extends beyond EOD, truncated
[  301.494688][T14828] FAT-fs (loop3): Directory bread(block 32) failed
[  301.501311][T14828] FAT-fs (loop3): Directory bread(block 33) failed
[  301.508055][T14828] FAT-fs (loop3): Directory bread(block 34) failed
[  301.513568][T14821] siw: device registration error -23
[  301.516212][T14828] FAT-fs (loop3): Directory bread(block 35) failed
[  301.526535][T14828] FAT-fs (loop3): Directory bread(block 36) failed
[  301.537955][ T3725] loop4: p2 start 861536256 is beyond EOD, truncated
[  301.538317][T14828] FAT-fs (loop3): Directory bread(block 37) failed
[  301.544782][ T3725] loop4: p4 size 65536 extends beyond EOD, truncated
[  301.553325][T14828] FAT-fs (loop3): Directory bread(block 38) failed
[  301.567718][T14828] FAT-fs (loop3): Directory bread(block 39) failed
[  301.576322][T14828] FAT-fs (loop3): Directory bread(block 40) failed
[  301.579161][T14817] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  301.583642][T14828] FAT-fs (loop3): Directory bread(block 41) failed
[  301.601624][T14815]  loop4: p1 p2 p4
[  301.605459][T14815] loop4: p1 size 65536 extends beyond EOD, truncated
[  301.614278][T14815] loop4: p2 start 861536256 is beyond EOD, truncated
[  301.621044][T14815] loop4: p4 size 65536 extends beyond EOD, truncated
[  301.647472][T14828] syz.3.3855: attempt to access beyond end of device
[  301.647472][T14828] loop3: rw=0, sector=4112, nr_sectors = 4 limit=128
[  301.660768][T14828] Buffer I/O error on dev loop3, logical block 1028, async page read
[  301.671082][T14828] syz.3.3855: attempt to access beyond end of device
[  301.671082][T14828] loop3: rw=0, sector=167964, nr_sectors = 4 limit=128
[  301.684690][T14828] Buffer I/O error on dev loop3, logical block 41991, async page read
[  301.692969][T14828] FAT-fs (loop3): Filesystem has been set read-only
[  301.703896][T14828] syz.3.3855: attempt to access beyond end of device
[  301.703896][T14828] loop3: rw=0, sector=4112, nr_sectors = 4 limit=128
[  301.717317][T14828] Buffer I/O error on dev loop3, logical block 1028, async page read
[  301.727703][T14832] loop4: detected capacity change from 0 to 2048
[  301.728783][T14828] syz.3.3855: attempt to access beyond end of device
[  301.728783][T14828] loop3: rw=0, sector=167964, nr_sectors = 4 limit=128
[  301.747843][T14828] Buffer I/O error on dev loop3, logical block 41991, async page read
[  301.769840][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  301.771836][ T3725] udevd[3725]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  301.785900][T14832] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.3858: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  301.876852][ T3725] udevd[3725]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  301.889290][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  301.893534][T14832] EXT4-fs (loop4): Remounting filesystem read-only
[  301.938668][T14846] 9pnet_fd: Insufficient options for proto=fd
[  301.982919][T14847] loop3: detected capacity change from 0 to 512
[  302.004435][T14847] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.021360][T14847] __quota_error: 315 callbacks suppressed
[  302.021375][T14847] Quota error (device loop3): do_check_range: Getting block 4128768 out of range 0-5
[  302.045683][T14849] loop4: detected capacity change from 0 to 512
[  302.070118][T14853] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3863'.
[  302.075994][T14849] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.107014][T14857] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  302.117943][T14857] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  302.164672][T14861] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3866'.
[  302.180192][T14861] 8021q: adding VLAN 0 to HW filter on device bond1
[  302.189822][T14861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3866'.
[  302.200754][T14861] bond1 (unregistering): Released all slaves
[  302.229317][T14865] loop4: detected capacity change from 0 to 512
[  302.245656][T14865] EXT4-fs (loop4): orphan cleanup on readonly fs
[  302.258095][T14865] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.3867: bad orphan inode 13
[  302.275939][T14865] ext4_test_bit(bit=12, block=18) = 1
[  302.281507][T14865] is_bad_inode(inode)=0
[  302.285713][T14865] NEXT_ORPHAN(inode)=2130706432
[  302.290584][T14865] max_ino=32
[  302.293846][T14865] i_nlink=1
[  302.303294][T14865] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  302.318239][   T29] audit: type=1326 audit(1756066472.821:11022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483e29ebe9 code=0x7ffc0000
[  302.342299][   T29] audit: type=1326 audit(1756066472.851:11023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f483e29d69f code=0x7ffc0000
[  302.342874][T14865] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3867: bg 0: block 248: padding at end of block bitmap is not set
[  302.365907][   T29] audit: type=1326 audit(1756066472.851:11024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483e29ebe9 code=0x7ffc0000
[  302.403907][   T29] audit: type=1326 audit(1756066472.851:11025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483e29ebe9 code=0x7ffc0000
[  302.428342][   T29] audit: type=1326 audit(1756066472.931:11026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f483e29ebe9 code=0x7ffc0000
[  302.442946][T14865] Quota error (device loop4): write_blk: dquota write failed
[  302.452127][   T29] audit: type=1326 audit(1756066472.931:11027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483e29ebe9 code=0x7ffc0000
[  302.459449][T14865] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  302.483216][   T29] audit: type=1326 audit(1756066472.931:11028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14870 comm="syz.0.3869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483e29ebe9 code=0x7ffc0000
[  302.492911][T14865] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.3867: Failed to acquire dquot type 1
[  302.517069][T14869] loop2: detected capacity change from 0 to 1024
[  302.531448][T14865] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  302.562573][T14869] EXT4-fs: Ignoring removed orlov option
[  302.731275][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3874'.
[  302.810519][T14888] loop1: detected capacity change from 0 to 512
[  302.825748][T14888] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  302.846540][T14888] EXT4-fs (loop1): 1 truncate cleaned up
[  303.006120][T14891] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  303.031563][T14891] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  303.130161][T14896] program syz.0.3880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  303.221704][T14867] syz.2.3868 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  303.232720][T14867] CPU: 1 UID: 0 PID: 14867 Comm: syz.2.3868 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  303.232752][T14867] Tainted: [W]=WARN
[  303.232840][T14867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  303.232853][T14867] Call Trace:
[  303.232921][T14867]  <TASK>
[  303.232929][T14867]  __dump_stack+0x1d/0x30
[  303.232948][T14867]  dump_stack_lvl+0xe8/0x140
[  303.232968][T14867]  dump_stack+0x15/0x1b
[  303.233062][T14867]  dump_header+0x81/0x220
[  303.233088][T14867]  oom_kill_process+0x342/0x400
[  303.233218][T14867]  out_of_memory+0x979/0xb80
[  303.233246][T14867]  try_charge_memcg+0x5e6/0x9e0
[  303.233330][T14867]  charge_memcg+0x51/0xc0
[  303.233403][T14867]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  303.233426][T14867]  __read_swap_cache_async+0x1df/0x350
[  303.233488][T14867]  swap_cluster_readahead+0x277/0x3e0
[  303.233519][T14867]  swapin_readahead+0xde/0x6f0
[  303.233595][T14867]  ? __filemap_get_folio+0x4f7/0x6b0
[  303.233627][T14867]  ? __rcu_read_unlock+0x34/0x70
[  303.233649][T14867]  ? swap_cache_get_folio+0x77/0x200
[  303.233678][T14867]  do_swap_page+0x301/0x2430
[  303.233748][T14867]  ? css_rstat_updated+0xb7/0x240
[  303.233777][T14867]  ? __pfx_default_wake_function+0x10/0x10
[  303.233812][T14867]  handle_mm_fault+0x9a5/0x2c20
[  303.233921][T14867]  do_user_addr_fault+0x636/0x1090
[  303.233956][T14867]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  303.234037][T14867]  exc_page_fault+0x62/0xa0
[  303.234058][T14867]  asm_exc_page_fault+0x26/0x30
[  303.234074][T14867] RIP: 0033:0x7ff2dd8d5698
[  303.234089][T14867] Code: e8 dd 9d fe ff 49 39 c4 73 a0 48 8d 1d 21 09 35 00 83 3d 26 27 35 00 00 48 8d ab 00 1e 00 00 0f 8e 7e fd ff ff 0f 1f 44 00 00 <80> 7b 20 00 49 89 d8 74 1f e8 ca 9a ff ff 84 c0 74 0c 48 8d bb 98
[  303.234107][T14867] RSP: 002b:00007ffc6beae8a0 EFLAGS: 00010202
[  303.234186][T14867] RAX: 000000000004a039 RBX: 00007ff2ddc25fa0 RCX: 0000000000049f98
[  303.234197][T14867] RDX: 00000000000000a1 RSI: 00007ffc6beae880 RDI: 0000000000000001
[  303.234207][T14867] RBP: 00007ff2ddc27da0 R08: 0000000009a4541a R09: 7fffffffffffffff
[  303.234219][T14867] R10: 3fffffffffffffff R11: 0000000000000293 R12: 0000000000049fda
[  303.234232][T14867] R13: 00007ff2ddc26090 R14: ffffffffffffffff R15: 00007ffc6beae9b0
[  303.234317][T14867]  </TASK>
[  303.234323][T14867] memory: usage 307200kB, limit 307200kB, failcnt 1033
[  303.460091][T14867] memory+swap: usage 307900kB, limit 9007199254740988kB, failcnt 0
[  303.468214][T14867] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  303.475565][T14867] Memory cgroup stats for /syz2:
[  303.475916][T14867] cache 4096
[  303.484066][T14867] rss 0
[  303.486813][T14867] shmem 0
[  303.489730][T14867] mapped_file 0
[  303.493218][T14867] dirty 0
[  303.496153][T14867] writeback 4096
[  303.499726][T14867] workingset_refault_anon 330
[  303.504715][T14867] workingset_refault_file 2260
[  303.509465][T14867] swap 716800
[  303.512754][T14867] swapcached 8192
[  303.516376][T14867] pgpgin 215121
[  303.519855][T14867] pgpgout 215117
[  303.523461][T14867] pgfault 265968
[  303.526992][T14867] pgmajfault 177
[  303.530601][T14867] inactive_anon 8192
[  303.534498][T14867] active_anon 0
[  303.537961][T14867] inactive_file 4096
[  303.541890][T14867] active_file 4096
[  303.545663][T14867] unevictable 0
[  303.549106][T14867] hierarchical_memory_limit 314572800
[  303.554480][T14867] hierarchical_memsw_limit 9223372036854771712
[  303.560710][T14867] total_cache 4096
[  303.564414][T14867] total_rss 0
[  303.567681][T14867] total_shmem 0
[  303.571204][T14867] total_mapped_file 0
[  303.575169][T14867] total_dirty 0
[  303.578633][T14867] total_writeback 4096
[  303.582764][T14867] total_workingset_refault_anon 330
[  303.587944][T14867] total_workingset_refault_file 2260
[  303.593272][T14867] total_swap 716800
[  303.597154][T14867] total_swapcached 8192
[  303.601356][T14867] total_pgpgin 215121
[  303.605323][T14867] total_pgpgout 215117
[  303.609368][T14867] total_pgfault 265968
[  303.613481][T14867] total_pgmajfault 177
[  303.617527][T14867] total_inactive_anon 8192
[  303.622020][T14867] total_active_anon 0
[  303.626026][T14867] total_inactive_file 4096
[  303.630424][T14867] total_active_file 4096
[  303.634776][T14867] total_unevictable 0
[  303.638746][T14867] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3868,pid=14867,uid=0
[  303.653497][T14867] Memory cgroup out of memory: Killed process 14867 (syz.2.3868) total-vm:93760kB, anon-rss:980kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  303.702454][T14910] lo speed is unknown, defaulting to 1000
[  303.920778][T14867] ==================================================================
[  303.928886][T14867] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  303.938701][T14867] 
[  303.941020][T14867] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  303.949066][T14867]  tick_do_update_jiffies64+0x113/0x1c0
[  303.954626][T14867]  tick_nohz_handler+0x7f/0x2d0
[  303.959473][T14867]  __hrtimer_run_queues+0x20c/0x5a0
[  303.964663][T14867]  hrtimer_interrupt+0x21a/0x460
[  303.969592][T14867]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  303.975482][T14867]  sysvec_apic_timer_interrupt+0x6f/0x80
[  303.981115][T14867]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  303.987087][T14867]  _raw_spin_unlock_irq+0x2f/0x50
[  303.992097][T14867]  filemap_remove_folio+0x75/0x1d0
[  303.997330][T14867]  truncate_inode_folio+0x42/0x50
[  304.002362][T14867]  shmem_undo_range+0x244/0xa80
[  304.007221][T14867]  shmem_evict_inode+0x134/0x520
[  304.012145][T14867]  evict+0x2e3/0x550
[  304.016043][T14867]  iput+0x447/0x5b0
[  304.019840][T14867]  dentry_unlink_inode+0x24f/0x260
[  304.024949][T14867]  __dentry_kill+0x18d/0x4b0
[  304.029534][T14867]  dput+0x5e/0xd0
[  304.033161][T14867]  __fput+0x444/0x650
[  304.037135][T14867]  ____fput+0x1c/0x30
[  304.041106][T14867]  task_work_run+0x131/0x1a0
[  304.045684][T14867]  do_exit+0x483/0x15c0
[  304.049838][T14867]  do_group_exit+0xff/0x140
[  304.054340][T14867]  get_signal+0xe59/0xf70
[  304.058664][T14867]  arch_do_signal_or_restart+0x96/0x480
[  304.064208][T14867]  exit_to_user_mode_loop+0x7a/0x100
[  304.069502][T14867]  do_syscall_64+0x1d6/0x200
[  304.074112][T14867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.080003][T14867] 
[  304.082314][T14867] read to 0xffffffff868099c0 of 8 bytes by task 14867 on cpu 1:
[  304.089929][T14867]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  304.096165][T14867]  count_shadow_nodes+0x6a/0x230
[  304.101088][T14867]  do_shrink_slab+0x60/0x680
[  304.105667][T14867]  shrink_slab+0x448/0x760
[  304.110072][T14867]  shrink_node+0x6c3/0x2120
[  304.114563][T14867]  do_try_to_free_pages+0x3f6/0xcd0
[  304.119746][T14867]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  304.125624][T14867]  try_charge_memcg+0x358/0x9e0
[  304.130461][T14867]  charge_memcg+0x51/0xc0
[  304.134773][T14867]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  304.140735][T14867]  __read_swap_cache_async+0x1df/0x350
[  304.146186][T14867]  swap_cluster_readahead+0x277/0x3e0
[  304.151551][T14867]  swapin_readahead+0xde/0x6f0
[  304.156314][T14867]  do_swap_page+0x301/0x2430
[  304.160887][T14867]  handle_mm_fault+0x9a5/0x2c20
[  304.165722][T14867]  do_user_addr_fault+0x636/0x1090
[  304.170825][T14867]  exc_page_fault+0x62/0xa0
[  304.175315][T14867]  asm_exc_page_fault+0x26/0x30
[  304.180148][T14867] 
[  304.182456][T14867] value changed: 0x0000000100000159 -> 0x000000010000015a
[  304.189540][T14867] 
[  304.191844][T14867] Reported by Kernel Concurrency Sanitizer on:
[  304.197974][T14867] CPU: 1 UID: 0 PID: 14867 Comm: syz.2.3868 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  304.209332][T14867] Tainted: [W]=WARN
[  304.213114][T14867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  304.223152][T14867] ==================================================================