last executing test programs:

6.335822881s ago: executing program 0 (id=1159):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8}, 0x94)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000a00)=ANY=[], 0x1, 0x1b1, &(0x7f0000000280)="$eJzs2zFrE2EYB/DnahrTOiSDkzjc6BSafoIGqSAGBCWDgqDYBqQnBQsBHWw3B7+EH8bBVT+JYwfhpLk0aUKEGpocJL/fkodc/rnnfcMleQJ5ff/90cHxSe9V70fUkiQ29iKN8yQasRGXzgIAWCXneR6/8zzPb5/F1rfI87zsjgCARfP5DwDr5/mLl0/anc7+szStRWRf+t1+t7gtjrd78S6yOIydqMefuPiCMFTUjx539nfSgUZ8zU6H+dN+99ZkvhX1aMzOt4p8OpnfjO2r+d2ox93Z+d2Z+Wo8qI7ymxFRj19v4ziyOIiL7Dj/uZWmD592pvJ3Bo8DAACAVdBMRwbzezUm5/dmc/L4eD4u8u3k2r8PTM3XlbhXKXftALCuTj5+OnqTZYcf5ihqw+eYM3694ud2cZIFnuKGisstHd2zt4z9+d+ierXDqWJrwa1Wlr7kJCLK2vDvEVH6yz3XRT0oSngzApZqfPWX3QkAAAAAAAAAAAAAAPAvy/hfUdlrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD9/A0AAP//W1+CbQ==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f00000002c0), 0x15000000)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = open(&(0x7f00000002c0)='.\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x12)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
renameat(r0, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00')
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffff9})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = open(&(0x7f0000000680)='./file0\x00', 0x40480, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r1, 0x82307202, &(0x7f0000001280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00')
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x60, 0x1407, 0x300, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044000}, 0x104)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x3c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x3c}}, 0x0)
flistxattr(r2, &(0x7f0000000580)=""/165, 0xa5)

5.876622067s ago: executing program 0 (id=1165):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)

5.773277243s ago: executing program 0 (id=1167):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x2, &(0x7f0000000180)=0xfffffd31, 0x4)
open(&(0x7f0000000040)='.\x00', 0x20000, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000a00)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
syz_open_dev$evdev(0x0, 0x1ff, 0x82)
unshare(0x22020600)
syz_open_procfs$namespace(0x0, &(0x7f00000002c0)='ns/pid\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000080)='memory.events.local\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0x20000000000000b9, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0x78, 0x30, 0x1, 0x0, 0x2, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xbabd, 0x81, 0x5, 0x1, 0xfff}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
unshare(0x40000000)

4.776312042s ago: executing program 0 (id=1171):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000440), 0x40000, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040))
r1 = syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x8e7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xf, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r2, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380)={0x0, r1}, 0x8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r6, 0x89f1, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000140)=@ethtool_cmd={0x89ffffff, 0xb, 0x1, 0x8000, 0x0, 0x6, 0x2, 0xfe, 0x10, 0x5, 0x0, 0x0, 0x7e4, 0x1, 0x1, 0x45, [0x2, 0x10000001]}})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r6], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$AUDIT_USER(0xffffffffffffffff, 0x0, 0x20000894)
bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x233})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc)

4.775786572s ago: executing program 4 (id=1172):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000140)={0x0, 0xfffffffffffffeda, &(0x7f0000000040)={&(0x7f0000000940)={0x60, r4, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x3}, {0xad, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4044890)
r6 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'sit0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000240)={@mcast1, 0x30, r7})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r10, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x10, 0x803, 0x0)
getsockname$packet(r13, &(0x7f0000000240)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x40)
sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="400000001000010425bd7000fedbdf2500000000", @ANYRES32=r14, @ANYBLOB="7808020001a20100200012800900010069706970000000001000028006000f0008"], 0x40}, 0x1, 0x0, 0x0, 0x80d0}, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000040)={@loopback, @loopback, <r15=>0x0}, &(0x7f0000000080)=0xc)
r16 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', <r17=>0x0})
sendmsg$nl_route_sched(r16, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r17, {0xfff1, 0x10}, {0x8, 0x4}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'sit0\x00', &(0x7f00000000c0)={'sit0\x00', <r18=>0x0, 0x1, 0x700, 0x81, 0x4c0, {{0x18, 0x4, 0x1, 0x15, 0x60, 0x66, 0x0, 0x1, 0x0, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@lsrr={0x83, 0x13, 0x20, [@dev={0xac, 0x14, 0x14, 0x33}, @multicast1, @rand_addr=0x64010101, @remote]}, @rr={0x7, 0x1b, 0x1b, [@broadcast, @private=0xa010100, @broadcast, @multicast1, @empty, @broadcast]}, @rr={0x7, 0x17, 0x9, [@rand_addr=0x64010102, @remote, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}, @local]}, @ra={0x94, 0x4}]}}}}})
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80004000}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)={0x3f8, r4, 0x20, 0x70bd27, 0x25dfdbff, {}, [{{0x8, 0x1, r7}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1b}}, {0x8, 0x6, r9}}}]}}, {{0x8}, {0x220, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r14}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffffff3}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7792}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r17}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r18}}}]}}, {{0x8}, {0x168, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1a47}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x3f8}, 0x1, 0x0, 0x0, 0x20008010}, 0x4000)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x84, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MEMBERSHIP_INTVL={0xc, 0x1f, 0x1}, @IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}, @IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0xe}, @IFLA_BR_VLAN_STATS_ENABLED={0x5}, @IFLA_BR_AGEING_TIME={0x8, 0x4, 0x101}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0xa0}, @IFLA_BR_MCAST_HASH_MAX={0x8, 0x1b, 0xfffffffb}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_MASTER={0x8}]}, 0x84}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r19=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x54, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a005}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0xfe, {0x3, 0x8}}]}]}}}, @IFLA_LINK={0x8, 0x5, r19}]}, 0x54}, 0x1, 0xba01}, 0x0)

4.493478618s ago: executing program 4 (id=1175):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x10000, &(0x7f000000b800)={[{@nodots}, {@fat=@fmask={'fmask', 0x3d, 0xdbd}}, {@dots}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@nodots}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {}, {@fat=@fmask={'fmask', 0x3d, 0xffff}}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@fat=@quiet}, {@fat=@tz_utc}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@fat=@nfs}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c000104000000000000000002000000", @ANYRES32=r2, @ANYBLOB="000014000a000100000000000000000008000f0004"], 0x30}}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000680)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370401a8001600a40003401c000100035c0461c1d67f6f94007134cf6ef68000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x8080)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, 0x3e, 0x9, 0x0, 0x800, {0x3}, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x3}]}, 0x1c}}, 0x0)
ioctl$TCSBRKP(r3, 0x5425, 0x0)
r6 = socket$packet(0x11, 0xa, 0x300)
ioctl$int_in(r6, 0x5452, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x8001, 0x1, r7}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x7fff, 0xffffffffffffffff, 0x4}, 0x38)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="740000000a0601020000000000000000030000000900020073797a310000000005000100070000004c0007801800"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

4.313550899s ago: executing program 0 (id=1178):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21c91c, &(0x7f0000000500)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@noinit_itable}, {@quota}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e0, &(0x7f0000001a40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIy10Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUqtzweOdO7Rvfqeo4uO7rn3cBVA3zoVEacj4kG1Wj0bEcON8kwjxWY91da7f+/WTC0lUa1e/SyJSOpltdXGtrznkcZmByPir3+K+EfyZNzy+sbidLFYWG0s5ytLK/ny+sa5haXp+cJ8YXlycuLi1KWpC1PjHWnnUERc/sNH///Pa3+8/Navbrx/7ZOxfyaN8ohH7ei0etOz6WfRNBgRq3sRrEcG0xYCAPB90DzO/3lEnI3hGEiP5gAAAID9pPrbofgmiagCAAAA+1YmnQObZHKNeQBDkcnkcvU5vD+Ow5liqVz55VxpbXm2Pld2JLKZuYViYbwxV3gksklteSLNP1o+v215MiKORcT/hg+ly7mZUnG21yc/AAAAoE8c2Tb+/3K4Pv7f4uueVQ4AAADonJFeVwAAAADYc8b/AAAAsP8Z/wMAAMC+9ucrV2qp2vz/69nr62uLpevnZgvlxdzS2kxuprS6kpsvlebTe/Yt7fR+xVJp5dexvHYzXymUK/ny+sa1pdLacuXawmN/gQ0AAAB00bGf3XkviYjN3xxKU82BXlcK6IrBZ1n5w72rB9B9A72uANAzz/T7D+wr2V5XAOi5ZIfX207eebvzdQEAAPbG6E9aX/8f2PHcwGamS1UE9ojzf9C/XP+H/uX6P/SvbAyEgTz0t51uAfr81/+r1WeqEAAA0HFDaUoyuYj0PMBQZDK5XMTRdEyQTeYWioXxiPhhRLw7nP1BbXki3TLZcc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAPa1iMzHSXo3/4jR4TND288PHEi+Gk6fI+LGK1dfujldqaxO1Mo/f1heeblRfr4XZzAAAACA7Zrj9OY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66f69WzPN1M24n/4+IkZaxR+Mg+nzwchGxOEvkhjcsl0SEQMdiL95OyKOt4qf1KoVI41atIp/qMfxj3QgPvSzO7X+53etvn+ZOJU+t/7+XUx7qOfXvv/LPOz/BlrEr5Ud3WWME3ffyLeNfzvixGDr/qcZP2nT/5zeZfy//21jo91r1VcjRlv+/iSPxcpXllby5fWNcwtL0/OF+cLy5OTExalLUxemxvNzC8VC47FljP/+9M0HT2v/4TbxR3Zo/5ldtv/buzfv/aiezT7cPHkUf+x06/1/vE38TGP//6KRr70+2sxv1vNbnXz9nZNPa/9sm/bvtP/Hdtn+s3/59we7XBUA6ILy+sbidLFYWO3rzHN9GrXDoheiFS9mpva5vgDVaJn51x68c+3IvNft6kSmp90SAACwB54cAwMAAAAAAAAAAAAAAAAAAADd1o3biWW3xdxMHztx93wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM75LgAA///6fNJN")
r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x80000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, &(0x7f0000000500))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{}, 0x0, &(0x7f0000000880)}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20048a, &(0x7f00000001c0), 0x12, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
syz_usbip_server_init(0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000306010100000400000000000200000a0900020073797a3000000000"], 0x20}, 0x1, 0x0, 0x0, 0x24000080}, 0x40)
syz_clone(0x80080100, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)={0x88, 0x0, 0x7, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFACCT_FILTER={0x3c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x4}, @NFACCT_FILTER_MASK={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xc32}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x8}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x101}]}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xa}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xffff}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x7}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x3}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x7, @local, 0x7}]}, &(0x7f0000000080)=0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x6)

3.955368149s ago: executing program 4 (id=1179):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8}, 0x94)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000a00)=ANY=[], 0x1, 0x1b1, &(0x7f0000000280)="$eJzs2zFrE2EYB/DnahrTOiSDkzjc6BSafoIGqSAGBCWDgqDYBqQnBQsBHWw3B7+EH8bBVT+JYwfhpLk0aUKEGpocJL/fkodc/rnnfcMleQJ5ff/90cHxSe9V70fUkiQ29iKN8yQasRGXzgIAWCXneR6/8zzPb5/F1rfI87zsjgCARfP5DwDr5/mLl0/anc7+szStRWRf+t1+t7gtjrd78S6yOIydqMefuPiCMFTUjx539nfSgUZ8zU6H+dN+99ZkvhX1aMzOt4p8OpnfjO2r+d2ox93Z+d2Z+Wo8qI7ymxFRj19v4ziyOIiL7Dj/uZWmD592pvJ3Bo8DAACAVdBMRwbzezUm5/dmc/L4eD4u8u3k2r8PTM3XlbhXKXftALCuTj5+OnqTZYcf5ihqw+eYM3694ud2cZIFnuKGisstHd2zt4z9+d+ierXDqWJrwa1Wlr7kJCLK2vDvEVH6yz3XRT0oSngzApZqfPWX3QkAAAAAAAAAAAAAAPAvy/hfUdlrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD9/A0AAP//W1+CbQ==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f00000002c0), 0x15000000)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = open(&(0x7f00000002c0)='.\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x12)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
renameat(r0, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00')
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffff9})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = open(&(0x7f0000000680)='./file0\x00', 0x40480, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r1, 0x82307202, &(0x7f0000001280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00')
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x60, 0x1407, 0x300, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044000}, 0x104)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x3c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x3c}}, 0x0)
flistxattr(r2, &(0x7f0000000580)=""/165, 0xa5)

3.477350007s ago: executing program 4 (id=1184):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x2000)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x3, @dev={0xfe, 0x80, '\x00', 0x20}, 0x2}, 0x1c)
sendmsg$NFT_BATCH(r1, 0x0, 0x40)

3.331607176s ago: executing program 1 (id=1186):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x12)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

3.326466496s ago: executing program 2 (id=1188):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = open(0x0, 0x60840, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x5}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000f80)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {}, {0x1, 0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x10, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x7, 0xf}}, @TCA_MATCHALL_ACT={0x4}]}}]}, 0x44}}, 0x1)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
lstat(&(0x7f00000022c0)='./file0\x00', 0x0)
statx(0xffffffffffffff9c, 0x0, 0x400, 0x4, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000000c00078008000640000007010500050002000000050004000000000016000300686173683a6e65742c706f7274"], 0x5c}}, 0x0)
sendmmsg$unix(r5, 0x0, 0x0, 0x41)

3.245824521s ago: executing program 3 (id=1189):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
open(0x0, 0x64842, 0x2)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x101400, 0xad)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfff, 0x1, @perf_config_ext={0x9, 0x7ff7fffd}, 0x40, 0x1, 0xfffffffc, 0x6, 0xfff, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x50)
lseek(r0, 0x100000001, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000040), 0x7, 0xc0041)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000140)="76ea092000000000009bb5606c1e", 0x0, 0x2f00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x591)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x24000890}, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@getqdisc={0x24, 0x26, 0x705, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xffe0}, {0x10, 0x8}, {0xfff2, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f00000002c0)='veth1_to_bridge\x00', 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0x10)
sendmmsg$inet(r5, &(0x7f0000004980), 0x0, 0x20008000)
recvmsg(r5, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)=""/103, 0x67}, {&(0x7f00000005c0)=""/214, 0xd6}], 0x2}, 0x103)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)

3.130152627s ago: executing program 1 (id=1190):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x10000, &(0x7f000000b800)={[{@nodots}, {@fat=@fmask={'fmask', 0x3d, 0xdbd}}, {@dots}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@nodots}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {}, {@fat=@fmask={'fmask', 0x3d, 0xffff}}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@fat=@quiet}, {@fat=@tz_utc}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@fat=@nfs}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c000104000000000000000002000000", @ANYRES32=r2, @ANYBLOB="000014000a000100000000000000000008000f0004"], 0x30}}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000680)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370401a8001600a40003401c000100035c0461c1d67f6f94007134cf6ef68000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x8080)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, 0x3e, 0x9, 0x0, 0x800, {0x3}, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x3}]}, 0x1c}}, 0x0)
ioctl$TCSBRKP(r3, 0x5425, 0x0)
r6 = socket$packet(0x11, 0xa, 0x300)
ioctl$int_in(r6, 0x5452, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x8001, 0x1, r7}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x7fff, 0xffffffffffffffff, 0x4}, 0x38)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="740000000a0601020000000000000000030000000900020073797a310000000005000100070000004c0007801800"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

2.664259495s ago: executing program 3 (id=1191):
mount$tmpfs(0x0, &(0x7f00000004c0)='./cgroup\x00', &(0x7f0000000f80), 0xd3d67c91aaf4fb9b, &(0x7f00000000c0)=ANY=[@ANYBLOB="6d706f6c11ada733c90000000000000965ffff1a302d302c00"])
socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)="e46204a8134ff6b4fbd33c6d", &(0x7f0000000580)="4436bbc2acdea03f4d22eb9a936641b8818d6ff7411296438774576e0f9eb332749cb00c9e1170761c885c112bc3ff58952c29fa7836029457e3a4a98ede620f094b52da8d7e25468c494bdbf07cff796381bbdd7ae9cf84f6565704756795eeda7f60663c64277002d891f886352cf157605c6438e12d7056420b8f110754375e2bead66f536a0735bac7e2d739ba80df55a9", 0x1}, 0x46)
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @private=0xa010101, 0x4e24, 0x3, 'sed\x00', 0x1, 0xa7e, 0x6c}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4f21, 0x3, 'lc\x00', 0x5, 0x8, 0x6c}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x10000, 0xcd, 0x1}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYRES8, @ANYRESHEX=r5])
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000ffffffffffffff7f00", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = io_uring_setup(0x516, &(0x7f0000000640)={0x0, 0xddaa, 0x1, 0x503fa, 0x10c})
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f0000003180)=@req3={0x2, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x3}, 0x1c)
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendmsg$rds(r8, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x44, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f0000000200), 0x7f, 0x400040)

2.176073683s ago: executing program 3 (id=1192):
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x22d3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0xc, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file3\x00', 0x165840, 0x2)
io_setup(0xe44, &(0x7f0000002700))

1.896505629s ago: executing program 0 (id=1193):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000500), 0x1, 0x523, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AgiNfbGsrzrtbzrUptIuGeuSFTiBEf+AM49ceeC4MalHJD4YYFqJA5TzezY2di79qaJvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiIdyNipjyelFu81d3y8z7ZfbC4t/tgMYkse+dfSVGeH4uen8ldK19zKiJ+8J2InyRH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5427r9ceozVTx5a+1JwoU1/++I873/hZXq3p8khvO56mbtMrB3FylyPie6cRbAQule2ZGHVF+EzSiHg+Il4urv+ZuFT8NgGAiyzLZiKb6c0DABddWsyBJWm1nAuYjjStVrtzeC/E1bTRandu3W9tri1158quRyW9v9Ko3ynnCq9HJcnzc0X6Yb52KH83Ip6LiF9OXiny1cVWY2mUNz4AMMauHRr//zvZHf8BgAvu+I/NAAAXkfEfAMaP8R8Axo/xHwDGT3f8v/K4P5Zl2c9PozoAwBnw/A8A48f4DwBj5ftvv51v2V75/ddL721trrbeu71Ub69Wm5uL1cXWxnp1udVaLr6zp3nS6zVarfW512Lz/evfXG93Zttb2/earc21zr3ie73v1SvFWTtn0DIAYJDnXvroL0k+Ir95pdiiZy2HykhrBpy2dNQVAEbm0qgrAIyM1b5gfD18xn/sDwGYHoALos8SvY+Y6vcHQlmWZadXJeCU3fyC+X8YVz3z/z4FDGPmpPn/Ym1gbxLChWT+H8ZXliXDrvkfw54IAJxvx8zxXz/L+xBgdAa8//98uf9d+ebAj5YOn/HhadYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzrf99X+r5TK/05Gm1WrEM8UCQJXk/kqjficino2IP09WJvP83IjrDAA8qfTvSbn+182ZV6cfKXrx2kFyIiJ++ut3fvX+Qqez8aeIieTfk/vHOx+Wx2snBps6jRYAAMfbH6eLfc+D/Ce7Dxb3t7Oszz++3b0ryOPu7U7E3kH8y3G52E9FJSKu/icp811Jz9zFk9j5ICI+36/9SUwXcyDdW5bD8fPYz5xp/PSR+Gm5QHNa/lt87inUBcbNR3n/81a/6y+NG8W+//U/VfRQT67s//KXWtwr+sCH8ff7v0sD+r8bw8Z47Q/f7aauHC37IOKLlyP2Y+/19D/78ZMB8V8dMv5fv/Tiy4PKst9E3Iz+8XtjzXaa67Ptre3bK82F5fpyfa1Wm5+bv/PG3ddrs8Uc9ezg0eCfb956dlBZ3v6rA+JPndD+rw7Z/t/+/90ffuWY+F9/pV/8NF44Jn4+Jn5tyPgLV38/8Lk7j790tP3JML//W0PG//hv20eWDQcARqe9tb260GjUNyTGNPHjOBfVGC6R/5c9B9Xom/jWWcWaiP5Fv3ile00fKsqyzxRrUI/xNGbdgPPg4KKPiP+NujIAAAAAAAAAAAAAAEBfZ/EXS6NuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXpwEAAP//+E3TQw==")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
write$binfmt_elf32(r0, &(0x7f0000000900)=ANY=[], 0x58)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@noload}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x480, &(0x7f0000000bc0)="$eJzs3M9vFFUcAPDvzLZFfpRWxB8gapUYG3+0tKBy8KLRxANGEz3gzdoWQijU0GqEEKnG4MXEkOhZPZr4F3jzYtSTiVe9GxKiXEBPNTM7U3aXbn/AdhfYzycZ5r2Zt/Ped2em82beLAF0raHsnyRiW0T8ERED1Wx9gaHq7Orls5P/Xj47mcTi4pt/J3m5K5fPTpZFk/igP5tvLbY5nEaknyZFJfXmTp85PjEzM32qyI/On3hvdO70mWeOnZg4On10+uT4wYMH9o89/9z4sy2JM4vryu6PZvfsevXtC69NHr7w7i/fZ+3fVqyvjaPBpob5mg1lgf+zmFtamFZnj687gltbf0066elgQ1iXSkRku6s3P/8HohLXdt5AvPJJRxsHbKjs2rTChW1hEbiDJdHpFgCdUV7os/vfcmpT1+OWcOnF6g1QFvfVYqqu6Slv1fN7o/4Nqn8oIg4v/Pd1NsXKzyEAAFri88mvDsXTy/X/0rivptz2YgxlMCLujogdEXFPROyMiHsj8rL3R8QDq1eZ1mYah4au7/+kF284uDXI+n8vFGNb9f2/pWYOVopcfx5/b3Lk2Mz0vuI7GY7eTVl+bIU6fnz59y+aravt/2VTVn/ZFyzacbGn4QHd1MT8RN4pbYFLH0fs7lku/mRpJCCJiF0RsXt9m95eJo49+d2eZoVWj38FLRhnWvw24onq/l+IhvhLycrjk6N3xcz0vtHyqLjer7+df6NZ/TcVfwtk+39L/fHfWGQwqR2vnVt/Hef//KzpPc2NHv99yVv5Z/uKZR9OzM+fGovoSw7l+brl49c+W+bL8ln8w3uXP/93FJ/J4n8wIrKD+KGIeDgiHina/mhEPBYRe1eI/+eXmq+rj3/ztk7s/6mGv3+b8zVLx3/D/l9/onL8px+Wr/2bd9a2/w/kqeFiSf73bxVrbeBNfn0AAABwW0jzd+CTdGQpnaYjI9V3+HfGlnRmdm7+qSOz75+cqr4rPxi9afmka6DmeehYslBssZofL54Vl+v3F8+Nv6xszvMjk7MzUx2OHbrd1ibnf+avSqdbB2y45cbRxvuupUfa2RigrRrP/7Q+e+71djYGaKum79FsaW87gPZb5T26tF3tANrP/9cC3Wu58/9cQ95YANyZXP+hayWdbgDQOa7/0L2c/9CVVvuRfOUmf/svcdslkrUVjnSjmtEbnf8S1pPojYiWbLDvlginSHgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bn+DwAA///zmOoZ")
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b40)=ANY=[@ANYBLOB="28000000130a810100000000000000000200000008000340000000010900010073797a3000000000a936fd15318d901e2182b0b6932732086b7e1a454e455a292d"], 0x28}}, 0x20004000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = accept$unix(r0, &(0x7f0000000540), &(0x7f00000005c0)=0x6e)
recvmsg$unix(r3, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002140), 0x0, &(0x7f0000002200)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}, 0x40000002)
getdents64(r2, &(0x7f0000000080)=""/109, 0x6d)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r4, 0x84, 0x12, &(0x7f0000000000)=0xb, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000420000002000128008000100677470001400028008000200", @ANYRES32=r7], 0x40}, 0x1, 0xba01, 0x0, 0x4000050}, 0x0)
fsopen(&(0x7f0000000280)='ncpfs\x00', 0x0)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r5, 0xffffffffffffffff, 0x0)

1.895650279s ago: executing program 2 (id=1194):
r0 = io_uring_setup(0x2d08, &(0x7f0000000000))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r1)
sendmsg$TIPC_NL_LINK_GET(r1, 0x0, 0x48404)
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r2, 0x0, 0x0, 0x1001f0)
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000400)={0x1, 0x2000000, 0x0, &(0x7f0000000380)=[{0x0}], 0x0}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r3)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x80)
syz_genetlink_get_family_id$devlink(0x0, r3)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
semget(0x1, 0x4, 0x39c)
connect$pptp(r5, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r6, 0x40047438, &(0x7f0000000040)=0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000"], 0x7c}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
pipe(&(0x7f0000000180))
readv(r6, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/75, 0x4b}], 0x1)
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000080))

1.89465605s ago: executing program 1 (id=1203):
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x22d3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$kcm(0x11, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file3\x00', 0x165840, 0x2)
finit_module(r2, 0x0, 0x3)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001380)={0x0, 0x200, 0x18}, 0xc)
io_setup(0xe44, &(0x7f0000002700)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000003780)=[&(0x7f0000003740)={0x0, 0x0, 0x0, 0x9, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x2}])
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@nodelalloc}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x10000005}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@barrier_val={'barrier', 0x3d, 0x81}}], [{@flag='ro'}]}, 0xfd, 0x573, &(0x7f0000000640)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")

1.852329922s ago: executing program 2 (id=1195):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="05"], 0x10)
close(r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r1}, &(0x7f0000000500), &(0x7f0000000540)=r0}, 0x20)
clock_adjtime(0x0, &(0x7f0000000000)={0x20000066b9, 0x200000000, 0x3, 0x6, 0x0, 0xffffffffffffffff, 0x78, 0x1000000000004, 0x0, 0x4, 0x0, 0x248a, 0x1, 0x0, 0x0, 0x2, 0x6, 0x0, 0x4, 0x400000002, 0x2, 0x1000000000000000, 0x8000, 0x8})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x16, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000008fdff00000000000300000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000140)={r6, 0x0, 0x42, 0x0, &(0x7f0000000000)="3df7dab2742a1a61f6c362232d1ca21713228ebba21c414bd429d05f93b3b6cd1fcb7f9bbfbb1bc905d11583e1b93b5cd88a4c7d371f222aa269619b660c7d4f6187", 0x0, 0xd, 0x0, 0xa1, 0x0, &(0x7f0000000080)="6cda76a0cb69aa9286472dff66c8ffbd0b0cb7a6d5e68e91e0d6ed6a60fabc09fcb4dd1383593edef59da099eacb822a2749d7f0dc2c487e30da87d739e82a08e123f9b53e1e4b3a4eb01a1f659b8de567c570b02c918227d7e87a25870af1719286c055ad197c32b7104373fe5ea1c91bb58e20bbf4359770e5905ed5a8b4a48138db5835e1ea1b40218c71f5d3a2dccbf596e61e54e0ab32f9bec2c115c4f342", 0x0, 0x2, 0x0, 0x4}, 0x37)
syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000a80)='./file1\x00', 0x2800810, &(0x7f00000025c0)=ANY=[@ANYBLOB="646f74732c747a3d5554432c646f74732c646f74732c6e6f646f74732c666c7573682c646f74732c6e6f646f74732c71756965742c00b3d27234e95eb4b44190021bbbe89ab824d38c571641668d362b4dff6e47bdf1638c7462a3bd66a53b404ae08c32af6843a2469c7210381b9d48047c77540b6447a8e50c44cb44f91e4264a37e0209c3a234f4803ba56b7a24536ee396f4838f4143b92ad909efb23eb22dce6477c2bb5b8f793b9e07c2120d566cf1f6ba51e4d01e8ef223a2ba72cfb3127844c045765149fb1219f433feb977426596e07082254e9930296256df143ff96377d8c28c533724fbd9fdad260e7d875d0f17374141abc60c8e3c07e4a7bc381791172c217f00964aaf6e213a252b9689ae38342862d27437921e13229d407e1a6037e3f16a2cdab8f9c76a66a72ccc67015c9435e200f9fbb9d78ce426b37310b9f127e7b1207c74eff7b853de7043a001de85931463c7fc7c78be9eb9b5f88c0067aabb3a5d1f94bcc90537c1c1ce509450160c"], 0x3, 0x176, &(0x7f0000000240)="$eJzs27GL01AcB/BfbNRTl5vFIeDiVNTJUZET1ICidNBJ4XS5yoG3RKfgX+LqHyfITTcIT2q0tSVFrU0j189n6Q++7eP3hteXF5IXV94c7B8evT58fBw7WRb57SjiJIvdOBODaNQBAJwmJynFl5RSOl/HhY+RUuq7IwCga/Z/ANg+v93/b/XUGADQGed/ANg+T589f3inLPeeFMVOxOe6GlWj5rPJ790v964X3+3OfnVcVaPBNL/R5MV8fjYu/shvtubn4trVJp9kdx+VC/ml2J9v1WOIAAAAsKJhMdV6vh8Ol+VN9cv9gYXzex6X841NAwD4C0fv3h+8HI9fvV1Dkcd6xlG0FVH/wZcnF239t7qZIvtZfE0prTDOh0/NEhg/+C+ms94ii4h/G6fvfyaga7NF33cnAAAAAAAAAAAAAADAMt2+jTToe3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ6lsAAAD//1UCS4E=")
r7 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000540)='.log\x00', 0x1c10c1, 0x9c37611dc13d0db7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES64=r5, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r8, @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
capget(0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYRES16=r7], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x20004800)
sendmsg$NFT_BATCH(r9, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
socket$netlink(0x10, 0x3, 0x8000000004)

1.851621182s ago: executing program 3 (id=1196):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, 0x0, 0x0)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsmount(r1, 0x0, 0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000540)={0x0, 0xfffffffa, 0x8, 0xfffffff7}, &(0x7f0000000580)=0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x70)

1.851193762s ago: executing program 4 (id=1197):
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100))
r0 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x400, 0x0, 0x8000021d}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="ff"], 0x8)
sendmmsg$inet6(r3, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000300)="980790a9cebb39", 0x7}], 0x1, &(0x7f0000000900)=ANY=[@ANYBLOB="14000000000000002900000034000000f9ffffff000000001400000000000000290000000b0000000010000100000000380000000000000029000000370000003303000000000000000100c20400000009c910ff010000000000000000000000000001000000000028"], 0x90}}], 0x1, 0x40)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x7ff})
io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0)
r5 = syz_io_uring_setup(0xbdc, &(0x7f00000000c0)={0x0, 0x5edc, 0x1000, 0x1, 0x40000333}, &(0x7f0000000000), &(0x7f00000001c0))
io_uring_enter(r5, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r6 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x4}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000580)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000004c0)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd_index=0x4, 0x56, {}, 0x6, 0x12, 0x0, {0x0, r9}})
r10 = socket$inet_icmp(0x2, 0x2, 0x1)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd_index=0x5, 0x5, {0x0, r5}, 0xffffffff, 0xc, 0x0, {0x0, r9, r10}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x1b, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006b00000018010000e4d400bf00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b400000095"], &(0x7f0000000d00)='GPL\x00', 0xb, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x102}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000840)={[{@grpjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
lsm_get_self_attr(0x65, &(0x7f0000000100)={0x0, 0x0, 0xd5, 0xb5, ""/181}, &(0x7f0000000200)=0xd5, 0x0)

1.725983319s ago: executing program 1 (id=1198):
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffe68)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x8, 0x6, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0xda00, 0x0, 0x0, 0x0, 0x80c51000}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0xdb, &(0x7f0000000340)=""/219}, 0x94)
keyctl$join(0x1, &(0x7f0000000300)={'syz', 0x2})
getsockopt(r0, 0x7, 0x6, &(0x7f0000000040)=""/57, &(0x7f0000000140)=0x39)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
syz_open_pts(0xffffffffffffffff, 0x101580)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
shmctl$IPC_RMID(0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x28000600)
epoll_create1(0x80000)
unshare(0x2c020400)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xe)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="400000001000030500000000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15460100ef000000180012800e0001007769726567756172640000000400028008000a00", @ANYRES32, @ANYBLOB="56ca01008ce7"], 0x40}}, 0x0)
accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240))

1.718340789s ago: executing program 2 (id=1199):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000540)={0x0, 0xfffffffa, 0x8, 0xfffffff7}, &(0x7f0000000580)=0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x70)

682.50261ms ago: executing program 3 (id=1200):
socket$phonet(0x23, 0x2, 0x1)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x22d3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0xc, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
io_setup(0xe44, &(0x7f0000002700)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000003780)=[&(0x7f0000003740)={0x0, 0x0, 0x0, 0x9, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x2}])

482.110122ms ago: executing program 2 (id=1201):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000a00)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

437.132055ms ago: executing program 3 (id=1202):
r0 = msgget$private(0x0, 0x80)
msgrcv(r0, 0x0, 0x0, 0x0, 0x2000)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\t\x00'/28], 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYNAME(r3, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000012c0)={0x28, 0xe, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000180)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_bp={0x0, 0x8}, 0x11e167, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18002e05000000000000000000000000180100002000000000000000002420207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d000000956b7646ea", @ANYRESHEX=r2], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x3eb}}, 0x28}, 0x1, 0x0, 0x0, 0x240208d1}, 0x40000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
msgrcv(r0, 0x0, 0x0, 0x3, 0x1000)

436.006185ms ago: executing program 2 (id=1213):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000000100)="15", 0x1, 0x1, &(0x7f0000000140)={0xa, 0x4e23, 0x7ff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r2, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], &(0x7f0000000180)=[0x2], 0x0, 0x1, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000006, 0x12, r1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r6, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r6, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x40, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x14, 0x2, [@TCA_PIE_ECN={0x8}, @TCA_PIE_BETA={0x8, 0x5, 0x7}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8004001}, 0x20008000)
sendmsg$inet6(r0, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)}, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0x0, 0x4}, &(0x7f0000000080)=0x9c)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000000014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a0000000500040001000000c1590c9fe92c70409533a7acaf3d7072b144c5f5c963697b3ff9bea20eba159d251d57a146ac718289d253f3be698fed96dc6035adef29a07823dc76dea18307c0b1366c07f0145dcd4b556e3129ca"], 0x4c}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x44, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_TID={0xc, 0x3, 0x3}, @GTPA_PEER_ADDR6={0x14, 0xb, @remote}, @GTPA_FAMILY={0x5, 0xd, 0x28}]}, 0x44}, 0x1, 0x0, 0x0, 0x4830}, 0x2004000)
syz_emit_ethernet(0xfffffd4d, &(0x7f0000000880)=ANY=[@ANYBLOB="fffffffff7ffaaaa9daaaa0481002500200c0300ff0f0700000033be735a9daf4af8"], 0x0)
sendmsg$IPSET_CMD_LIST(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
socket$inet(0x10, 0x3, 0x0)

329.744261ms ago: executing program 1 (id=1204):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001400090527bd7000fddbdf25022000cb", @ANYRES32=r3, @ANYBLOB="080004006401010208000100e000000208000200ac14143d080002007fecae845f365d578d0000050800090600000000000000f7dded72f45986278db964e2838526b1f8e2857110d05f2c46051b9add1e80b039d269dc99a5ef85a9"], 0x48}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x18}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1_virt_wifi\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xc}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r6, {0xfff1, 0xffff}, {}, {0xc, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x20, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x0, 0xd}}, @TCA_FW_INDEV={0x14, 0x3, 'erspan0\x00'}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x200c8080)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x0, 0x0, 0x5, 0xa555, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x7fff, 0x2}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000380)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
r10 = socket(0x1, 0x2, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r11, &(0x7f0000000180), &(0x7f00000000c0)=@tcp=r10}, 0x20)
close_range(r9, 0xffffffffffffffff, 0x0)
r12 = syz_open_dev$tty1(0xc, 0x4, 0x1)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
ioctl$KDFONTOP_SET(r12, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x5, 0x200, &(0x7f0000003c40)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r13, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x300, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

2.32597ms ago: executing program 4 (id=1205):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21c91c, &(0x7f0000000500)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@resgid}, {@noinit_itable}, {@quota}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e0, &(0x7f0000001a40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIy10Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUqtzweOdO7Rvfqeo4uO7rn3cBVA3zoVEacj4kG1Wj0bEcON8kwjxWY91da7f+/WTC0lUa1e/SyJSOpltdXGtrznkcZmByPir3+K+EfyZNzy+sbidLFYWG0s5ytLK/ny+sa5haXp+cJ8YXlycuLi1KWpC1PjHWnnUERc/sNH///Pa3+8/Navbrx/7ZOxfyaN8ohH7ei0etOz6WfRNBgRq3sRrEcG0xYCAPB90DzO/3lEnI3hGEiP5gAAAID9pPrbofgmiagCAAAA+1YmnQObZHKNeQBDkcnkcvU5vD+Ow5liqVz55VxpbXm2Pld2JLKZuYViYbwxV3gksklteSLNP1o+v215MiKORcT/hg+ly7mZUnG21yc/AAAAoE8c2Tb+/3K4Pv7f4uueVQ4AAADonJFeVwAAAADYc8b/AAAAsP8Z/wMAAMC+9ucrV2qp2vz/69nr62uLpevnZgvlxdzS2kxuprS6kpsvlebTe/Yt7fR+xVJp5dexvHYzXymUK/ny+sa1pdLacuXawmN/gQ0AAAB00bGf3XkviYjN3xxKU82BXlcK6IrBZ1n5w72rB9B9A72uANAzz/T7D+wr2V5XAOi5ZIfX207eebvzdQEAAPbG6E9aX/8f2PHcwGamS1UE9ojzf9C/XP+H/uX6P/SvbAyEgTz0t51uAfr81/+r1WeqEAAA0HFDaUoyuYj0PMBQZDK5XMTRdEyQTeYWioXxiPhhRLw7nP1BbXki3TLZcc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAPa1iMzHSXo3/4jR4TND288PHEi+Gk6fI+LGK1dfujldqaxO1Mo/f1heeblRfr4XZzAAAACA7Zrj9OY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66f69WzPN1M24n/4+IkZaxR+Mg+nzwchGxOEvkhjcsl0SEQMdiL95OyKOt4qf1KoVI41atIp/qMfxj3QgPvSzO7X+53etvn+ZOJU+t/7+XUx7qOfXvv/LPOz/BlrEr5Ud3WWME3ffyLeNfzvixGDr/qcZP2nT/5zeZfy//21jo91r1VcjRlv+/iSPxcpXllby5fWNcwtL0/OF+cLy5OTExalLUxemxvNzC8VC47FljP/+9M0HT2v/4TbxR3Zo/5ldtv/buzfv/aiezT7cPHkUf+x06/1/vE38TGP//6KRr70+2sxv1vNbnXz9nZNPa/9sm/bvtP/Hdtn+s3/59we7XBUA6ILy+sbidLFYWO3rzHN9GrXDoheiFS9mpva5vgDVaJn51x68c+3IvNft6kSmp90SAACwB54cAwMAAAAAAAAAAAAAAAAAAADd1o3biWW3xdxMHztx93wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM75LgAA///6fNJN")
r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x80000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, &(0x7f0000000500))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{}, 0x0, &(0x7f0000000880)}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20048a, &(0x7f00000001c0), 0x12, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
syz_usbip_server_init(0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000306010100000400000000000200000a0900020073797a3000000000"], 0x20}, 0x1, 0x0, 0x0, 0x24000080}, 0x40)
syz_clone(0x80080100, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)={0x88, 0x0, 0x7, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFACCT_FILTER={0x3c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x4}, @NFACCT_FILTER_MASK={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xc32}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x8}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x101}]}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xa}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xffff}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x7}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x3}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x7, @local, 0x7}]}, &(0x7f0000000080)=0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x6)

0s ago: executing program 1 (id=1206):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x2000)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x3, @dev={0xfe, 0x80, '\x00', 0x20}, 0x2}, 0x1c)
sendmsg$NFT_BATCH(r1, 0x0, 0x40)

kernel console output (not intermixed with test programs):

   92.415877][ T5519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.636513][   T29] audit: type=1326 audit(1768940085.281:3003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.667634][   T29] audit: type=1326 audit(1768940085.313:3004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.691918][   T29] audit: type=1326 audit(1768940085.313:3005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.716163][   T29] audit: type=1326 audit(1768940085.313:3006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.739552][   T29] audit: type=1326 audit(1768940085.313:3007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.763586][   T29] audit: type=1326 audit(1768940085.323:3008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.786998][   T29] audit: type=1326 audit(1768940085.323:3009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5537 comm="syz.2.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[   92.895652][ T5540] EXT4-fs (loop4): shut down requested (0)
[   92.908724][ T3485] usb 1-1: enqueue for inactive port 0
[   92.941458][ T3485] usb 1-1: enqueue for inactive port 0
[   93.041220][ T3485] vhci_hcd vhci_hcd.0: vhci_device speed not set
[   93.065677][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.102591][ T5549] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   93.616190][ T5569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.550'.
[   93.706183][ T5575] loop4: detected capacity change from 0 to 1024
[   93.732373][ T5575] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.745415][ T5580] x_tables: duplicate underflow at hook 2
[   93.793938][ T5580] netlink: 8 bytes leftover after parsing attributes in process `syz.3.554'.
[   93.849901][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.105453][ T5601] netlink: 'syz.1.559': attribute type 21 has an invalid length.
[   94.123128][ T5601] netlink: 'syz.1.559': attribute type 1 has an invalid length.
[   94.130862][ T5601] netlink: 132 bytes leftover after parsing attributes in process `syz.1.559'.
[   94.213495][ T5599] lo speed is unknown, defaulting to 1000
[   94.297315][ T5606] netlink: 'syz.3.561': attribute type 21 has an invalid length.
[   94.311288][ T5606] netlink: 'syz.3.561': attribute type 1 has an invalid length.
[   94.392771][ T5611] netlink: 'syz.3.563': attribute type 6 has an invalid length.
[   94.885142][ T5622] 9p: Bad value for 'rfdno'
[   94.892636][ T3485] IPVS: starting estimator thread 0...
[   94.960354][ T5624] __nla_validate_parse: 2 callbacks suppressed
[   94.960371][ T5624] netlink: 8 bytes leftover after parsing attributes in process `syz.1.568'.
[   95.001137][ T5625] IPVS: using max 2208 ests per chain, 110400 per kthread
[   95.033966][ T5633] netlink: 14 bytes leftover after parsing attributes in process `syz.2.569'.
[   95.049035][ T5631] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   95.055639][ T5631] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   95.063108][ T5631] vhci_hcd vhci_hcd.0: Device attached
[   95.142602][ T5639] netlink: 14 bytes leftover after parsing attributes in process `syz.0.570'.
[   95.276248][ T5645] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   95.282807][ T5645] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   95.291339][ T5645] vhci_hcd vhci_hcd.0: Device attached
[   95.319353][ T5652] netlink: 'syz.1.575': attribute type 21 has an invalid length.
[   95.344905][ T5646] vhci_hcd: connection closed
[   95.345119][  T296] vhci_hcd vhci_hcd.4: stop threads
[   95.355770][  T296] vhci_hcd vhci_hcd.4: release socket
[   95.361156][  T296] vhci_hcd vhci_hcd.4: disconnect device
[   95.373131][ T5652] netlink: 'syz.1.575': attribute type 1 has an invalid length.
[   95.380836][ T5652] netlink: 132 bytes leftover after parsing attributes in process `syz.1.575'.
[   95.968465][ T5660] loop4: detected capacity change from 0 to 128
[   96.146876][ T5632] vhci_hcd: connection closed
[   96.147019][  T296] vhci_hcd vhci_hcd.0: stop threads
[   96.157664][  T296] vhci_hcd vhci_hcd.0: release socket
[   96.163057][  T296] vhci_hcd vhci_hcd.0: disconnect device
[   96.332535][ T5668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.580'.
[   96.354077][ T5662] syz.1.578 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[   96.368573][ T5662] CPU: 0 UID: 0 PID: 5662 Comm: syz.1.578 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   96.368596][ T5662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   96.368607][ T5662] Call Trace:
[   96.368612][ T5662]  <TASK>
[   96.368619][ T5662]  __dump_stack+0x1d/0x30
[   96.368697][ T5662]  dump_stack_lvl+0x95/0xd0
[   96.368719][ T5662]  dump_stack+0x15/0x1b
[   96.368738][ T5662]  dump_header+0x80/0x240
[   96.368756][ T5662]  oom_kill_process+0x295/0x350
[   96.368830][ T5662]  out_of_memory+0x97d/0xb80
[   96.368854][ T5662]  try_charge_memcg+0x62e/0xa10
[   96.368890][ T5662]  obj_cgroup_charge_pages+0xa6/0x150
[   96.368913][ T5662]  __memcg_kmem_charge_page+0x9e/0x170
[   96.368993][ T5662]  __alloc_frozen_pages_noprof+0x18a/0x350
[   96.369023][ T5662]  alloc_pages_mpol+0xb3/0x260
[   96.369106][ T5662]  alloc_pages_noprof+0x8f/0x130
[   96.369128][ T5662]  __vmalloc_node_range_noprof+0xa46/0x12b0
[   96.369228][ T5662]  __kvmalloc_node_noprof+0x471/0x680
[   96.369250][ T5662]  ? ip_set_alloc+0x24/0x30
[   96.369309][ T5662]  ? ip_set_alloc+0x24/0x30
[   96.369334][ T5662]  ? __slab_alloc+0x25/0x50
[   96.369360][ T5662]  ip_set_alloc+0x24/0x30
[   96.369432][ T5662]  hash_netiface_create+0x282/0x740
[   96.369464][ T5662]  ? __pfx_hash_netiface_create+0x10/0x10
[   96.369500][ T5662]  ip_set_create+0x3cf/0x970
[   96.369584][ T5662]  ? __nla_parse+0x40/0x60
[   96.369651][ T5662]  nfnetlink_rcv_msg+0x509/0x5d0
[   96.369735][ T5662]  netlink_rcv_skb+0x123/0x220
[   96.369830][ T5662]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   96.369858][ T5662]  nfnetlink_rcv+0x167/0x1720
[   96.369939][ T5662]  ? __list_del_entry_valid_or_report+0x65/0x130
[   96.369966][ T5662]  ? __rmqueue_pcplist+0x9b6/0xb80
[   96.370114][ T5662]  ? _raw_spin_lock_bh+0x56/0xb0
[   96.370211][ T5662]  ? should_fail_ex+0x30/0x280
[   96.370234][ T5662]  ? selinux_nlmsg_lookup+0x99/0x890
[   96.370254][ T5662]  ? __rcu_read_unlock+0x33/0x70
[   96.370327][ T5662]  ? __netlink_lookup+0x276/0x2b0
[   96.370349][ T5662]  netlink_unicast+0x5c0/0x690
[   96.370379][ T5662]  netlink_sendmsg+0x5c8/0x6f0
[   96.370396][ T5662]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.370413][ T5662]  __sock_sendmsg+0x145/0x170
[   96.370474][ T5662]  ____sys_sendmsg+0x31e/0x4a0
[   96.370499][ T5662]  ___sys_sendmsg+0x195/0x1e0
[   96.370554][ T5662]  __x64_sys_sendmsg+0xd4/0x160
[   96.370629][ T5662]  x64_sys_call+0x17ba/0x3000
[   96.370650][ T5662]  do_syscall_64+0xc0/0x2a0
[   96.370715][ T5662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.370738][ T5662] RIP: 0033:0x7fcd5fabacb9
[   96.370754][ T5662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   96.370769][ T5662] RSP: 002b:00007fcd5e517028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.370786][ T5662] RAX: ffffffffffffffda RBX: 00007fcd5fd35fa0 RCX: 00007fcd5fabacb9
[   96.370857][ T5662] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[   96.370870][ T5662] RBP: 00007fcd5fb28bf7 R08: 0000000000000000 R09: 0000000000000000
[   96.370884][ T5662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.370922][ T5662] R13: 00007fcd5fd36038 R14: 00007fcd5fd35fa0 R15: 00007ffc32841958
[   96.370939][ T5662]  </TASK>
[   96.684298][ T5662] memory: usage 307200kB, limit 307200kB, failcnt 748
[   96.691094][ T5662] memory+swap: usage 307888kB, limit 9007199254740988kB, failcnt 0
[   96.698982][ T5662] kmem: usage 307164kB, limit 9007199254740988kB, failcnt 0
[   96.706359][ T5662] Memory cgroup stats for /syz1:
[   96.706867][ T3875] usb usb2-port1: attempt power cycle
[   96.723176][ T5662] cache 0
[   96.726207][ T5662] rss 32768
[   96.729331][ T5662] shmem 0
[   96.732305][ T5662] mapped_file 0
[   96.735772][ T5662] dirty 0
[   96.738697][ T5662] writeback 0
[   96.741958][ T5662] workingset_refault_anon 889
[   96.746650][ T5662] workingset_refault_file 646
[   96.751335][ T5662] swap 704512
[   96.754554][ T5669] loop4: detected capacity change from 0 to 8192
[   96.755349][ T5662] swapcached 0
[   96.764281][ T5662] pgpgin 84602
[   96.767672][ T5662] pgpgout 84593
[   96.771138][ T5662] pgfault 96891
[   96.774611][ T5662] pgmajfault 199
[   96.778244][ T5662] inactive_anon 32768
[   96.782209][ T5662] active_anon 0
[   96.785658][ T5662] inactive_file 4096
[   96.790206][ T5662] active_file 0
[   96.793650][ T5662] unevictable 0
[   96.797123][ T5662] hierarchical_memory_limit 314572800
[   96.802492][ T5662] hierarchical_memsw_limit 9223372036854771712
[   96.808755][ T5662] total_cache 0
[   96.812353][ T5662] total_rss 32768
[   96.815980][ T5662] total_shmem 0
[   96.820144][ T5662] total_mapped_file 0
[   96.824118][ T5662] total_dirty 0
[   96.827562][ T5662] total_writeback 0
[   96.831439][ T5662] total_workingset_refault_anon 889
[   96.836628][ T5662] total_workingset_refault_file 646
[   96.841834][ T5662] total_swap 704512
[   96.845791][ T5662] total_swapcached 0
[   96.849679][ T5662] total_pgpgin 84602
[   96.854419][ T5662] total_pgpgout 84593
[   96.858426][ T5662] total_pgfault 96891
[   96.862512][ T5662] total_pgmajfault 199
[   96.866568][ T5662] total_inactive_anon 32768
[   96.871066][ T5662] total_active_anon 0
[   96.875103][ T5662] total_inactive_file 4096
[   96.879505][ T5662] total_active_file 0
[   96.884309][ T5662] total_unevictable 0
[   96.888376][ T5662] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.398,pid=4894,uid=0
[   96.902947][ T5662] Memory cgroup out of memory: Killed process 4894 (syz.1.398) total-vm:94000kB, anon-rss:1364kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
[   96.920583][ T3485] vhci_hcd vhci_hcd.0: vhci_device speed not set
[   96.948207][ T5669]  loop4: p1 p2[DM] p4
[   96.953511][ T5669] loop4: p1 size 196608 extends beyond EOD, truncated
[   96.988198][ T5669] loop4: p2 start 4292936063 is beyond EOD, truncated
[   96.995171][ T5669] loop4: p4 size 50331648 extends beyond EOD, truncated
[   97.021292][ T3010]  loop4: p1 p2[DM] p4
[   97.043529][ T3010] loop4: p1 size 196608 extends beyond EOD, truncated
[   97.054104][ T5684] netlink: 196 bytes leftover after parsing attributes in process `syz.3.588'.
[   97.063824][ T3010] loop4: p2 start 4292936063 is beyond EOD, truncated
[   97.070654][ T3010] loop4: p4 size 50331648 extends beyond EOD, truncated
[   97.121144][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   97.133472][   T29] kauditd_printk_skb: 44 callbacks suppressed
[   97.133483][   T29] audit: type=1326 audit(1768940089.872:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.164225][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   97.196113][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   97.215033][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   97.236466][   T29] audit: type=1326 audit(1768940089.910:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.260898][   T29] audit: type=1326 audit(1768940089.910:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.284352][   T29] audit: type=1326 audit(1768940089.910:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.308428][   T29] audit: type=1326 audit(1768940089.919:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.436988][   T29] audit: type=1326 audit(1768940090.153:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.502268][   T29] audit: type=1326 audit(1768940090.190:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.552223][   T29] audit: type=1326 audit(1768940090.256:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.576239][   T29] audit: type=1326 audit(1768940090.256:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.600452][   T29] audit: type=1326 audit(1768940090.256:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5682 comm="syz.1.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[   97.667840][ T5698] netlink: 24 bytes leftover after parsing attributes in process `syz.2.590'.
[   97.678186][ T5693] netlink: 84 bytes leftover after parsing attributes in process `syz.0.583'.
[   97.687121][ T5693] openvswitch: netlink: Message has 8 unknown bytes.
[   97.700848][ T5698] netlink: 24 bytes leftover after parsing attributes in process `syz.2.590'.
[   97.740678][ T5698] netlink: 4 bytes leftover after parsing attributes in process `syz.2.590'.
[   97.766019][ T5702] netlink: 'syz.0.592': attribute type 21 has an invalid length.
[   97.774830][ T5702] netlink: 'syz.0.592': attribute type 1 has an invalid length.
[   97.816762][ T5703] bridge0: entered promiscuous mode
[   97.822037][ T5703] bridge0: entered allmulticast mode
[   98.014322][ T5710] bond1: left promiscuous mode
[   98.031406][ T5710] dummy0: left promiscuous mode
[   98.036350][ T5710] bond1: left allmulticast mode
[   98.068943][ T5710] dummy0: left allmulticast mode
[   98.073947][ T5710] bridge0: left promiscuous mode
[   98.078895][ T5710] bridge0: left allmulticast mode
[   98.092359][ T5717] loop4: detected capacity change from 0 to 512
[   98.099386][ T5717] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   98.144495][ T5717] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.594: Allocating blocks 41-42 which overlap fs metadata
[   98.165977][ T5717] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.594: Allocating blocks 41-42 which overlap fs metadata
[   98.186618][ T5717] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.594: Failed to acquire dquot type 1
[   98.296458][ T5717] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   98.315543][ T5717] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.594: corrupted inode contents
[   98.327662][ T5717] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.594: mark_inode_dirty error
[   98.339249][ T5717] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.594: corrupted inode contents
[   98.376663][ T5717] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.594: mark_inode_dirty error
[   98.406705][ T5717] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.594: corrupted inode contents
[   98.437125][ T5717] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[   98.464142][ T5717] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.594: corrupted inode contents
[   98.476855][ T5717] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.594: mark_inode_dirty error
[   98.488784][ T5717] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[   98.497916][ T5717] EXT4-fs (loop4): 1 truncate cleaned up
[   98.504217][ T5717] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.539984][ T5717] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   98.546536][ T5717] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   98.553960][ T5717] vhci_hcd vhci_hcd.0: Device attached
[   98.566160][ T5731] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.594: Failed to acquire dquot type 1
[   98.599237][ T5732] team0: left allmulticast mode
[   98.604853][ T5732] team_slave_0: left allmulticast mode
[   98.610428][ T5732] team_slave_1: left allmulticast mode
[   98.615980][ T5732] team0: left promiscuous mode
[   98.620878][ T5732] team_slave_0: left promiscuous mode
[   98.626327][ T5732] team_slave_1: left promiscuous mode
[   98.631872][ T5732] bridge0: port 3(team0) entered disabled state
[   98.655067][ T5732] bridge_slave_0: left allmulticast mode
[   98.660976][ T5732] bridge_slave_0: left promiscuous mode
[   98.661205][ T5732] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.670426][ T5732] bridge_slave_1: left allmulticast mode
[   98.670492][ T5732] bridge_slave_1: left promiscuous mode
[   98.670656][ T5732] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.671838][ T5732] bond0: (slave bond_slave_0): Releasing backup interface
[   98.679724][ T5732] bond0: (slave bond_slave_1): Releasing backup interface
[   98.715493][ T5732] team0: Port device team_slave_0 removed
[   98.722983][ T5732] team0: Port device team_slave_1 removed
[   98.742328][ T3482] vhci_hcd vhci_hcd.4: vhci_device speed not set
[   98.743045][ T5732] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   98.806422][ T3482] usb 9-1: new full-speed USB device number 4 using vhci_hcd
[   99.180776][ T5729] vhci_hcd: connection reset by peer
[   99.212811][ T5252] vhci_hcd vhci_hcd.4: stop threads
[   99.218062][ T5252] vhci_hcd vhci_hcd.4: release socket
[   99.223507][ T5252] vhci_hcd vhci_hcd.4: disconnect device
[   99.429737][ T5759] lo speed is unknown, defaulting to 1000
[   99.486060][ T5766] netlink: 'syz.0.605': attribute type 21 has an invalid length.
[   99.503568][ T5766] netlink: 'syz.0.605': attribute type 1 has an invalid length.
[   99.612376][ T5763] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5763 comm=syz.1.604
[   99.636660][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.956745][ T5780] loop4: detected capacity change from 0 to 512
[  100.008832][ T5787] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  100.040126][ T5775] lo speed is unknown, defaulting to 1000
[  100.058125][ T5780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.105083][ T5780] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.272847][ T5808] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5808 comm=syz.0.613
[  100.372974][ T3875] usb usb2-port1: unable to enumerate USB device
[  100.443600][ T5812] mmap: syz.2.616 (5812): VmData 20725760 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  100.738375][ T5814] netlink: 'syz.2.617': attribute type 21 has an invalid length.
[  100.746236][ T5814] netlink: 'syz.2.617': attribute type 1 has an invalid length.
[  100.754546][ T5814] __nla_validate_parse: 10 callbacks suppressed
[  100.754561][ T5814] netlink: 132 bytes leftover after parsing attributes in process `syz.2.617'.
[  100.806800][ T5818] bond1: (slave dummy0): Releasing active interface
[  100.824294][ T5818] team0: Port device team_slave_0 removed
[  100.833805][ T5818] team0: Port device team_slave_1 removed
[  100.840918][ T5818] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.856897][ T5818] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.867065][ T5818] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  100.888562][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.377627][ T5846] netlink: 'syz.1.630': attribute type 21 has an invalid length.
[  101.386395][ T5846] netlink: 'syz.1.630': attribute type 1 has an invalid length.
[  101.394242][ T5846] netlink: 132 bytes leftover after parsing attributes in process `syz.1.630'.
[  101.421945][ T5850] netlink: 36 bytes leftover after parsing attributes in process `syz.1.632'.
[  101.532943][ T5849] delete_channel: no stack
[  101.568111][ T5858] sctp: [Deprecated]: syz.4.628 (pid 5858) Use of struct sctp_assoc_value in delayed_ack socket option.
[  101.568111][ T5858] Use struct sctp_sack_info instead
[  101.731752][ T5865] netlink: 'syz.3.633': attribute type 29 has an invalid length.
[  101.740841][ T5865] netlink: 'syz.3.633': attribute type 29 has an invalid length.
[  102.264914][ T5887] netlink: 14 bytes leftover after parsing attributes in process `syz.2.643'.
[  102.384831][ T5889] netlink: 132 bytes leftover after parsing attributes in process `syz.1.644'.
[  102.451999][ T5853] syz.0.634 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  102.466805][ T5853] CPU: 1 UID: 0 PID: 5853 Comm: syz.0.634 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  102.466834][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  102.466849][ T5853] Call Trace:
[  102.466857][ T5853]  <TASK>
[  102.466866][ T5853]  __dump_stack+0x1d/0x30
[  102.466889][ T5853]  dump_stack_lvl+0x95/0xd0
[  102.466912][ T5853]  dump_stack+0x15/0x1b
[  102.466939][ T5853]  dump_header+0x80/0x240
[  102.466981][ T5853]  oom_kill_process+0x295/0x350
[  102.467005][ T5853]  out_of_memory+0x97d/0xb80
[  102.467074][ T5853]  try_charge_memcg+0x62e/0xa10
[  102.467113][ T5853]  obj_cgroup_charge_pages+0xa6/0x150
[  102.467141][ T5853]  __memcg_kmem_charge_page+0x9e/0x170
[  102.467171][ T5853]  __alloc_frozen_pages_noprof+0x18a/0x350
[  102.467196][ T5853]  alloc_pages_mpol+0xb3/0x260
[  102.467220][ T5853]  alloc_pages_noprof+0x8f/0x130
[  102.467252][ T5853]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  102.467364][ T5853]  __kvmalloc_node_noprof+0x471/0x680
[  102.467390][ T5853]  ? ip_set_alloc+0x24/0x30
[  102.467417][ T5853]  ? ip_set_alloc+0x24/0x30
[  102.467520][ T5853]  ? __slab_alloc+0x25/0x50
[  102.467543][ T5853]  ip_set_alloc+0x24/0x30
[  102.467621][ T5853]  hash_netiface_create+0x282/0x740
[  102.467649][ T5853]  ? __pfx_hash_netiface_create+0x10/0x10
[  102.467787][ T5853]  ip_set_create+0x3cf/0x970
[  102.467812][ T5853]  ? __nla_parse+0x40/0x60
[  102.467838][ T5853]  nfnetlink_rcv_msg+0x509/0x5d0
[  102.467937][ T5853]  netlink_rcv_skb+0x123/0x220
[  102.467966][ T5853]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  102.468073][ T5853]  nfnetlink_rcv+0x167/0x1720
[  102.468135][ T5853]  ? __kfree_skb+0x109/0x150
[  102.468159][ T5853]  ? nlmon_xmit+0x4f/0x60
[  102.468176][ T5853]  ? consume_skb+0x49/0x140
[  102.468196][ T5853]  ? nlmon_xmit+0x4f/0x60
[  102.468271][ T5853]  ? dev_hard_start_xmit+0x3a8/0x3e0
[  102.468300][ T5853]  ? __dev_queue_xmit+0x139a/0x1f20
[  102.468407][ T5853]  ? __dev_queue_xmit+0x148/0x1f20
[  102.468474][ T5853]  ? ref_tracker_free+0x37d/0x3e0
[  102.468500][ T5853]  ? __netlink_deliver_tap+0x4dc/0x500
[  102.468533][ T5853]  netlink_unicast+0x5c0/0x690
[  102.468590][ T5853]  netlink_sendmsg+0x5c8/0x6f0
[  102.468609][ T5853]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.468627][ T5853]  __sock_sendmsg+0x145/0x170
[  102.468649][ T5853]  ____sys_sendmsg+0x31e/0x4a0
[  102.468687][ T5853]  ___sys_sendmsg+0x195/0x1e0
[  102.468726][ T5853]  __x64_sys_sendmsg+0xd4/0x160
[  102.468788][ T5853]  x64_sys_call+0x17ba/0x3000
[  102.468878][ T5853]  do_syscall_64+0xc0/0x2a0
[  102.468897][ T5853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.468977][ T5853] RIP: 0033:0x7fa5c24eacb9
[  102.469058][ T5853] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.469075][ T5853] RSP: 002b:00007fa5c0f47028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.469096][ T5853] RAX: ffffffffffffffda RBX: 00007fa5c2765fa0 RCX: 00007fa5c24eacb9
[  102.469116][ T5853] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  102.469130][ T5853] RBP: 00007fa5c2558bf7 R08: 0000000000000000 R09: 0000000000000000
[  102.469186][ T5853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.469199][ T5853] R13: 00007fa5c2766038 R14: 00007fa5c2765fa0 R15: 00007ffed8edb0f8
[  102.469255][ T5853]  </TASK>
[  102.469310][ T5853] memory: usage 307200kB, limit 307200kB, failcnt 484
[  102.804343][ T5853] memory+swap: usage 375404kB, limit 9007199254740988kB, failcnt 0
[  102.812325][ T5853] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[  102.820306][ T5853] Memory cgroup stats for /syz0:
[  102.821190][ T5853] cache 4096
[  102.829339][ T5853] rss 4096
[  102.832347][ T5853] shmem 0
[  102.835273][ T5853] mapped_file 4096
[  102.839039][ T5853] dirty 0
[  102.842009][ T5853] writeback 0
[  102.845274][ T5853] workingset_refault_anon 102
[  102.850590][ T5853] workingset_refault_file 3332
[  102.855425][ T5853] swap 69844992
[  102.858938][ T5853] swapcached 16384
[  102.862644][ T5853] pgpgin 202175
[  102.866095][ T5853] pgpgout 202169
[  102.869666][ T5853] pgfault 97623
[  102.873118][ T5853] pgmajfault 116
[  102.876689][ T5853] inactive_anon 12288
[  102.881337][ T5853] active_anon 8192
[  102.885054][ T5853] inactive_file 0
[  102.888674][ T5853] active_file 4096
[  102.892407][ T5853] unevictable 0
[  102.895875][ T5853] hierarchical_memory_limit 314572800
[  102.901383][ T5853] hierarchical_memsw_limit 9223372036854771712
[  102.907522][ T5853] total_cache 4096
[  102.911902][ T5853] total_rss 4096
[  102.915450][ T5853] total_shmem 0
[  102.918904][ T5853] total_mapped_file 4096
[  102.923156][ T5853] total_dirty 0
[  102.926630][ T5853] total_writeback 0
[  102.930426][ T5853] total_workingset_refault_anon 102
[  102.935673][ T5853] total_workingset_refault_file 3332
[  102.941001][ T5853] total_swap 69844992
[  102.945711][ T5853] total_swapcached 16384
[  102.949950][ T5853] total_pgpgin 202175
[  102.953970][ T5853] total_pgpgout 202169
[  102.958022][ T5853] total_pgfault 97623
[  102.961997][ T5853] total_pgmajfault 116
[  102.966156][ T5853] total_inactive_anon 12288
[  102.970641][ T5853] total_active_anon 8192
[  102.974871][ T5853] total_inactive_file 0
[  102.979833][ T5853] total_active_file 4096
[  102.984097][ T5853] total_unevictable 0
[  102.988101][ T5853] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.634,pid=5852,uid=0
[  103.002634][ T5853] Memory cgroup out of memory: Killed process 5852 (syz.0.634) total-vm:94132kB, anon-rss:1204kB, file-rss:22156kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  103.463028][ T5915] IPv6: NLM_F_CREATE should be specified when creating new route
[  103.722340][ T5922] validate_nla: 3 callbacks suppressed
[  103.722354][ T5922] netlink: 'syz.0.655': attribute type 21 has an invalid length.
[  103.748495][ T5922] netlink: 'syz.0.655': attribute type 1 has an invalid length.
[  103.756229][ T5922] netlink: 132 bytes leftover after parsing attributes in process `syz.0.655'.
[  103.769580][ T5905] syz.3.650 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  103.783397][ T5905] CPU: 0 UID: 0 PID: 5905 Comm: syz.3.650 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  103.783426][ T5905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  103.783439][ T5905] Call Trace:
[  103.783448][ T5905]  <TASK>
[  103.783458][ T5905]  __dump_stack+0x1d/0x30
[  103.783542][ T5905]  dump_stack_lvl+0x95/0xd0
[  103.783564][ T5905]  dump_stack+0x15/0x1b
[  103.783632][ T5905]  dump_header+0x80/0x240
[  103.783654][ T5905]  oom_kill_process+0x295/0x350
[  103.783675][ T5905]  out_of_memory+0x97d/0xb80
[  103.783695][ T5905]  try_charge_memcg+0x62e/0xa10
[  103.783836][ T5905]  obj_cgroup_charge_pages+0xa6/0x150
[  103.783877][ T5905]  __memcg_kmem_charge_page+0x9e/0x170
[  103.783903][ T5905]  __alloc_frozen_pages_noprof+0x18a/0x350
[  103.783932][ T5905]  alloc_pages_mpol+0xb3/0x260
[  103.783956][ T5905]  alloc_pages_noprof+0x8f/0x130
[  103.783981][ T5905]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  103.784023][ T5905]  __kvmalloc_node_noprof+0x471/0x680
[  103.784084][ T5905]  ? ip_set_alloc+0x24/0x30
[  103.784112][ T5905]  ? ip_set_alloc+0x24/0x30
[  103.784143][ T5905]  ip_set_alloc+0x24/0x30
[  103.784282][ T5905]  hash_netiface_create+0x282/0x740
[  103.784314][ T5905]  ? __pfx_hash_netiface_create+0x10/0x10
[  103.784345][ T5905]  ip_set_create+0x3cf/0x970
[  103.784373][ T5905]  ? __nla_parse+0x40/0x60
[  103.784396][ T5905]  nfnetlink_rcv_msg+0x509/0x5d0
[  103.784441][ T5905]  netlink_rcv_skb+0x123/0x220
[  103.784469][ T5905]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  103.784569][ T5905]  nfnetlink_rcv+0x167/0x1720
[  103.784605][ T5905]  ? __list_del_entry_valid_or_report+0x65/0x130
[  103.784650][ T5905]  ? __rmqueue_pcplist+0x9b6/0xb80
[  103.784676][ T5905]  ? _raw_spin_lock_bh+0x56/0xb0
[  103.784694][ T5905]  ? should_fail_ex+0x30/0x280
[  103.784748][ T5905]  ? selinux_nlmsg_lookup+0x99/0x890
[  103.784845][ T5905]  ? __rcu_read_unlock+0x33/0x70
[  103.784867][ T5905]  ? __netlink_lookup+0x276/0x2b0
[  103.784890][ T5905]  netlink_unicast+0x5c0/0x690
[  103.784934][ T5905]  netlink_sendmsg+0x5c8/0x6f0
[  103.784957][ T5905]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.784999][ T5905]  __sock_sendmsg+0x145/0x170
[  103.785049][ T5905]  ____sys_sendmsg+0x31e/0x4a0
[  103.785094][ T5905]  ___sys_sendmsg+0x195/0x1e0
[  103.785129][ T5905]  __x64_sys_sendmsg+0xd4/0x160
[  103.785158][ T5905]  x64_sys_call+0x17ba/0x3000
[  103.785251][ T5905]  do_syscall_64+0xc0/0x2a0
[  103.785274][ T5905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.785301][ T5905] RIP: 0033:0x7f7d44fdacb9
[  103.785319][ T5905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.785393][ T5905] RSP: 002b:00007f7d43a37028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.785410][ T5905] RAX: ffffffffffffffda RBX: 00007f7d45255fa0 RCX: 00007f7d44fdacb9
[  103.785457][ T5905] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  103.785468][ T5905] RBP: 00007f7d45048bf7 R08: 0000000000000000 R09: 0000000000000000
[  103.785482][ T5905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  103.785495][ T5905] R13: 00007f7d45256038 R14: 00007f7d45255fa0 R15: 00007ffd57b70778
[  103.785515][ T5905]  </TASK>
[  103.785521][ T5905] memory: usage 307200kB, limit 307200kB, failcnt 480
[  104.107478][ T5905] memory+swap: usage 307820kB, limit 9007199254740988kB, failcnt 0
[  104.115398][ T5905] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  104.123218][ T5905] Memory cgroup stats for /syz3:
[  104.123665][ T5905] cache 0
[  104.131583][ T5905] rss 0
[  104.134400][ T5905] shmem 0
[  104.137327][ T5905] mapped_file 0
[  104.141474][ T5905] dirty 0
[  104.144412][ T5905] writeback 0
[  104.147686][ T5905] workingset_refault_anon 56
[  104.152385][ T5905] workingset_refault_file 134
[  104.157175][ T5905] swap 634880
[  104.160553][ T5905] swapcached 0
[  104.163941][ T5905] pgpgin 164954
[  104.167401][ T5905] pgpgout 164953
[  104.170949][ T5905] pgfault 114426
[  104.175055][ T5905] pgmajfault 45
[  104.178666][ T5905] inactive_anon 0
[  104.182353][ T5905] active_anon 0
[  104.185920][ T5905] inactive_file 0
[  104.189591][ T5905] active_file 4096
[  104.193476][ T5905] unevictable 0
[  104.196965][ T5905] hierarchical_memory_limit 314572800
[  104.202402][ T5905] hierarchical_memsw_limit 9223372036854771712
[  104.209139][ T5905] total_cache 0
[  104.212592][ T5905] total_rss 0
[  104.215796][ T3482] usb 9-1: enqueue for inactive port 0
[  104.215924][ T5905] total_shmem 0
[  104.224897][ T5905] total_mapped_file 0
[  104.227492][ T3482] usb 9-1: enqueue for inactive port 0
[  104.228883][ T5905] total_dirty 0
[  104.238503][ T5905] total_writeback 0
[  104.242350][ T5905] total_workingset_refault_anon 56
[  104.247475][ T5905] total_workingset_refault_file 134
[  104.252749][ T5905] total_swap 634880
[  104.256555][ T5905] total_swapcached 0
[  104.260583][ T5905] total_pgpgin 164954
[  104.264557][ T5905] total_pgpgout 164953
[  104.269300][ T5905] total_pgfault 114426
[  104.273375][ T5905] total_pgmajfault 45
[  104.277362][ T5905] total_inactive_anon 0
[  104.281535][ T5905] total_active_anon 0
[  104.285513][ T5905] total_inactive_file 0
[  104.289662][ T5905] total_active_file 4096
[  104.294092][ T5905] total_unevictable 0
[  104.298073][ T5905] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.650,pid=5904,uid=0
[  104.312123][ T3482] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  104.313323][ T5905] Memory cgroup out of memory: Killed process 5904 (syz.3.650) total-vm:94132kB, anon-rss:1236kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  104.376645][ T5936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.657'.
[  104.419594][   T29] kauditd_printk_skb: 209 callbacks suppressed
[  104.419659][   T29] audit: type=1400 audit(1768940096.692:3267): avc:  denied  { map } for  pid=5935 comm="syz.4.657" path="socket:[13454]" dev="sockfs" ino=13454 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  104.450547][ T5936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.657'.
[  104.459909][ T5936] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5936 comm=syz.4.657
[  104.781070][ T5945] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  104.793903][ T5945] bond0: (slave lo): Error: Device type is different from other slaves
[  105.671722][ T5960] netlink: 4 bytes leftover after parsing attributes in process `syz.3.664'.
[  106.154228][ T5964] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  106.160832][ T5964] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  106.168328][ T5964] vhci_hcd vhci_hcd.0: Device attached
[  106.300273][ T5967] netlink: 14 bytes leftover after parsing attributes in process `syz.0.665'.
[  106.325171][   T29] audit: type=1326 audit(1768940098.460:3268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.349154][   T29] audit: type=1326 audit(1768940098.460:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.372640][   T29] audit: type=1326 audit(1768940098.460:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.396598][   T29] audit: type=1326 audit(1768940098.460:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.420153][   T29] audit: type=1326 audit(1768940098.460:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.444214][   T29] audit: type=1326 audit(1768940098.460:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.467691][   T29] audit: type=1326 audit(1768940098.460:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.491623][   T29] audit: type=1326 audit(1768940098.460:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.515647][   T29] audit: type=1326 audit(1768940098.460:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5969 comm="syz.3.666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44fdacb9 code=0x7ffc0000
[  106.539088][ T3956] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  106.610290][ T3956] usb 1-1: new full-speed USB device number 6 using vhci_hcd
[  106.666592][ T5973] netlink: 80 bytes leftover after parsing attributes in process `syz.3.667'.
[  106.747483][ T5973] netlink: 12 bytes leftover after parsing attributes in process `syz.3.667'.
[  107.378171][ T5982] Set syz1 is full, maxelem 65536 reached
[  107.395345][ T5987] loop4: detected capacity change from 0 to 1024
[  107.417111][ T5987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.511050][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.766868][ T6002] loop4: detected capacity change from 0 to 128
[  107.781240][ T5965] vhci_hcd: connection reset by peer
[  107.840478][ T5252] vhci_hcd vhci_hcd.0: stop threads
[  107.845867][ T5252] vhci_hcd vhci_hcd.0: release socket
[  107.851376][ T5252] vhci_hcd vhci_hcd.0: disconnect device
[  107.886934][ T6009] loop4: detected capacity change from 0 to 256
[  107.902136][ T6009] netlink: 'syz.4.678': attribute type 21 has an invalid length.
[  107.908290][ T6005] block device autoloading is deprecated and will be removed.
[  107.914638][ T6009] netlink: 'syz.4.678': attribute type 1 has an invalid length.
[  107.924353][ T6007] netlink: 'syz.1.679': attribute type 5 has an invalid length.
[  107.925096][ T6009] netlink: 132 bytes leftover after parsing attributes in process `syz.4.678'.
[  107.960060][ T6007] netlink: 8 bytes leftover after parsing attributes in process `syz.1.679'.
[  107.968957][ T6007] netlink: 8 bytes leftover after parsing attributes in process `syz.1.679'.
[  108.142159][ T6020] netlink: 'syz.4.683': attribute type 5 has an invalid length.
[  108.151469][ T6020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.683'.
[  108.160294][ T6020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.683'.
[  108.233267][ T6022] loop4: detected capacity change from 0 to 8192
[  108.240058][ T6005] loop0: detected capacity change from 0 to 128
[  108.241259][ T6005] /dev/loop0: Can't open blockdev
[  108.331812][ T6022]  loop4: p1 < > p3 < > p4
[  108.336270][ T6022] loop4: partition table partially beyond EOD, truncated
[  108.343939][ T6022] loop4: p1 start 4294967040 is beyond EOD, truncated
[  108.351455][ T6022] loop4: p4 start 4227858432 is beyond EOD, truncated
[  108.524210][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  108.617401][ T6036] netlink: 14 bytes leftover after parsing attributes in process `syz.2.687'.
[  108.716528][ T6045] loop4: detected capacity change from 0 to 256
[  108.744695][ T6045] netlink: 'syz.4.691': attribute type 21 has an invalid length.
[  108.758815][ T6045] netlink: 'syz.4.691': attribute type 1 has an invalid length.
[  108.766540][ T6045] netlink: 132 bytes leftover after parsing attributes in process `syz.4.691'.
[  109.146415][ T6055] xt_TCPMSS: Only works on TCP SYN packets
[  109.152627][ T6055] netlink: 'syz.0.694': attribute type 1 has an invalid length.
[  109.902714][   T29] kauditd_printk_skb: 205 callbacks suppressed
[  109.902730][   T29] audit: type=1400 audit(1768940101.819:3482): avc:  denied  { bind } for  pid=6069 comm="syz.0.700" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  109.964555][   T29] audit: type=1400 audit(1768940101.856:3483): avc:  denied  { setopt } for  pid=6071 comm="syz.3.701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  110.055734][   T29] audit: type=1326 audit(1768940101.959:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.113516][   T29] audit: type=1326 audit(1768940101.987:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.137676][   T29] audit: type=1326 audit(1768940101.987:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.160995][   T29] audit: type=1326 audit(1768940101.987:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.185172][   T29] audit: type=1326 audit(1768940101.987:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.208538][   T29] audit: type=1326 audit(1768940101.987:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.232498][   T29] audit: type=1326 audit(1768940101.987:3490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.256439][   T29] audit: type=1326 audit(1768940101.987:3491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5fabacb9 code=0x7ffc0000
[  110.306277][ T6091] netlink: 'syz.2.703': attribute type 21 has an invalid length.
[  110.314198][ T6091] netlink: 'syz.2.703': attribute type 1 has an invalid length.
[  110.718543][ T6107] netlink: 'syz.2.712': attribute type 11 has an invalid length.
[  110.787224][ T6114] loop4: detected capacity change from 0 to 512
[  110.961530][ T6114] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  111.160423][ T6128] netlink: 'syz.2.718': attribute type 21 has an invalid length.
[  111.169019][ T6128] netlink: 'syz.2.718': attribute type 1 has an invalid length.
[  111.211381][ T6114] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.713: Allocating blocks 41-42 which overlap fs metadata
[  111.236587][ T6114] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.713: Allocating blocks 41-42 which overlap fs metadata
[  111.251106][ T6114] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.713: Failed to acquire dquot type 1
[  111.357403][ T6114] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  111.373241][ T6114] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.713: corrupted inode contents
[  111.538034][ T6114] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.713: mark_inode_dirty error
[  111.559634][ T6114] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.713: corrupted inode contents
[  111.572628][ T6114] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.713: mark_inode_dirty error
[  111.622944][ T6114] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.713: corrupted inode contents
[  111.644387][ T6114] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  111.664055][ T6114] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.713: corrupted inode contents
[  111.691576][ T6114] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.713: mark_inode_dirty error
[  111.726890][ T6114] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  111.747179][ T6114] EXT4-fs (loop4): 1 truncate cleaned up
[  111.758415][ T6114] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.847989][ T6114] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  111.854646][ T6114] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  111.862132][ T6114] vhci_hcd vhci_hcd.0: Device attached
[  112.011249][ T6156] __nla_validate_parse: 5 callbacks suppressed
[  112.011327][ T6156] netlink: 14 bytes leftover after parsing attributes in process `syz.4.713'.
[  112.050660][ T3875] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  112.114482][ T3875] usb 9-1: new full-speed USB device number 5 using vhci_hcd
[  112.128964][ T6155] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.713: Failed to acquire dquot type 1
[  112.146053][ T3956] usb 1-1: enqueue for inactive port 0
[  112.181948][ T3956] usb 1-1: enqueue for inactive port 0
[  112.240457][ T6141] syz.1.722 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  112.254910][ T6141] CPU: 1 UID: 0 PID: 6141 Comm: syz.1.722 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  112.254938][ T6141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  112.254948][ T6141] Call Trace:
[  112.255028][ T6141]  <TASK>
[  112.255075][ T6141]  __dump_stack+0x1d/0x30
[  112.255097][ T6141]  dump_stack_lvl+0x95/0xd0
[  112.255117][ T6141]  dump_stack+0x15/0x1b
[  112.255137][ T6141]  dump_header+0x80/0x240
[  112.255158][ T6141]  oom_kill_process+0x295/0x350
[  112.255234][ T6141]  out_of_memory+0x97d/0xb80
[  112.255256][ T6141]  try_charge_memcg+0x62e/0xa10
[  112.255356][ T6141]  obj_cgroup_charge_pages+0xa6/0x150
[  112.255384][ T6141]  __memcg_kmem_charge_page+0x9e/0x170
[  112.255409][ T6141]  __alloc_frozen_pages_noprof+0x18a/0x350
[  112.255541][ T6141]  alloc_pages_mpol+0xb3/0x260
[  112.255569][ T6141]  alloc_pages_noprof+0x8f/0x130
[  112.255636][ T6141]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  112.255672][ T6141]  __kvmalloc_node_noprof+0x471/0x680
[  112.255692][ T6141]  ? ip_set_alloc+0x24/0x30
[  112.255766][ T6141]  ? ip_set_alloc+0x24/0x30
[  112.255791][ T6141]  ip_set_alloc+0x24/0x30
[  112.255821][ T6141]  hash_netiface_create+0x282/0x740
[  112.255867][ T6141]  ? __pfx_hash_netiface_create+0x10/0x10
[  112.256039][ T6141]  ip_set_create+0x3cf/0x970
[  112.256065][ T6141]  ? __nla_parse+0x40/0x60
[  112.256088][ T6141]  nfnetlink_rcv_msg+0x509/0x5d0
[  112.256177][ T6141]  netlink_rcv_skb+0x123/0x220
[  112.256277][ T6141]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  112.256377][ T6141]  nfnetlink_rcv+0x167/0x1720
[  112.256480][ T6141]  ? __rcu_read_unlock+0x4e/0x70
[  112.256500][ T6141]  ? __perf_event_task_sched_in+0xa65/0xad0
[  112.256522][ T6141]  ? perf_cgroup_switch+0x10c/0x480
[  112.256539][ T6141]  ? _raw_spin_lock_bh+0x56/0xb0
[  112.256597][ T6141]  ? should_fail_ex+0x30/0x280
[  112.256617][ T6141]  ? selinux_nlmsg_lookup+0x99/0x890
[  112.256640][ T6141]  ? __rcu_read_unlock+0x33/0x70
[  112.256658][ T6141]  ? __netlink_lookup+0x276/0x2b0
[  112.256680][ T6141]  netlink_unicast+0x5c0/0x690
[  112.256705][ T6141]  netlink_sendmsg+0x5c8/0x6f0
[  112.256723][ T6141]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.256741][ T6141]  __sock_sendmsg+0x145/0x170
[  112.256763][ T6141]  ____sys_sendmsg+0x31e/0x4a0
[  112.256828][ T6141]  ___sys_sendmsg+0x195/0x1e0
[  112.256864][ T6141]  __x64_sys_sendmsg+0xd4/0x160
[  112.256975][ T6141]  x64_sys_call+0x17ba/0x3000
[  112.256999][ T6141]  do_syscall_64+0xc0/0x2a0
[  112.257021][ T6141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.257118][ T6141] RIP: 0033:0x7fcd5fabacb9
[  112.257134][ T6141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  112.257210][ T6141] RSP: 002b:00007fcd5e517028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.257302][ T6141] RAX: ffffffffffffffda RBX: 00007fcd5fd35fa0 RCX: 00007fcd5fabacb9
[  112.257321][ T6141] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  112.257335][ T6141] RBP: 00007fcd5fb28bf7 R08: 0000000000000000 R09: 0000000000000000
[  112.257349][ T6141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.257416][ T6141] R13: 00007fcd5fd36038 R14: 00007fcd5fd35fa0 R15: 00007ffc32841958
[  112.257436][ T6141]  </TASK>
[  112.257442][ T6141] memory: usage 307200kB, limit 307200kB, failcnt 1140
[  112.314976][ T6149] vhci_hcd: connection reset by peer
[  112.315843][ T6141] memory+swap: usage 307744kB, limit 9007199254740988kB, failcnt 0
[  112.325165][ T5250] vhci_hcd vhci_hcd.4: stop threads
[  112.326668][ T6141] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  112.326684][ T6141] Memory cgroup stats for 
[  112.332528][ T5250] vhci_hcd vhci_hcd.4: release socket
[  112.332605][ T5250] vhci_hcd vhci_hcd.4: disconnect device
[  112.627124][ T6141] /syz1:
[  112.627317][ T6141] cache 0
[  112.633101][ T6141] rss 0
[  112.635911][ T6141] shmem 0
[  112.638851][ T6141] mapped_file 0
[  112.642309][ T6141] dirty 0
[  112.645259][ T6141] writeback 0
[  112.648641][ T6141] workingset_refault_anon 948
[  112.653946][ T6141] workingset_refault_file 774
[  112.658629][ T6141] swap 557056
[  112.661961][ T6141] swapcached 4096
[  112.665647][ T6141] pgpgin 102437
[  112.669083][ T6141] pgpgout 102435
[  112.672717][ T6141] pgfault 116698
[  112.676251][ T6141] pgmajfault 220
[  112.679782][ T6141] inactive_anon 0
[  112.684206][ T6141] active_anon 4096
[  112.688049][ T6141] inactive_file 0
[  112.691785][ T6141] active_file 4096
[  112.695494][ T6141] unevictable 0
[  112.699085][ T6141] hierarchical_memory_limit 314572800
[  112.704645][ T6141] hierarchical_memsw_limit 9223372036854771712
[  112.710784][ T6141] total_cache 0
[  112.714968][ T6141] total_rss 0
[  112.718236][ T6141] total_shmem 0
[  112.721681][ T6141] total_mapped_file 0
[  112.725668][ T6141] total_dirty 0
[  112.729119][ T6141] total_writeback 0
[  112.732971][ T6141] total_workingset_refault_anon 948
[  112.738226][ T6141] total_workingset_refault_file 774
[  112.743410][ T6141] total_swap 557056
[  112.747911][ T6141] total_swapcached 4096
[  112.752064][ T6141] total_pgpgin 102437
[  112.756094][ T6141] total_pgpgout 102435
[  112.760155][ T6141] total_pgfault 116698
[  112.764291][ T6141] total_pgmajfault 220
[  112.768387][ T6141] total_inactive_anon 0
[  112.772528][ T6141] total_active_anon 4096
[  112.776765][ T6141] total_inactive_file 0
[  112.781680][ T6141] total_active_file 4096
[  112.785915][ T6141] total_unevictable 0
[  112.789971][ T6141] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.141,pid=4026,uid=0
[  112.804586][ T6141] Memory cgroup out of memory: Killed process 4026 (syz.1.141) total-vm:96048kB, anon-rss:1236kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:1000
[  112.825684][ T3956] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  112.878446][ T6141] syz.1.722 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  112.892345][ T6141] CPU: 0 UID: 0 PID: 6141 Comm: syz.1.722 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  112.892372][ T6141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  112.892440][ T6141] Call Trace:
[  112.892449][ T6141]  <TASK>
[  112.892458][ T6141]  __dump_stack+0x1d/0x30
[  112.892554][ T6141]  dump_stack_lvl+0x95/0xd0
[  112.892629][ T6141]  dump_stack+0x15/0x1b
[  112.892645][ T6141]  dump_header+0x80/0x240
[  112.892719][ T6141]  oom_kill_process+0x295/0x350
[  112.892739][ T6141]  out_of_memory+0x97d/0xb80
[  112.892842][ T6141]  try_charge_memcg+0x62e/0xa10
[  112.892880][ T6141]  obj_cgroup_charge_pages+0xa6/0x150
[  112.892968][ T6141]  __memcg_kmem_charge_page+0x9e/0x170
[  112.892992][ T6141]  __alloc_frozen_pages_noprof+0x18a/0x350
[  112.893017][ T6141]  alloc_pages_mpol+0xb3/0x260
[  112.893040][ T6141]  alloc_pages_noprof+0x8f/0x130
[  112.893128][ T6141]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  112.893228][ T6141]  __kvmalloc_node_noprof+0x471/0x680
[  112.893253][ T6141]  ? ip_set_alloc+0x24/0x30
[  112.893288][ T6141]  ? ip_set_alloc+0x24/0x30
[  112.893318][ T6141]  ip_set_alloc+0x24/0x30
[  112.893347][ T6141]  hash_netiface_create+0x282/0x740
[  112.893378][ T6141]  ? __pfx_hash_netiface_create+0x10/0x10
[  112.893411][ T6141]  ip_set_create+0x3cf/0x970
[  112.893441][ T6141]  ? __nla_parse+0x40/0x60
[  112.893554][ T6141]  nfnetlink_rcv_msg+0x509/0x5d0
[  112.893643][ T6141]  netlink_rcv_skb+0x123/0x220
[  112.893673][ T6141]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  112.893747][ T6141]  nfnetlink_rcv+0x167/0x1720
[  112.893823][ T6141]  ? __rcu_read_unlock+0x4e/0x70
[  112.893839][ T6141]  ? __perf_event_task_sched_in+0xa65/0xad0
[  112.893858][ T6141]  ? perf_cgroup_switch+0x10c/0x480
[  112.893878][ T6141]  ? _raw_spin_lock_bh+0x56/0xb0
[  112.893959][ T6141]  ? should_fail_ex+0x30/0x280
[  112.893983][ T6141]  ? selinux_nlmsg_lookup+0x99/0x890
[  112.894008][ T6141]  ? __rcu_read_unlock+0x33/0x70
[  112.894067][ T6141]  ? __netlink_lookup+0x276/0x2b0
[  112.894090][ T6141]  netlink_unicast+0x5c0/0x690
[  112.894120][ T6141]  netlink_sendmsg+0x5c8/0x6f0
[  112.894145][ T6141]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.894161][ T6141]  __sock_sendmsg+0x145/0x170
[  112.894179][ T6141]  ____sys_sendmsg+0x31e/0x4a0
[  112.894208][ T6141]  ___sys_sendmsg+0x195/0x1e0
[  112.894263][ T6141]  __x64_sys_sendmsg+0xd4/0x160
[  112.894289][ T6141]  x64_sys_call+0x17ba/0x3000
[  112.894315][ T6141]  do_syscall_64+0xc0/0x2a0
[  112.894339][ T6141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.894360][ T6141] RIP: 0033:0x7fcd5fabacb9
[  112.894374][ T6141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  112.894421][ T6141] RSP: 002b:00007fcd5e517028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.894440][ T6141] RAX: ffffffffffffffda RBX: 00007fcd5fd35fa0 RCX: 00007fcd5fabacb9
[  112.894455][ T6141] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  112.894500][ T6141] RBP: 00007fcd5fb28bf7 R08: 0000000000000000 R09: 0000000000000000
[  112.894589][ T6141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.894599][ T6141] R13: 00007fcd5fd36038 R14: 00007fcd5fd35fa0 R15: 00007ffc32841958
[  112.894616][ T6141]  </TASK>
[  112.894627][ T6141] memory: usage 307188kB, limit 307200kB, failcnt 1253
[  113.222548][ T6141] memory+swap: usage 307444kB, limit 9007199254740988kB, failcnt 0
[  113.231168][ T6141] kmem: usage 307028kB, limit 9007199254740988kB, failcnt 0
[  113.238466][ T6141] Memory cgroup stats for /syz1:
[  113.238927][ T6141] cache 0
[  113.246775][ T6141] rss 114688
[  113.250003][ T6141] shmem 0
[  113.252924][ T6141] mapped_file 0
[  113.256368][ T6141] dirty 0
[  113.260123][ T6141] writeback 0
[  113.263436][ T6141] workingset_refault_anon 986
[  113.268091][ T6141] workingset_refault_file 774
[  113.272796][ T6141] swap 262144
[  113.276074][ T6141] swapcached 24576
[  113.279852][ T6141] pgpgin 102475
[  113.283299][ T6141] pgpgout 102444
[  113.286862][ T6141] pgfault 116749
[  113.291104][ T6141] pgmajfault 240
[  113.294688][ T6141] inactive_anon 24576
[  113.298662][ T6141] active_anon 98304
[  113.302487][ T6141] inactive_file 4096
[  113.306371][ T6141] active_file 0
[  113.309844][ T6141] unevictable 0
[  113.313365][ T6141] hierarchical_memory_limit 314572800
[  113.318718][ T6141] hierarchical_memsw_limit 9223372036854771712
[  113.325618][ T6141] total_cache 0
[  113.329078][ T6141] total_rss 114688
[  113.332784][ T6141] total_shmem 0
[  113.336360][ T6141] total_mapped_file 0
[  113.340328][ T6141] total_dirty 0
[  113.343915][ T6141] total_writeback 0
[  113.347712][ T6141] total_workingset_refault_anon 986
[  113.352895][ T6141] total_workingset_refault_file 774
[  113.358812][ T6141] total_swap 262144
[  113.362617][ T6141] total_swapcached 24576
[  113.366870][ T6141] total_pgpgin 102475
[  113.370870][ T6141] total_pgpgout 102444
[  113.374986][ T6141] total_pgfault 116749
[  113.379074][ T6141] total_pgmajfault 240
[  113.383127][ T6141] total_inactive_anon 24576
[  113.388372][ T6141] total_active_anon 98304
[  113.392693][ T6141] total_inactive_file 4096
[  113.397128][ T6141] total_active_file 0
[  113.401098][ T6141] total_unevictable 0
[  113.405078][ T6141] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.284,pid=4481,uid=0
[  113.420234][ T6141] Memory cgroup out of memory: Killed process 4481 (syz.1.284) total-vm:93988kB, anon-rss:1240kB, file-rss:20660kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  113.481742][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.526811][ T6170] loop0: detected capacity change from 0 to 256
[  113.587725][ T6170] netlink: 'syz.0.730': attribute type 21 has an invalid length.
[  113.607594][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.728'.
[  113.619808][ T6170] netlink: 'syz.0.730': attribute type 1 has an invalid length.
[  113.628266][ T6170] netlink: 132 bytes leftover after parsing attributes in process `syz.0.730'.
[  113.848187][ T6204] loop4: detected capacity change from 0 to 512
[  113.888456][ T6204] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  113.922920][ T6204] EXT4-fs (loop4): too many log groups per flexible block group
[  113.931821][ T6204] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  113.960712][ T6204] EXT4-fs (loop4): mount failed
[  114.041037][ T6204] netlink: 24 bytes leftover after parsing attributes in process `syz.4.738'.
[  114.110030][ T6204] lo speed is unknown, defaulting to 1000
[  114.115962][ T6204] lo speed is unknown, defaulting to 1000
[  114.121877][ T6204] lo speed is unknown, defaulting to 1000
[  114.137803][ T6204] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  114.162283][ T6204] lo speed is unknown, defaulting to 1000
[  114.179124][ T6204] lo speed is unknown, defaulting to 1000
[  114.185332][ T6204] lo speed is unknown, defaulting to 1000
[  114.192555][ T6204] lo speed is unknown, defaulting to 1000
[  114.206907][ T6204] lo speed is unknown, defaulting to 1000
[  114.227138][ T6195] netlink: 4 bytes leftover after parsing attributes in process `syz.1.735'.
[  114.236875][ T6204] lo speed is unknown, defaulting to 1000
[  114.359689][ T6218] loop4: detected capacity change from 0 to 512
[  114.382687][ T6218] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  114.426181][ T6218] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.740: Allocating blocks 41-42 which overlap fs metadata
[  114.454571][ T6218] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.740: Allocating blocks 41-42 which overlap fs metadata
[  114.485856][ T6218] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.740: Failed to acquire dquot type 1
[  114.497720][ T6218] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  114.513496][ T6218] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.740: corrupted inode contents
[  114.525715][ T6218] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.740: mark_inode_dirty error
[  114.537932][ T6218] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.740: corrupted inode contents
[  114.550709][ T6218] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.740: mark_inode_dirty error
[  114.563156][ T6218] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.740: corrupted inode contents
[  114.576150][ T6218] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  114.593373][ T6218] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.740: corrupted inode contents
[  114.616965][ T6218] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.740: mark_inode_dirty error
[  114.649042][ T6218] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  114.674259][ T6218] EXT4-fs (loop4): 1 truncate cleaned up
[  114.702354][ T6218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.749557][ T6228] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.740: Failed to acquire dquot type 1
[  114.832066][ T6231] netlink: 14 bytes leftover after parsing attributes in process `syz.4.740'.
[  115.203997][ T6259] loop0: detected capacity change from 0 to 256
[  115.268046][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.305319][ T6265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.761'.
[  115.361046][   T29] kauditd_printk_skb: 69 callbacks suppressed
[  115.361059][   T29] audit: type=1400 audit(1768940106.917:3549): avc:  denied  { cpu } for  pid=6264 comm="syz.0.761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  115.675575][   T29] audit: type=1326 audit(1768940107.217:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.771514][   T29] audit: type=1326 audit(1768940107.217:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.794944][   T29] audit: type=1326 audit(1768940107.217:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.819006][   T29] audit: type=1326 audit(1768940107.217:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.842369][   T29] audit: type=1326 audit(1768940107.217:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.866555][   T29] audit: type=1326 audit(1768940107.217:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.889858][   T29] audit: type=1326 audit(1768940107.217:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.913961][   T29] audit: type=1326 audit(1768940107.217:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  115.937243][   T29] audit: type=1326 audit(1768940107.301:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6290 comm="syz.4.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  116.226053][ T6300] loop0: detected capacity change from 0 to 256
[  116.251909][ T6302] loop4: detected capacity change from 0 to 512
[  116.269956][ T6302] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  116.333158][ T6302] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.773: Allocating blocks 41-42 which overlap fs metadata
[  116.494679][ T6302] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.773: Failed to acquire dquot type 1
[  116.520698][ T6302] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  116.549908][ T6310] loop0: detected capacity change from 0 to 512
[  116.561808][ T6312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.777'.
[  116.586159][ T6302] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.773: corrupted inode contents
[  116.599458][ T6310] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  116.615734][ T6302] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.773: mark_inode_dirty error
[  116.627433][ T6302] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.773: corrupted inode contents
[  116.640126][ T6302] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.773: mark_inode_dirty error
[  116.654773][ T6302] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.773: corrupted inode contents
[  116.667015][ T6302] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  116.676575][ T6302] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.773: corrupted inode contents
[  116.689119][ T6302] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.773: mark_inode_dirty error
[  116.701325][ T6302] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  116.711497][ T6302] EXT4-fs (loop4): 1 truncate cleaned up
[  116.717882][ T6302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.732108][ T6310] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.776: Allocating blocks 41-42 which overlap fs metadata
[  116.776511][ T6310] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.776: Allocating blocks 41-42 which overlap fs metadata
[  116.829605][ T6310] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.776: Failed to acquire dquot type 1
[  116.845484][ T6310] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  116.860348][ T6310] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.776: corrupted inode contents
[  116.878538][ T6310] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #12: comm syz.0.776: mark_inode_dirty error
[  116.890212][ T6310] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.776: corrupted inode contents
[  116.903050][ T6310] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.776: mark_inode_dirty error
[  116.914659][ T6310] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.776: corrupted inode contents
[  116.936157][ T6328] netlink: 14 bytes leftover after parsing attributes in process `syz.4.773'.
[  116.953169][ T6310] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  116.967010][ T6310] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.776: corrupted inode contents
[  116.979346][ T6310] EXT4-fs error (device loop0): ext4_truncate:4635: inode #12: comm syz.0.776: mark_inode_dirty error
[  116.991336][ T6310] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  117.000521][ T6310] EXT4-fs (loop0): 1 truncate cleaned up
[  117.006691][ T6310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.008777][ T6333] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6333 comm=syz.2.781
[  117.058573][ T6333] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6333 comm=syz.2.781
[  117.072814][ T6310] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  117.079371][ T6310] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  117.087594][ T6310] vhci_hcd vhci_hcd.0: Device attached
[  117.149990][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.160542][ T5252] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:16: Failed to release dquot type 1
[  117.177220][ T6350] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.776: Failed to acquire dquot type 1
[  117.200359][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.790'.
[  117.278164][ T3482] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  117.314328][ T6363] loop4: detected capacity change from 0 to 2048
[  117.343511][ T3482] usb 1-1: new full-speed USB device number 7 using vhci_hcd
[  117.365262][ T3315]  loop4: p1 < > p4
[  117.369567][ T3315] loop4: p4 size 8388608 extends beyond EOD, truncated
[  117.425129][ T6375] netlink: 'syz.3.802': attribute type 21 has an invalid length.
[  117.437669][ T6340] vhci_hcd: connection reset by peer
[  117.460055][ T6375] netlink: 'syz.3.802': attribute type 1 has an invalid length.
[  117.468581][ T6375] __nla_validate_parse: 1 callbacks suppressed
[  117.468593][ T6375] netlink: 132 bytes leftover after parsing attributes in process `syz.3.802'.
[  117.484660][ T5255] vhci_hcd vhci_hcd.0: stop threads
[  117.489864][ T5255] vhci_hcd vhci_hcd.0: release socket
[  117.495305][ T5255] vhci_hcd vhci_hcd.0: disconnect device
[  117.737211][ T3875] usb 9-1: enqueue for inactive port 0
[  117.742793][ T3875] usb 9-1: enqueue for inactive port 0
[  117.761617][ T6363]  loop4: p1 < > p4
[  117.766199][ T6363] loop4: p4 size 8388608 extends beyond EOD, truncated
[  117.824475][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  117.833199][ T3875] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  117.835212][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  117.876568][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  117.888544][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  118.111385][ T6411] loop4: detected capacity change from 0 to 256
[  118.270890][ T6424] loop4: detected capacity change from 0 to 2048
[  118.325433][ T3315]  loop4: p1 < > p3
[  118.330139][ T3315] loop4: p3 start 458752 is beyond EOD, truncated
[  118.338978][ T6424]  loop4: p1 < > p3
[  118.346529][ T6424] loop4: p3 start 458752 is beyond EOD, truncated
[  118.406805][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  118.464822][ T3315]  loop4: p1 p2 p3 p4
[  118.471317][ T3315] loop4: p1 start 13435904 is beyond EOD, truncated
[  118.478591][ T3315] loop4: p2 start 4195840 is beyond EOD, truncated
[  118.485231][ T3315] loop4: p3 start 458783 is beyond EOD, truncated
[  118.491697][ T3315] loop4: p4 start 65537 is beyond EOD, truncated
[  118.509491][ T6431]  loop4: p1 p2 p3 p4
[  118.519586][ T6431] loop4: p1 start 13435904 is beyond EOD, truncated
[  118.526453][ T6431] loop4: p2 start 4195840 is beyond EOD, truncated
[  118.533738][ T6431] loop4: p3 start 458783 is beyond EOD, truncated
[  118.540474][ T6431] loop4: p4 start 65537 is beyond EOD, truncated
[  118.615521][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.874308][ T6461] netlink: 'syz.2.841': attribute type 21 has an invalid length.
[  118.882889][ T6461] netlink: 'syz.2.841': attribute type 1 has an invalid length.
[  118.890522][ T6461] netlink: 132 bytes leftover after parsing attributes in process `syz.2.841'.
[  118.903546][ T6462] set_capacity_and_notify: 1 callbacks suppressed
[  118.903561][ T6462] loop4: detected capacity change from 0 to 1024
[  118.943603][ T6462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.145919][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.352187][ T6490] loop4: detected capacity change from 0 to 8192
[  119.412136][ T6494] netlink: 'syz.2.854': attribute type 21 has an invalid length.
[  119.421195][ T6490]  loop4: p1 p2 p3 p4
[  119.428461][ T6490] loop4: p1 size 262144 extends beyond EOD, truncated
[  119.460765][ T6494] netlink: 'syz.2.854': attribute type 1 has an invalid length.
[  119.468744][ T6494] netlink: 132 bytes leftover after parsing attributes in process `syz.2.854'.
[  119.482341][ T6490] loop4: p2 start 4293394690 is beyond EOD, truncated
[  119.489159][ T6490] loop4: p3 size 100663552 extends beyond EOD, truncated
[  119.619012][ T6490] loop4: p4 size 50331648 extends beyond EOD, truncated
[  119.725088][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  119.737227][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  119.750018][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  119.767434][ T6512] loop4: detected capacity change from 0 to 512
[  119.811112][ T6512] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  119.849752][ T6512] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.862: Allocating blocks 41-42 which overlap fs metadata
[  119.910882][ T6512] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.862: Failed to acquire dquot type 1
[  119.957259][ T6512] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  120.032036][ T6512] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.862: corrupted inode contents
[  120.072364][ T6512] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.862: mark_inode_dirty error
[  120.099599][ T6512] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.862: corrupted inode contents
[  120.126461][ T6512] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.862: mark_inode_dirty error
[  120.150006][ T6512] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.862: corrupted inode contents
[  120.182551][ T6512] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  120.201413][ T6512] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.862: corrupted inode contents
[  120.227829][ T6512] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.862: mark_inode_dirty error
[  120.252433][ T6512] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  120.271067][ T6512] EXT4-fs (loop4): 1 truncate cleaned up
[  120.277141][ T6512] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.328489][ T6550] lo speed is unknown, defaulting to 1000
[  120.335366][ T6550] lo speed is unknown, defaulting to 1000
[  120.384262][ T6512] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  120.390801][ T6512] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  120.398237][ T6512] vhci_hcd vhci_hcd.0: Device attached
[  120.408431][ T6566] netlink: 'syz.3.884': attribute type 21 has an invalid length.
[  120.429078][ T6566] netlink: 'syz.3.884': attribute type 1 has an invalid length.
[  120.437436][ T6566] netlink: 132 bytes leftover after parsing attributes in process `syz.3.884'.
[  120.499406][ T6577] loop0: detected capacity change from 0 to 128
[  120.508476][ T6578] netlink: 14 bytes leftover after parsing attributes in process `syz.4.862'.
[  120.561923][ T6581] loop0: detected capacity change from 0 to 512
[  120.590569][ T6581] EXT4-fs: Ignoring removed nobh option
[  120.591713][ T3972] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  120.616904][ T6581] ------------[ cut here ]------------
[  120.622457][ T6581] EA inode 11 i_nlink=1026
[  120.622493][ T6581] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#1: syz.0.890/6581
[  120.638297][ T6581] Modules linked in:
[  120.642225][ T6581] CPU: 1 UID: 0 PID: 6581 Comm: syz.0.890 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  120.651884][ T6581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  120.662568][ T6581] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350
[  120.665855][ T3972] usb 9-1: new full-speed USB device number 6 using vhci_hcd
[  120.669224][ T6581] Code: a4 ce 9b ff 4c 8d 2d 0d a7 3f 05 49 8d 7e 40 e8 54 85 b7 ff 49 8b 6e 40 4c 89 e7 e8 88 80 b7 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 6f c8 c5 03 66 66 66 66 66 66 2e
[  120.696868][ T6581] RSP: 0018:ffffc900018df5a8 EFLAGS: 00010246
[  120.703033][ T6581] RAX: ffff888123f61b10 RBX: ffff88811ac78ee0 RCX: ffffffff81bc6a98
[  120.711051][ T6581] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff86fc1190
[  120.719104][ T6581] RBP: 000000000000000b R08: 000188811ac78e93 R09: 0000000000000000
[  120.727575][ T6581] R10: ffffc900018df4d8 R11: 0001c900018df4d8 R12: ffff88811ac78e90
[  120.735565][ T6581] R13: ffffffff86fc1190 R14: ffff88811ac78e48 R15: 0000000000000001
[  120.743658][ T6581] FS:  00007fa5c0f476c0(0000) GS:ffff8882aec78000(0000) knlGS:0000000000000000
[  120.753360][ T6581] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  120.759941][ T6581] CR2: 00007f76a4752000 CR3: 00000001789f6000 CR4: 00000000003506f0
[  120.762199][ T6563] vhci_hcd: connection closed
[  120.768025][ T6581] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[  120.768537][ T6564] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  120.772746][ T6581] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  120.772762][ T6581] Call Trace:
[  120.798860][ T6581]  <TASK>
[  120.801792][ T6581]  ext4_xattr_set_entry+0x77c/0x1010
[  120.807149][ T6581]  ext4_xattr_ibody_set+0x184/0x3c0
[  120.812369][ T6581]  ext4_expand_extra_isize_ea+0xd7b/0x11a0
[  120.818981][ T6581]  __ext4_expand_extra_isize+0x246/0x280
[  120.824682][ T6581]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  120.826182][ T5252] vhci_hcd vhci_hcd.4: stop threads
[  120.830184][ T6581]  ext4_evict_inode+0x7c3/0xd40
[  120.835350][ T5252] vhci_hcd vhci_hcd.4: release socket
[  120.840177][ T6581]  ? __pfx_ext4_evict_inode+0x10/0x10
[  120.845532][ T5252] vhci_hcd vhci_hcd.4: disconnect device
[  120.857231][ T6581]  evict+0x2af/0x510
[  120.861365][ T6581]  ? __dquot_initialize+0x146/0x7c0
[  120.866818][ T6581]  iput+0x4b9/0x650
[  120.870678][ T6581]  ext4_process_orphan+0x1a9/0x1c0
[  120.875880][ T6581]  ext4_orphan_cleanup+0x6a8/0xa00
[  120.881702][ T6581]  ext4_fill_super+0x3476/0x3800
[  120.886891][ T6581]  ? set_blocksize+0x1a3/0x310
[  120.891734][ T6581]  ? setup_bdev_super+0x30e/0x370
[  120.896811][ T6581]  ? __pfx_ext4_fill_super+0x10/0x10
[  120.902421][ T6581]  get_tree_bdev_flags+0x291/0x300
[  120.907670][ T6581]  ? __pfx_ext4_fill_super+0x10/0x10
[  120.913789][ T6581]  get_tree_bdev+0x1f/0x30
[  120.918223][ T6581]  ext4_get_tree+0x1c/0x30
[  120.922908][ T6581]  vfs_get_tree+0x57/0x1d0
[  120.927376][ T6581]  do_new_mount+0x288/0x700
[  120.931911][ T6581]  path_mount+0x4c0/0xb90
[  120.936288][ T6581]  ? user_path_at+0xbf/0x130
[  120.940995][ T6581]  __se_sys_mount+0x28c/0x2e0
[  120.946433][ T6581]  __x64_sys_mount+0x67/0x80
[  120.951178][ T6581]  x64_sys_call+0x2cca/0x3000
[  120.955968][ T6581]  do_syscall_64+0xc0/0x2a0
[  120.960475][ T6581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.966490][ T6581] RIP: 0033:0x7fa5c24ebf4a
[  120.970939][ T6581] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  120.990655][ T6581] RSP: 002b:00007fa5c0f46e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  120.999866][ T6581] RAX: ffffffffffffffda RBX: 00007fa5c0f46ee0 RCX: 00007fa5c24ebf4a
[  121.007916][ T6581] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007fa5c0f46ea0
[  121.015889][ T6581] RBP: 0000200000000180 R08: 00007fa5c0f46ee0 R09: 0000000000800718
[  121.023890][ T6581] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[  121.032289][ T6581] R13: 00007fa5c0f46ea0 R14: 0000000000000497 R15: 0000200000000200
[  121.040305][ T6581]  </TASK>
[  121.043326][ T6581] ---[ end trace 0000000000000000 ]---
[  121.053520][ T6581] EXT4-fs (loop0): 1 orphan inode deleted
[  121.059709][ T6581] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.086632][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.138170][ T6601] loop0: detected capacity change from 0 to 256
[  121.173997][ T6601] netlink: 'syz.0.898': attribute type 21 has an invalid length.
[  121.185962][ T6601] netlink: 'syz.0.898': attribute type 1 has an invalid length.
[  121.194491][ T6601] netlink: 132 bytes leftover after parsing attributes in process `syz.0.898'.
[  121.227670][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  121.227685][   T29] audit: type=1326 audit(1768940112.409:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.263989][   T29] audit: type=1326 audit(1768940112.409:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.288038][   T29] audit: type=1326 audit(1768940112.409:3606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.311542][   T29] audit: type=1326 audit(1768940112.409:3607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.335607][   T29] audit: type=1326 audit(1768940112.409:3608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.359098][   T29] audit: type=1326 audit(1768940112.409:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.383427][   T29] audit: type=1326 audit(1768940112.409:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.406816][   T29] audit: type=1326 audit(1768940112.409:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.431092][   T29] audit: type=1326 audit(1768940112.418:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6608 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  121.455801][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.467758][  T296] Quota error (device loop4): remove_tree: Cycle in quota tree detected: block 4 index 0
[  121.477603][  T296] EXT4-fs error (device loop4): ext4_release_dquot:7022: comm kworker/u8:6: Failed to release dquot type 1
[  121.630684][ T6633] loop4: detected capacity change from 0 to 1024
[  121.660726][ T6637] netlink: 16 bytes leftover after parsing attributes in process `syz.2.915'.
[  121.699952][ T6633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.745625][ T6647] netlink: 40 bytes leftover after parsing attributes in process `syz.2.919'.
[  121.782220][ T6654] loop0: detected capacity change from 0 to 256
[  121.804644][ T6654] netlink: 132 bytes leftover after parsing attributes in process `syz.0.921'.
[  121.825034][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.975246][ T6669] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  121.981847][ T6669] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  121.989636][ T6669] vhci_hcd vhci_hcd.0: Device attached
[  122.089467][ T6670] vhci_hcd: connection closed
[  122.089693][ T5255] vhci_hcd vhci_hcd.4: stop threads
[  122.100901][ T5255] vhci_hcd vhci_hcd.4: release socket
[  122.106332][ T5255] vhci_hcd vhci_hcd.4: disconnect device
[  122.407438][ T6675] loop0: detected capacity change from 0 to 8192
[  122.452018][ T3315]  loop0: p1 p2[DM] p4
[  122.456265][ T3315] loop0: p1 size 196608 extends beyond EOD, truncated
[  122.465825][ T3315] loop0: p2 start 4292936063 is beyond EOD, truncated
[  122.472829][ T3315] loop0: p4 size 50331648 extends beyond EOD, truncated
[  122.488591][ T6675]  loop0: p1 p2[DM] p4
[  122.501781][ T6675] loop0: p1 size 196608 extends beyond EOD, truncated
[  122.509232][ T6675] loop0: p2 start 4292936063 is beyond EOD, truncated
[  122.516886][ T6675] loop0: p4 size 50331648 extends beyond EOD, truncated
[  122.534981][ T6681] netlink: 40 bytes leftover after parsing attributes in process `syz.2.931'.
[  122.606599][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  122.617689][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  122.690367][ T6691] loop4: detected capacity change from 0 to 1024
[  122.723541][ T6691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.811370][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.828778][ T6708] __nla_validate_parse: 1 callbacks suppressed
[  122.828793][ T6708] netlink: 40 bytes leftover after parsing attributes in process `syz.3.945'.
[  122.990971][ T6731] validate_nla: 4 callbacks suppressed
[  122.990987][ T6731] netlink: 'syz.4.955': attribute type 21 has an invalid length.
[  123.030039][ T6732] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.050396][ T6731] netlink: 'syz.4.955': attribute type 1 has an invalid length.
[  123.058078][ T6731] netlink: 132 bytes leftover after parsing attributes in process `syz.4.955'.
[  123.116249][ T3482] usb 1-1: enqueue for inactive port 0
[  123.122073][ T3482] usb 1-1: enqueue for inactive port 0
[  123.174816][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.199165][ T3482] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  123.709864][ T6776] netlink: 'syz.2.972': attribute type 21 has an invalid length.
[  123.719713][ T6771] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.738564][ T6779] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  123.748442][ T6779] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  123.763105][ T6771] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.776476][ T6776] netlink: 'syz.2.972': attribute type 1 has an invalid length.
[  123.784268][ T6776] netlink: 132 bytes leftover after parsing attributes in process `syz.2.972'.
[  123.831005][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.841465][ T6779] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  123.853757][ T6779] EXT4-fs error (device loop4): ext4_get_journal_inode:5849: inode #32: comm syz.4.971: iget: special inode unallocated
[  123.898487][ T6779] EXT4-fs (loop4): no journal found
[  123.903748][ T6779] EXT4-fs (loop4): can't get journal size
[  123.914882][ T6779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  123.946881][ T6779] EXT4-fs (loop4): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  123.956048][ T6791] netlink: 'syz.0.977': attribute type 4 has an invalid length.
[  123.986180][ T6791] batadv_slave_0: entered promiscuous mode
[  123.995158][ T6791] netlink: 'syz.0.977': attribute type 4 has an invalid length.
[  124.029443][ T6791] IPv6: Can't replace route, no match found
[  124.036018][ T6789] batadv_slave_0: left promiscuous mode
[  124.094115][ T6809] netlink: 'syz.3.985': attribute type 21 has an invalid length.
[  124.102520][ T6809] netlink: 'syz.3.985': attribute type 1 has an invalid length.
[  124.110198][ T6809] netlink: 132 bytes leftover after parsing attributes in process `syz.3.985'.
[  124.114360][ T6805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.392340][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.469183][ T6831] netlink: 14 bytes leftover after parsing attributes in process `syz.3.992'.
[  124.505516][ T6831] bond1: (slave bond0): Releasing active interface
[  124.533542][ T6831] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  124.592317][ T6831] bond0 (unregistering): Released all slaves
[  124.627590][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.742972][ T6838] netlink: 'syz.4.995': attribute type 4 has an invalid length.
[  124.754085][ T6838] batadv_slave_0: entered promiscuous mode
[  124.760597][ T6838] netlink: 'syz.4.995': attribute type 4 has an invalid length.
[  124.774374][ T3482] lo speed is unknown, defaulting to 1000
[  124.780152][ T3482] syz2: Port: 1 Link ACTIVE
[  124.794019][ T6836] batadv_slave_0: left promiscuous mode
[  124.815624][ T6841] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  124.822167][ T6841] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  124.830734][ T6841] vhci_hcd vhci_hcd.0: Device attached
[  124.910377][ T6843] vhci_hcd: connection closed
[  124.910509][ T5250] vhci_hcd vhci_hcd.0: stop threads
[  124.921245][ T5250] vhci_hcd vhci_hcd.0: release socket
[  124.926634][ T5250] vhci_hcd vhci_hcd.0: disconnect device
[  125.117077][ T6861] set_capacity_and_notify: 5 callbacks suppressed
[  125.117099][ T6861] loop4: detected capacity change from 0 to 256
[  125.165236][ T6861] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1002'.
[  125.436188][ T6882] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1011'.
[  125.493298][ T6893] loop0: detected capacity change from 0 to 256
[  125.727679][ T6882] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.837351][ T6882] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.916453][ T6882] bond0 (unregistering): Released all slaves
[  125.935723][ T6900] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1019'.
[  125.983700][ T6911] loop4: detected capacity change from 0 to 512
[  125.998126][ T6911] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  126.013575][ T6911] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1024: Allocating blocks 41-42 which overlap fs metadata
[  126.027821][ T6911] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1024: Allocating blocks 41-42 which overlap fs metadata
[  126.041988][ T6911] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.1024: Failed to acquire dquot type 1
[  126.054604][ T6911] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  126.069528][ T6911] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1024: corrupted inode contents
[  126.081740][ T6911] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.1024: mark_inode_dirty error
[  126.094258][ T6911] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1024: corrupted inode contents
[  126.107363][ T3972] usb 9-1: enqueue for inactive port 0
[  126.112934][ T3972] usb 9-1: enqueue for inactive port 0
[  126.117768][ T6911] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1024: mark_inode_dirty error
[  126.158493][ T6911] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1024: corrupted inode contents
[  126.176116][ T6911] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  126.186053][ T6911] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1024: corrupted inode contents
[  126.198331][ T6911] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.1024: mark_inode_dirty error
[  126.202861][ T3972] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  126.211020][ T6911] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  126.227693][ T6911] EXT4-fs (loop4): 1 truncate cleaned up
[  126.233918][ T6911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.284895][ T6911] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  126.291419][ T6911] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  126.299448][ T6911] vhci_hcd vhci_hcd.0: Device attached
[  126.334043][ T6943] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.1024: Failed to acquire dquot type 1
[  126.426626][ T6946] loop0: detected capacity change from 0 to 4096
[  126.433416][ T6947] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1024'.
[  126.456031][ T6946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.534278][ T3972] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  126.544684][ T6951] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1037'.
[  126.556813][ T6951] bond0 (unregistering): Released all slaves
[  126.658885][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.758303][ T6960] loop0: detected capacity change from 0 to 256
[  126.773646][ T6960] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  126.854378][ T6963] siw: device registration error -23
[  126.864678][ T6935] vhci_hcd: connection reset by peer
[  126.871094][ T5250] vhci_hcd vhci_hcd.4: stop threads
[  126.876379][ T5250] vhci_hcd vhci_hcd.4: release socket
[  126.881752][ T5250] vhci_hcd vhci_hcd.4: disconnect device
[  126.962079][ T6966] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  126.970644][ T6966] FAT-fs (loop0): Filesystem has been set read-only
[  127.620020][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.864871][   T29] kauditd_printk_skb: 211 callbacks suppressed
[  127.864887][   T29] audit: type=1326 audit(1768940118.621:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  127.908885][   T29] audit: type=1326 audit(1768940118.621:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  127.933031][   T29] audit: type=1326 audit(1768940118.621:3820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  127.956492][   T29] audit: type=1326 audit(1768940118.621:3821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  127.980529][   T29] audit: type=1326 audit(1768940118.621:3822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  128.003920][   T29] audit: type=1326 audit(1768940118.621:3823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  128.027997][   T29] audit: type=1326 audit(1768940118.621:3824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  128.051453][   T29] audit: type=1326 audit(1768940118.621:3825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  128.075578][   T29] audit: type=1326 audit(1768940118.621:3826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  128.099217][   T29] audit: type=1326 audit(1768940118.621:3827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6986 comm="syz.4.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  128.154221][ T6987] loop4: detected capacity change from 0 to 512
[  128.183755][ T6987] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.1052: inode has both inline data and extents flags
[  128.207040][ T6987] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1052: couldn't read orphan inode 15 (err -117)
[  128.225582][ T6987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.272315][ T6998] loop0: detected capacity change from 0 to 128
[  128.286310][ T6998] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  128.307451][ T6998] ext4 filesystem being mounted at /183/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  128.431173][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.440685][ T3321] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  128.480726][ T7008] tipc: Enabled bearer <udp:syz2>, priority 10
[  128.934270][ T7023] loop0: detected capacity change from 0 to 256
[  128.955621][ T7023] validate_nla: 4 callbacks suppressed
[  128.955635][ T7023] netlink: 'syz.0.1061': attribute type 21 has an invalid length.
[  128.992743][ T7023] netlink: 'syz.0.1061': attribute type 1 has an invalid length.
[  129.000556][ T7023] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1061'.
[  129.066058][ T7027] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1062'.
[  129.091438][ T7027] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1062'.
[  129.101225][ T7027] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1062'.
[  129.797977][ T7043] loop0: detected capacity change from 0 to 256
[  129.812691][ T7043] netlink: 'syz.0.1077': attribute type 21 has an invalid length.
[  129.825202][ T7043] netlink: 'syz.0.1077': attribute type 1 has an invalid length.
[  129.833018][ T7043] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1077'.
[  129.883143][ T7049] loop4: detected capacity change from 0 to 256
[  129.883323][ T7048] netlink: 'syz.3.1069': attribute type 13 has an invalid length.
[  129.900427][ T7049] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  129.982019][ T7052] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  129.990619][ T7052] FAT-fs (loop4): Filesystem has been set read-only
[  131.270940][ T7080] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1082'.
[  131.307806][ T7078] team0: Port device team_slave_1 removed
[  131.313858][ T7078] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.321771][ T7078] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.329496][ T7078] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  131.349333][ T7078] team0: Mode changed to "activebackup"
[  131.472135][ T3490] lo speed is unknown, defaulting to 1000
[  131.478658][ T3490] syz2: Port: 1 Link DOWN
[  131.669610][ T7108] netlink: 'syz.2.1086': attribute type 21 has an invalid length.
[  131.677601][ T7108] netlink: 'syz.2.1086': attribute type 1 has an invalid length.
[  131.685337][ T7108] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1086'.
[  131.861739][ T7112] netlink: 'syz.1.1093': attribute type 1 has an invalid length.
[  132.482283][ T3972] usb 9-1: enqueue for inactive port 0
[  132.488362][ T3972] usb 9-1: enqueue for inactive port 0
[  132.505961][ T7112] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.563096][ T3972] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  132.584115][ T7118] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1093'.
[  132.593340][ T7118] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1093'.
[  132.636144][ T7125] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1098'.
[  132.783921][ T7104] lo speed is unknown, defaulting to 1000
[  132.843494][ T7104] lo speed is unknown, defaulting to 1000
[  133.041166][ T7159] netlink: 'syz.1.1108': attribute type 21 has an invalid length.
[  133.083660][ T7159] netlink: 'syz.1.1108': attribute type 1 has an invalid length.
[  133.122875][ T7161] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.235109][ T7161] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.345305][ T7161] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address
[  133.358113][ T7161] bond0: (slave vxcan3): Error -95 calling set_mac_address
[  133.371310][ T7167] gretap1: entered promiscuous mode
[  133.378530][ T7167] bond0: (slave gretap1): making interface the new active one
[  133.386983][ T7167] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  133.404185][ T7167] macvlan2: entered promiscuous mode
[  133.409570][ T7167] macvlan2: entered allmulticast mode
[  133.415783][ T7167] bond0: entered promiscuous mode
[  133.654174][ T7167] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  133.758775][ T7167] bond0: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  133.826850][ T7167] bond0: left promiscuous mode
[  134.108359][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  134.108374][   T29] audit: type=1326 audit(1768940124.458:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.139532][   T29] audit: type=1326 audit(1768940124.458:4009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.162975][   T29] audit: type=1326 audit(1768940124.458:4010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.186504][   T29] audit: type=1326 audit(1768940124.458:4011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.211532][   T29] audit: type=1326 audit(1768940124.458:4012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.236023][   T29] audit: type=1326 audit(1768940124.458:4013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.260224][   T29] audit: type=1326 audit(1768940124.458:4014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.283864][   T29] audit: type=1326 audit(1768940124.458:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.308043][   T29] audit: type=1326 audit(1768940124.496:4016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7180 comm="syz.2.1116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  134.574414][ T7189] validate_nla: 1 callbacks suppressed
[  134.574431][ T7189] netlink: 'syz.1.1120': attribute type 21 has an invalid length.
[  134.595130][ T7189] netlink: 'syz.1.1120': attribute type 1 has an invalid length.
[  134.603066][ T7189] __nla_validate_parse: 8 callbacks suppressed
[  134.603078][ T7189] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1120'.
[  134.998045][ T7200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'.
[  135.228829][ T7206] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1136'.
[  135.294222][ T7208] pimreg: entered allmulticast mode
[  135.301885][ T7208] pimreg: left allmulticast mode
[  135.406632][ T7216] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1127'.
[  135.418554][   T29] audit: type=1326 audit(1768940125.693:4017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7215 comm="syz.2.1129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48cbfacb9 code=0x7ffc0000
[  135.667354][ T7227] vhci_hcd vhci_hcd.0: invalid port number 65
[  135.827558][ T7233] 9p: Bad value for 'rfdno'
[  135.842184][ T3490] IPVS: starting estimator thread 0...
[  135.951477][ T7235] IPVS: using max 2352 ests per chain, 117600 per kthread
[  136.002493][ T7240] loop0: detected capacity change from 0 to 8192
[  136.079908][ T3315]  loop0: p1 p2[DM] p4
[  136.085264][ T3315] loop0: p1 size 196608 extends beyond EOD, truncated
[  136.102268][ T3315] loop0: p2 start 4292936063 is beyond EOD, truncated
[  136.109060][ T3315] loop0: p4 size 50331648 extends beyond EOD, truncated
[  136.131266][ T7240]  loop0: p1 p2[DM] p4
[  136.144024][ T7240] loop0: p1 size 196608 extends beyond EOD, truncated
[  136.160031][ T7240] loop0: p2 start 4292936063 is beyond EOD, truncated
[  136.167569][ T7240] loop0: p4 size 50331648 extends beyond EOD, truncated
[  136.277006][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  136.277006][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  136.328272][ T3315] udevd[3315]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  136.329478][ T3313] udevd[3313]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  136.403933][ T7249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1140'.
[  136.512470][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1141'.
[  136.559626][ T7254] macsec1: entered promiscuous mode
[  136.569129][ T7254] team0: entered promiscuous mode
[  136.574967][ T7254] macsec1: entered allmulticast mode
[  136.580419][ T7254] team0: entered allmulticast mode
[  136.601589][ T7254] team0: left allmulticast mode
[  136.606933][ T7254] team0: left promiscuous mode
[  136.615314][ T7262] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  136.621835][ T7262] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  136.630111][ T7262] vhci_hcd vhci_hcd.0: Device attached
[  136.679488][ T7264] vhci_hcd: connection closed
[  136.685299][ T2113] vhci_hcd vhci_hcd.0: stop threads
[  136.695280][ T2113] vhci_hcd vhci_hcd.0: release socket
[  136.700804][ T2113] vhci_hcd vhci_hcd.0: disconnect device
[  137.152271][ T7283] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1144'.
[  137.752477][ T7305] tipc: Started in network mode
[  137.757393][ T7305] tipc: Node identity ac14140f, cluster identity 4711
[  137.966800][ T7305] tipc: New replicast peer: 255.255.255.255
[  137.972920][ T7305] tipc: Enabled bearer <udp:syz2>, priority 10
[  138.583071][ T7319] netlink: 'syz.1.1160': attribute type 21 has an invalid length.
[  138.626884][ T7321] loop0: detected capacity change from 0 to 128
[  138.667957][ T7319] netlink: 'syz.1.1160': attribute type 1 has an invalid length.
[  138.675737][ T7319] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1160'.
[  138.814502][ T7323] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1161'.
[  139.067070][ T7331] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  139.073665][ T7331] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  139.076457][ T7326] lo speed is unknown, defaulting to 1000
[  139.081347][ T7331] vhci_hcd vhci_hcd.0: Device attached
[  139.110505][ T7326] lo speed is unknown, defaulting to 1000
[  139.169825][ T3490] tipc: Node number set to 2886997007
[  139.244712][ T7332] vhci_hcd: connection closed
[  139.244854][ T5261] vhci_hcd vhci_hcd.4: stop threads
[  139.254848][ T5261] vhci_hcd vhci_hcd.4: release socket
[  139.260222][ T5261] vhci_hcd vhci_hcd.4: disconnect device
[  139.812922][ T7341] lo speed is unknown, defaulting to 1000
[  139.819227][ T7341] lo speed is unknown, defaulting to 1000
[  140.129362][ T7353] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1172'.
[  140.171129][ T7353] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1172'.
[  140.186996][ T7353] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1172'.
[  140.198128][ T7355] loop0: detected capacity change from 0 to 4096
[  140.206566][ T7355] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  140.223455][ T7353] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1172'.
[  140.251982][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'.
[  140.263530][ T7355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.292645][ T7360] bridge1: entered promiscuous mode
[  140.297945][ T7360] bridge1: entered allmulticast mode
[  140.314254][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  140.314273][   T29] audit: type=1107 audit(1768940130.268:4150): pid=7329 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  140.414219][ T7366] loop4: detected capacity change from 0 to 256
[  140.415083][ T7361] EXT4-fs (loop0): shut down requested (0)
[  140.442555][ T7366] netlink: 'syz.4.1175': attribute type 21 has an invalid length.
[  140.450619][ T7366] netlink: 'syz.4.1175': attribute type 1 has an invalid length.
[  140.458376][ T7366] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1175'.
[  140.581586][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.643593][ T7380] loop0: detected capacity change from 0 to 512
[  140.650927][ T7380] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.669588][ T7380] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.1178: Allocating blocks 41-42 which overlap fs metadata
[  140.727623][ T7380] Quota error (device loop0): write_blk: dquota write failed
[  140.735732][ T7380] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5
[  140.778919][ T7376] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1176'.
[  140.787981][ T7376] openvswitch: netlink: Message has 8 unknown bytes.
[  140.820976][ T7380] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.1178: Allocating blocks 41-42 which overlap fs metadata
[  140.926110][ T7380] Quota error (device loop0): write_blk: dquota write failed
[  140.963335][ T7390] loop4: detected capacity change from 0 to 128
[  140.975914][ T7391] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7391 comm=syz.2.1177
[  141.000100][ T7380] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  141.068726][ T7380] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.1178: Failed to acquire dquot type 1
[  141.091828][   T29] audit: type=1326 audit(1768940130.942:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7389 comm="syz.4.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  141.116020][   T29] audit: type=1326 audit(1768940130.942:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7389 comm="syz.4.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  141.139570][   T29] audit: type=1326 audit(1768940130.951:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7389 comm="syz.4.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  141.163772][   T29] audit: type=1326 audit(1768940130.951:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7389 comm="syz.4.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  141.187176][   T29] audit: type=1326 audit(1768940130.951:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7389 comm="syz.4.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f508743acb9 code=0x7ffc0000
[  141.217029][ T7380] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  141.231605][ T7380] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.1178: corrupted inode contents
[  141.244378][ T7380] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #12: comm syz.0.1178: mark_inode_dirty error
[  141.256072][ T7380] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.1178: corrupted inode contents
[  141.268100][ T7380] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.1178: mark_inode_dirty error
[  141.286411][ T7380] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.1178: corrupted inode contents
[  141.308722][ T7380] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  141.324541][ T7380] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.1178: corrupted inode contents
[  141.341186][ T7380] EXT4-fs error (device loop0): ext4_truncate:4635: inode #12: comm syz.0.1178: mark_inode_dirty error
[  141.353549][ T7380] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  141.359837][ T7397] siw: device registration error -23
[  141.362849][ T7380] EXT4-fs (loop0): 1 truncate cleaned up
[  141.374085][ T7380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.475577][ T7380] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  141.482138][ T7380] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  141.490218][ T7380] vhci_hcd vhci_hcd.0: Device attached
[  141.659147][ T7415] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.1178: Allocating blocks 41-42 which overlap fs metadata
[  141.705936][ T3490] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  141.750635][ T7415] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.1178: Failed to acquire dquot type 1
[  141.798815][ T7419] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1178'.
[  141.960354][ T7424] netlink: 'syz.1.1190': attribute type 21 has an invalid length.
[  142.022938][ T7403] vhci_hcd: connection closed
[  142.086310][ T5261] vhci_hcd vhci_hcd.0: stop threads
[  142.096252][ T5261] vhci_hcd vhci_hcd.0: release socket
[  142.101672][ T5261] vhci_hcd vhci_hcd.0: disconnect device
[  142.148570][ T7424] netlink: 'syz.1.1190': attribute type 1 has an invalid length.
[  142.156437][ T7424] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1190'.
[  142.196543][ T3490] usb 1-1: new full-speed USB device number 8 using vhci_hcd
[  142.203982][ T3490] usb 1-1: enqueue for inactive port 0
[  142.210223][ T3490] usb 1-1: enqueue for inactive port 0
[  142.216582][ T3490] usb 1-1: enqueue for inactive port 0
[  142.254958][ T7428] 9p: Bad value for 'rfdno'
[  142.290199][ T3490] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  142.359676][ T7402] syz.4.1184 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  142.374503][ T7402] CPU: 0 UID: 0 PID: 7402 Comm: syz.4.1184 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  142.374573][ T7402] Tainted: [W]=WARN
[  142.374580][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  142.374593][ T7402] Call Trace:
[  142.374602][ T7402]  <TASK>
[  142.374610][ T7402]  __dump_stack+0x1d/0x30
[  142.374674][ T7402]  dump_stack_lvl+0x95/0xd0
[  142.374696][ T7402]  dump_stack+0x15/0x1b
[  142.374712][ T7402]  dump_header+0x80/0x240
[  142.374783][ T7402]  oom_kill_process+0x295/0x350
[  142.374804][ T7402]  out_of_memory+0x97d/0xb80
[  142.374823][ T7402]  try_charge_memcg+0x62e/0xa10
[  142.374858][ T7402]  obj_cgroup_charge_pages+0xa6/0x150
[  142.374946][ T7402]  __memcg_kmem_charge_page+0x9e/0x170
[  142.375051][ T7402]  __alloc_frozen_pages_noprof+0x18a/0x350
[  142.375123][ T7402]  alloc_pages_mpol+0xb3/0x260
[  142.375179][ T7402]  alloc_pages_noprof+0x8f/0x130
[  142.375205][ T7402]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  142.375276][ T7402]  __kvmalloc_node_noprof+0x471/0x680
[  142.375296][ T7402]  ? ip_set_alloc+0x24/0x30
[  142.375322][ T7402]  ? ip_set_alloc+0x24/0x30
[  142.375362][ T7402]  ip_set_alloc+0x24/0x30
[  142.375476][ T7402]  hash_netiface_create+0x282/0x740
[  142.375507][ T7402]  ? __pfx_hash_netiface_create+0x10/0x10
[  142.375536][ T7402]  ip_set_create+0x3cf/0x970
[  142.375611][ T7402]  ? __nla_parse+0x40/0x60
[  142.375713][ T7402]  nfnetlink_rcv_msg+0x509/0x5d0
[  142.375751][ T7402]  netlink_rcv_skb+0x123/0x220
[  142.375777][ T7402]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  142.375838][ T7402]  nfnetlink_rcv+0x167/0x1720
[  142.375871][ T7402]  ? __list_del_entry_valid_or_report+0x65/0x130
[  142.375896][ T7402]  ? __rmqueue_pcplist+0x9b6/0xb80
[  142.375993][ T7402]  ? _raw_spin_lock_bh+0x56/0xb0
[  142.376010][ T7402]  ? should_fail_ex+0x30/0x280
[  142.376028][ T7402]  ? selinux_nlmsg_lookup+0x99/0x890
[  142.376048][ T7402]  ? __rcu_read_unlock+0x33/0x70
[  142.376094][ T7402]  ? __netlink_lookup+0x276/0x2b0
[  142.376111][ T7402]  netlink_unicast+0x5c0/0x690
[  142.376134][ T7402]  netlink_sendmsg+0x5c8/0x6f0
[  142.376236][ T7402]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.376378][ T7402]  __sock_sendmsg+0x145/0x170
[  142.376395][ T7402]  ____sys_sendmsg+0x31e/0x4a0
[  142.376419][ T7402]  ___sys_sendmsg+0x195/0x1e0
[  142.376519][ T7402]  __x64_sys_sendmsg+0xd4/0x160
[  142.376671][ T7402]  x64_sys_call+0x17ba/0x3000
[  142.376689][ T7402]  do_syscall_64+0xc0/0x2a0
[  142.376706][ T7402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.376723][ T7402] RIP: 0033:0x7f508743acb9
[  142.376773][ T7402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  142.376788][ T7402] RSP: 002b:00007f5085e97028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.376807][ T7402] RAX: ffffffffffffffda RBX: 00007f50876b5fa0 RCX: 00007f508743acb9
[  142.376818][ T7402] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  142.376909][ T7402] RBP: 00007f50874a8bf7 R08: 0000000000000000 R09: 0000000000000000
[  142.376919][ T7402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  142.376929][ T7402] R13: 00007f50876b6038 R14: 00007f50876b5fa0 R15: 00007ffc49079488
[  142.376945][ T7402]  </TASK>
[  142.690738][ T7402] memory: usage 307196kB, limit 307200kB, failcnt 1125
[  142.697709][ T7402] memory+swap: usage 307984kB, limit 9007199254740988kB, failcnt 0
[  142.705657][ T7402] kmem: usage 307152kB, limit 9007199254740988kB, failcnt 0
[  142.712970][ T7402] Memory cgroup stats for /syz4:
[  142.726320][ T7402] cache 20480
[  142.734717][ T7402] rss 0
[  142.737516][ T7402] shmem 0
[  142.740746][ T7402] mapped_file 0
[  142.744356][ T7402] dirty 0
[  142.747279][ T7402] writeback 0
[  142.751097][ T7402] workingset_refault_anon 3292
[  142.755997][ T7402] workingset_refault_file 1466
[  142.760870][ T7402] swap 843776
[  142.764143][ T7402] swapcached 0
[  142.767617][ T7402] pgpgin 140952
[  142.771139][ T7402] pgpgout 140946
[  142.774710][ T7402] pgfault 136191
[  142.778324][ T7402] pgmajfault 601
[  142.782691][ T7402] inactive_anon 0
[  142.786358][ T7402] active_anon 0
[  142.789793][ T7402] inactive_file 0
[  142.793470][ T7402] active_file 20480
[  142.797291][ T7402] unevictable 0
[  142.800760][ T7402] hierarchical_memory_limit 314572800
[  142.806201][ T7402] hierarchical_memsw_limit 9223372036854771712
[  142.812382][ T7402] total_cache 20480
[  142.816855][ T7402] total_rss 0
[  142.820175][ T7402] total_shmem 0
[  142.823622][ T7402] total_mapped_file 0
[  142.827670][ T7402] total_dirty 0
[  142.831148][ T7402] total_writeback 0
[  142.834972][ T7402] total_workingset_refault_anon 3292
[  142.840293][ T7402] total_workingset_refault_file 1466
[  142.845579][ T7402] total_swap 843776
[  142.850081][ T7402] total_swapcached 0
[  142.854089][ T7402] total_pgpgin 140952
[  142.858111][ T7402] total_pgpgout 140946
[  142.862166][ T7402] total_pgfault 136191
[  142.866272][ T7402] total_pgmajfault 601
[  142.870420][ T7402] total_inactive_anon 0
[  142.874583][ T7402] total_active_anon 0
[  142.879301][ T7402] total_inactive_file 0
[  142.883459][ T7402] total_active_file 20480
[  142.887802][ T7402] total_unevictable 0
[  142.891820][ T7402] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1184,pid=7399,uid=0
[  142.906446][ T7402] Memory cgroup out of memory: Killed process 7399 (syz.4.1184) total-vm:94264kB, anon-rss:1332kB, file-rss:22304kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  142.987386][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.048373][ T7437] loop0: detected capacity change from 0 to 512
[  143.147440][ T7437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.171743][ T7437] ext4 filesystem being mounted at /216/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.187305][ T7447] ipip0: left promiscuous mode
[  143.192858][ T7447] bridge1: left promiscuous mode
[  143.197811][ T7447] bridge1: left allmulticast mode
[  144.256195][ T7437] EXT4-fs error (device loop0): ext4_lookup:1785: inode #12: comm syz.0.1193: iget: bad i_size value: 2533274857506816
[  144.343727][ T7437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1193'.
[  144.404240][ T7437] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.449000][ T7462] loop4: detected capacity change from 0 to 512
[  144.482230][ T7462] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.517653][ T7462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.590654][ T7475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7475 comm=syz.1.1204
[  144.610205][ T7462] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  145.092573][ T7478] ==================================================================
[  145.100693][ T7478] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  145.108832][ T7478] 
[  145.111135][ T7478] write to 0xffffea00042ddf98 of 8 bytes by task 7458 on cpu 0:
[  145.118734][ T7478]  __filemap_remove_folio+0x201/0x300
[  145.124084][ T7478]  filemap_remove_folio+0x6d/0x1d0
[  145.129174][ T7478]  truncate_inode_folio+0x42/0x50
[  145.134174][ T7478]  shmem_undo_range+0x28a/0xb10
[  145.139021][ T7478]  shmem_evict_inode+0x12e/0x510
[  145.143937][ T7478]  evict+0x2af/0x510
[  145.147813][ T7478]  iput+0x4b9/0x650
[  145.151596][ T7478]  dentry_unlink_inode+0x24f/0x260
[  145.156687][ T7478]  __dentry_kill+0x18d/0x4b0
[  145.161254][ T7478]  finish_dput+0x2b/0x200
[  145.165558][ T7478]  dput+0x52/0x60
[  145.169186][ T7478]  __fput+0x444/0x650
[  145.173143][ T7478]  ____fput+0x1c/0x30
[  145.177109][ T7478]  task_work_run+0x130/0x1a0
[  145.181679][ T7478]  do_exit+0x466/0x1590
[  145.185814][ T7478]  do_group_exit+0xfe/0x140
[  145.190293][ T7478]  get_signal+0xe4f/0xf60
[  145.194599][ T7478]  arch_do_signal_or_restart+0x96/0x450
[  145.200122][ T7478]  irqentry_exit+0xf7/0x510
[  145.204616][ T7478]  asm_exc_page_fault+0x26/0x30
[  145.209439][ T7478] 
[  145.211738][ T7478] read to 0xffffea00042ddf98 of 8 bytes by task 7478 on cpu 1:
[  145.219252][ T7478]  folio_mapping+0xa1/0xe0
[  145.223643][ T7478]  move_folios_to_lru+0x128/0x6d0
[  145.228640][ T7478]  evict_folios+0x31e6/0x35b0
[  145.233306][ T7478]  try_to_shrink_lruvec+0x5f6/0x960
[  145.238478][ T7478]  shrink_lruvec+0x24e/0x1bc0
[  145.243142][ T7478]  shrink_node+0x68e/0x2000
[  145.247618][ T7478]  do_try_to_free_pages+0x404/0xcc0
[  145.252789][ T7478]  try_to_free_mem_cgroup_pages+0x222/0x470
[  145.258658][ T7478]  try_charge_memcg+0x37e/0xa10
[  145.263488][ T7478]  obj_cgroup_charge_pages+0xa6/0x150
[  145.268837][ T7478]  __memcg_kmem_charge_page+0x9e/0x170
[  145.274277][ T7478]  __alloc_frozen_pages_noprof+0x18a/0x350
[  145.280064][ T7478]  alloc_pages_mpol+0xb3/0x260
[  145.284808][ T7478]  alloc_pages_noprof+0x8f/0x130
[  145.289724][ T7478]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  145.295589][ T7478]  __kvmalloc_node_noprof+0x471/0x680
[  145.300947][ T7478]  ip_set_alloc+0x24/0x30
[  145.305256][ T7478]  hash_netiface_create+0x282/0x740
[  145.310432][ T7478]  ip_set_create+0x3cf/0x970
[  145.314995][ T7478]  nfnetlink_rcv_msg+0x509/0x5d0
[  145.319909][ T7478]  netlink_rcv_skb+0x123/0x220
[  145.324650][ T7478]  nfnetlink_rcv+0x167/0x1720
[  145.329305][ T7478]  netlink_unicast+0x5c0/0x690
[  145.334043][ T7478]  netlink_sendmsg+0x5c8/0x6f0
[  145.338777][ T7478]  __sock_sendmsg+0x145/0x170
[  145.343437][ T7478]  ____sys_sendmsg+0x31e/0x4a0
[  145.348194][ T7478]  ___sys_sendmsg+0x195/0x1e0
[  145.352852][ T7478]  __x64_sys_sendmsg+0xd4/0x160
[  145.358032][ T7478]  x64_sys_call+0x17ba/0x3000
[  145.362687][ T7478]  do_syscall_64+0xc0/0x2a0
[  145.367162][ T7478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.373037][ T7478] 
[  145.375332][ T7478] value changed: 0xffff88811c28a1e8 -> 0x0000000000000000
[  145.382407][ T7478] 
[  145.384704][ T7478] Reported by Kernel Concurrency Sanitizer on:
[  145.390834][ T7478] CPU: 1 UID: 0 PID: 7478 Comm: syz.1.1206 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  145.402089][ T7478] Tainted: [W]=WARN
[  145.405871][ T7478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  145.415914][ T7478] ==================================================================
[  145.430896][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.499347][ T7481] loop4: detected capacity change from 0 to 512
[  145.510045][ T7481] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.552975][ T7481] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1205: Allocating blocks 41-42 which overlap fs metadata
[  145.590312][ T7481] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1205: Allocating blocks 41-42 which overlap fs metadata
[  145.647528][ T7481] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.1205: Failed to acquire dquot type 1
[  145.678748][ T7481] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  145.710653][ T7481] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1205: corrupted inode contents
[  145.742849][ T7481] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.1205: mark_inode_dirty error
[  145.765047][ T7481] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1205: corrupted inode contents
[  145.796340][ T7481] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1205: mark_inode_dirty error
[  145.812231][ T7481] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1205: corrupted inode contents
[  145.825124][ T7481] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  145.842391][ T7481] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.1205: corrupted inode contents
[  145.855266][ T7481] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.1205: mark_inode_dirty error
[  145.866832][ T7481] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  145.876148][ T7481] EXT4-fs (loop4): 1 truncate cleaned up
[  145.882848][ T7481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.902674][ T7481] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  145.909201][ T7481] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  145.917332][ T7481] vhci_hcd vhci_hcd.0: Device attached
[  145.931427][ T7486] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.1205: Allocating blocks 41-42 which overlap fs metadata
[  145.945390][ T7486] __quota_error: 256 callbacks suppressed
[  145.945400][ T7486] Quota error (device loop4): write_blk: dquota write failed
[  145.959120][ T7486] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  145.969085][ T7486] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.1205: Failed to acquire dquot type 1
[  145.983693][ T7487] __nla_validate_parse: 1 callbacks suppressed
[  145.983707][ T7487] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1205'.
[  146.106573][ T3485] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  146.170944][ T3485] usb 9-1: new full-speed USB device number 7 using vhci_hcd
[  146.386699][ T7484] vhci_hcd: connection reset by peer
[  146.392119][ T5250] vhci_hcd vhci_hcd.4: stop threads
[  146.397352][ T5250] vhci_hcd vhci_hcd.4: release socket
[  146.402724][ T5250] vhci_hcd vhci_hcd.4: disconnect device
[  146.929543][ T3331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.601232][ T3485] usb 9-1: enqueue for inactive port 0
[  151.606715][ T3485] usb 9-1: enqueue for inactive port 0
[  151.686053][ T3485] vhci_hcd vhci_hcd.4: vhci_device speed not set