last executing test programs:

1m46.497500627s ago: executing program 0 (id=689):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1m46.331507823s ago: executing program 0 (id=693):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440))
sendmsg$BATADV_CMD_SET_MESH(r1, 0x0, 0x2008000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
accept4$llc(r1, &(0x7f0000000200)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000340)=0x10, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, @empty, @mcast1, 0x7800, 0x7f, 0xfffffffc, 0xdc66}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffd}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x6}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x800, 0x40}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1m45.335926382s ago: executing program 0 (id=710):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010bc0)='kfree\x00', r0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x9}, 0x2000, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f00000001c0)='cpu<20\t||')

1m45.209674754s ago: executing program 0 (id=712):
syz_clone(0x25888200, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r0, 0x101, 0x1, 0x0, 0x0)
r1 = syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file0\x00', 0x40, &(0x7f0000000700)={[{@user_xattr}, {@init_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9af}}, {@user_xattr}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x1f5f195c}}, {@minixdf}, {@stripe={'stripe', 0x3d, 0x401}}]}, 0x1, 0x576, &(0x7f0000000800)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r3 = creat(0x0, 0x8)
pwritev2(r3, &(0x7f0000001840)=[{&(0x7f0000001780)="94cfb5e112", 0x5}], 0x1, 0x6, 0x9, 0x3c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
syz_emit_ethernet(0x3a, &(0x7f0000000d80)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004600002c0000e00000059078ac1414ffac1414bb9402000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090780000ab0cedf3a0a06c99f2056eec0a5e108f6c0665d64e007515263cdba358fc6f73dac9e762bfd251458346debe68b282aa49326b6f923c8e9014671f3e1e32c34c5322443a3d2b9ab80ec2dfa8eb9e1ff3dbd6a2c61b5beb8f20f25943c14520406118aaafe923715b711389e4b60519dfb529d925a1443fd99a0f70b7f366ea4077e9407dfbaaa348ef"], 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r5, 0xc0389424, &(0x7f00000001c0)={0xffffffffffffff4a, 0x38, '\x00', 0x1, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='kfree\x00', r6, 0x0, 0x6}, 0x18)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="6c0100001000130726bd70000000000000000000000000000000ffffe0000002ac1414130000000000000000000000004e22000100000003020000003a000000", @ANYRES32=0x0, @ANYRES8=r3, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000fe8000000000000000000000000000aa0000000000000000000000000000000008000000000000000a000000000000000600000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000200000000000000f8ffffffffffffff0c000000050000000200000029bd70000000000002000100280000000000000068001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e000000080000000316f74eeac053deb73fc018493"], 0x16c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x21, 0x803, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg(r8, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000280)=[{&(0x7f0000000fc0)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmsg$tipc(r9, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300), 0x808c, &(0x7f0000000f80)=ANY=[@ANYBLOB='trans=f'])
writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file3\x00', 0x9a28d48cf10ada9b, 0x0)
open_tree(r1, &(0x7f0000000100)='./file3\x00', 0x1)
pwrite64(r10, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
syz_open_procfs(0x0, &(0x7f0000000340)='mountinfo\x00')

1m44.254626409s ago: executing program 0 (id=735):
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth0_to_team\x00', <r2=>0x0})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r2, 0x25, 0x0, @void}, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1ee2ff000800000000000002298648066e55ec94", @ANYRES32, @ANYBLOB="0400000004000000040000000100"/27], 0x50)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x44048800)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r5)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}})
ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800})

1m42.957806597s ago: executing program 0 (id=759):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001000005ae6d30c5dc4308c37acd0083d1d42fd6bab083dce6ca1766fab9f4ca2f181bac55ecec7db6c887f3a5e5502ea25cc42aa0bdf3439aebf0f8076f27739b26aa8fc31054d1049c00c8a88f5da8e3a6cce46f839271b4cb45be7c279bfb51ab2ad2fd56ddb9d3421e59812d324dfb29db817c03c5c5bea66b3317988e0a34d7ac02cd42006da1152de493fae104e003bcaf20f96619bb5df9429dc7a28896b25a751299ba40534abd84746bc08e2ccbaa599f2ef975122c6ed7ac4b26e", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, r4, 0x25, 0x2, @void}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x30, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000380)={0x101040, 0x1a0}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4ab}, 0x18)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

1m42.936829729s ago: executing program 32 (id=759):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001000005ae6d30c5dc4308c37acd0083d1d42fd6bab083dce6ca1766fab9f4ca2f181bac55ecec7db6c887f3a5e5502ea25cc42aa0bdf3439aebf0f8076f27739b26aa8fc31054d1049c00c8a88f5da8e3a6cce46f839271b4cb45be7c279bfb51ab2ad2fd56ddb9d3421e59812d324dfb29db817c03c5c5bea66b3317988e0a34d7ac02cd42006da1152de493fae104e003bcaf20f96619bb5df9429dc7a28896b25a751299ba40534abd84746bc08e2ccbaa599f2ef975122c6ed7ac4b26e", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, r4, 0x25, 0x2, @void}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x30, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000380)={0x101040, 0x1a0}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4ab}, 0x18)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

2.131577189s ago: executing program 2 (id=2339):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000300)='./file0\x00', 0x28)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',version=9p2000'])

2.02265869s ago: executing program 5 (id=2340):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000e7ef90030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x76}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='finish_task_reaping\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000380)='net/udplite6\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000680)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffb}, 0x18)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x3000)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x4011, &(0x7f0000000000)={[{@nobh}, {@norecovery}, {@nobh}]}, 0x9, 0x66d, &(0x7f00000011c0)="$eJzs3c1rHG8dAPDvTHaTNPnp5ldE7cUGRFrQJk3aShHBFq+l1JebF2OTltq0KU1EUwsmUC+KePEgePJg/S9swasHrx68eBApBJEerFSzMpvd7Ft2s0l2d9Lk84Fp5pnZmeeZ3X73mXn2eWYCOLWms3/SiHMR8SSJKDWsK0R15fTO697+6/ndbEqiXP7WP5N4/pNko3FfSfXvZHXj/5Ui+XMacXakPd/V9WcPF5aXl55W07Nrj57Mrq4/u/Tg0cL9pftLj+e/PH/92tVr1+cuH+n4ylXZ/K0X3/9h6We3v/O737xP5n7/19tJ3Ijtatmy42rdduxIOWfv2XQt/3f1pWnl3+tH3Pdx8e9S5aNuequSQn7l4WDuVeO8GBGfiVKMRP3DK8VPv5Fr4YCBKif1OhI4bZL947/Yvmh8MIUBhqh2HlC7tt/rOrhdOuCzEmAYtm7uNADsxH4xImrxX9hpG4zxStvAxNskGpt1kog4WsvcjiyPP/3x9otsig7tcMBgbGzWmm5b6/+kEptTMV5JTbxNs/h/VdsubZiy74Vvtu641Fv+0y1p8Q/Ds7EZEZ+t1v+jsV/872qN/+8dMn/xDwAAAAAAAP3z+mZEfGmv/n/pbv+f0Zb+P0l1jN+NPuQ/3TI2sPn3vyzn9E1DtkAfbd2M+Gpb/9//NvYOnhqp/s7/iUp/gGJ678Hy0uWI+GREXIziWJaea95tUwfhS784++tO+Tf2/8umLP9aX8Dqrt4UWgbiLi6sLfTn6OF029qMeFfp/3u+uqS5/09W/ydt/X9//vUswJ/0mMfZL7y807Tg7/Wvh/3jHxiU8m8jLuw5/qd+up10vz/HbOV8YLZ2VtDucz/+5R865S/+IT9Z/T/RPf7Hksb79awebP/ZFfyV9UK50/rDnv+PJt8eqe0/86OFtbWncxGjya325fPN2xcPdghwYtTioRYvWfxf/HyX9r8kqZ//N8ThmYjY6DHPT29P/m030dKKp/6H/GTxv9i9/p9qrv8POjMe8y+nXnWqdu/0VP9frdTpF6tLtP9Bo/b7cfQaoLkUFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+cGlEfBRJOrM7n6YzMxGTEfGpmEiXV1bXvnhv5QePF7N1zc//L+2kk9rz/6ca0vMt6SsR8XFE/GrkTCU9c3dleTHvgwcAAAAAAAAAAAAAAAAAAIBjYrIy5r881jr+P/OPkbxLBwxcofpXvMPpUzj0luWxvhYEGLrDxz/woes9/osDLQcwfJ3j/937csVQiwMM0W78fzffcgDDd8jrfz8XwAmg/Q9Oqx7b9MYHXQ4gDz3X/1uDLQcAAAAAANAXH59//ZckIja+cqYyZUar63T2h5MtzbsAQG726cM7OqxyAMNXWMm7BEBeXOMDye7cf/Yc7L9H7//tnfsCJAMtFwAAAAAAAAAAAABQd+Fc8/j/Qm/j/z8aVvmAwUkjujzCW99+OMm6jP/fK/g98gtOkM6P/uil7k96O0Pw6CA4loz/B+r1+Oae6ztX4UmX9gMAAAAAAAAAAAAAoK/Gnz1cWF5eerq6ns/MWEQcdvOv7fea2tPN8zzA1pmNhaFmGhsRA89re7/X1D6Ig+25eIT/G8d5JonsU+n2btRuwdGHTIuH3DyfryMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDd/wMAAP//0VIyIg==")
mlockall(0x7)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
io_setup(0x2, &(0x7f0000002400))
io_uring_register$IORING_REGISTER_PBUF_STATUS(r2, 0x1a, &(0x7f0000000200)={0x3}, 0x1)
nanosleep(&(0x7f0000000240), 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000100050005000700000000000800090000003f0014002000ff250100100000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080))

2.02197621s ago: executing program 1 (id=2341):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file2\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@grpid}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lseek(r1, 0x8ffd, 0x4)

1.944578227s ago: executing program 2 (id=2342):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x20004800)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a99985000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.885198753s ago: executing program 1 (id=2343):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200a}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
unshare(0x6a040000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/route\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.829516809s ago: executing program 2 (id=2345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYRESOCT=r0, @ANYRES8=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xc, 0x0, 0x0, 0xa54a9d76e5e2e84, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0xc, &(0x7f0000000180)=ANY=[@ANYRESOCT=r4, @ANYRES16=r1, @ANYRES64=r2, @ANYBLOB="656ddc70c0bd5999bc7b25"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r7}, 0x10)
unshare(0x2c020400)
r8 = msgget$private(0x0, 0x0)
msgsnd(r8, &(0x7f0000000480)=ANY=[], 0x2000, 0x0)

1.776840814s ago: executing program 5 (id=2346):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

1.756989426s ago: executing program 2 (id=2347):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r1)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x200842, 0x7a)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[], 0x148}, 0x1, 0x0, 0x0, 0x4000408}, 0x800)
ptrace(0x4208, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xc000201e})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = io_uring_setup(0x4f09, &(0x7f0000000540)={0x0, 0x3850, 0x100, 0x1, 0x204})
io_uring_register$IORING_REGISTER_BUFFERS2(r6, 0xf, &(0x7f0000000b80)={0x1, 0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000005c0)=""/167, 0xa7}], &(0x7f0000000b40)=[0x1]}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
syz_genetlink_get_family_id$SEG6(0x0, r0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x19, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00'], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r10=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', r10}, 0x94)

1.619734539s ago: executing program 5 (id=2352):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000300)='./file0\x00', 0x28)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',version=9p2000'])

1.544810217s ago: executing program 1 (id=2353):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0)
connect$l2tp(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, &(0x7f0000000340), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='fsi_master_gpio_out\x00', r0}, 0x18)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r5, 0x0, 0x0, 0x0, 0x2000, 0x1, {0x1}})
io_uring_enter(r2, 0x3516, 0xf4f5, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b700000018000000bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000015040000000002000f040000000000003404ffc101ed0a0065040000170000801f400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9"], 0x0}, 0x94)
io_uring_enter(r2, 0x4542, 0xf797, 0x48, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESHEX=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x1, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x2, 0x2, 0x1, 0x3, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x100, 0x400000003, 0xfffffffffffffff4, 0x4a, 0x5, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a9, 0x3, 0xc39, 0x3, 0x8, 0x100000100, 0x2, 0xa51, 0x8, 0x401, 0x3, 0x7, 0xfffffffffffffffa, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x100, 0xffffffffffffffff, 0x83, 0x538a, 0x9, 0xda, 0x4, 0x0, 0x4, 0x5, 0x7, 0x8004, 0x8000000000000000, 0x4, 0x0, 0x14, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0xa, 0x82c, 0x7ff, 0xe000000000000, 0xe4, 0x6, 0x0, 0xc, 0x22, 0xffffffffffffffff, 0x7, 0x1, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x9, 0x100000001, 0x4, 0x4, 0x3, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x3, 0x4, 0x7, 0x402, 0x3, 0x8, 0x5, 0x0, 0x3, 0x40, 0x7fffffff, 0x7, 0x13, 0x1]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffff4}, 0x18)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0x0, 0x11, 0x148, 0x0, 0x0, 0x188, 0x2a8, 0x2a8, 0x188, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x0, 0x10, {0x8}}}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'wg2\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x1, 0x0, 0x4, 0x1, 0x1, 0x5], 0x1, 0x3}, {0xffffffffffffffff, [0x4, 0x0, 0x0, 0x3, 0x3, 0x4], 0x2, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f00000000c0)=0x11, 0x4)
r7 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0)
getgroups(0x0, 0x0)

1.228109078s ago: executing program 3 (id=2355):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d6"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', '', [{0x20, 'memory.events\x00'}]}, 0x13)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={&(0x7f0000000080)}, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x40, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1.227355509s ago: executing program 1 (id=2356):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x20004800)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a99985000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.224536189s ago: executing program 2 (id=2357):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file2\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@grpid}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lseek(r0, 0x8ffd, 0x4)

1.104447211s ago: executing program 5 (id=2358):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = dup(r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
setfsuid(0x0)
r5 = socket$kcm(0xa, 0x922000000003, 0x11)
recvmsg(r5, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000003c0)={0x0, @initdev, @dev}, &(0x7f0000000400)=0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x1000005, 0xfffffffd, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r7, 0x0)
r8 = gettid()
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x4000000)

988.254402ms ago: executing program 1 (id=2359):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)

835.641517ms ago: executing program 4 (id=2360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r1}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

825.075808ms ago: executing program 3 (id=2361):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x10)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)

713.783529ms ago: executing program 3 (id=2362):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r1}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

701.1186ms ago: executing program 1 (id=2363):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440))
sendmsg$BATADV_CMD_SET_MESH(r1, 0x0, 0x2008000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="e6ff0000000000000000000000000000000000000000000000000000d19daff92d5f0dfe7fefa63caf7409009de29a19023b6e0e3403955740d6e5ec3629fd42021a60479540b79df1e0f1c4c413f4d76c81c50901dd48276beaf1ea4589aff0dec0f4283db94c76f1"], 0x48)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
accept4$llc(r1, &(0x7f0000000200)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000340)=0x10, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, @empty, @mcast1, 0x7800, 0x7f, 0xfffffffc, 0xdc66}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffd}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x6}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x800, 0x40}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

659.681845ms ago: executing program 2 (id=2364):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r4)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x30, r5, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETAF(r7, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0xfffc, 0xbfff, 0x19, "ec28a144f13d7607"})
write$binfmt_aout(r7, &(0x7f0000000280)=ANY=[], 0xff2e)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x12, "0062ba5d8200"})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x20000000)
getresuid(&(0x7f00000000c0), &(0x7f0000000e40), &(0x7f0000000e80))
r8 = syz_open_pts(r7, 0x20800)
dup3(r8, r7, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x44)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

615.333829ms ago: executing program 4 (id=2365):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file2\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@grpid}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lseek(r1, 0x8ffd, 0x4)

593.600061ms ago: executing program 3 (id=2366):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000480)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "7e25837b", "15d0db2c77179e1a"}, 0x38)
write$binfmt_script(r3, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r2, r3, 0x0)

557.087095ms ago: executing program 3 (id=2367):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0)
connect$l2tp(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, &(0x7f0000000340), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='fsi_master_gpio_out\x00', r0}, 0x18)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r5, 0x0, 0x0, 0x0, 0x2000, 0x1, {0x1}})
io_uring_enter(r2, 0x3516, 0xf4f5, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b700000018000000bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000015040000000002000f040000000000003404ffc101ed0a0065040000170000801f400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9"], 0x0}, 0x94)
io_uring_enter(r2, 0x4542, 0xf797, 0x48, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESHEX=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x1, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x2, 0x2, 0x1, 0x3, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x100, 0x400000003, 0xfffffffffffffff4, 0x4a, 0x5, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a9, 0x3, 0xc39, 0x3, 0x8, 0x100000100, 0x2, 0xa51, 0x8, 0x401, 0x3, 0x7, 0xfffffffffffffffa, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x100, 0xffffffffffffffff, 0x83, 0x538a, 0x9, 0xda, 0x4, 0x0, 0x4, 0x5, 0x7, 0x8004, 0x8000000000000000, 0x4, 0x0, 0x14, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0xa, 0x82c, 0x7ff, 0xe000000000000, 0xe4, 0x6, 0x0, 0xc, 0x22, 0xffffffffffffffff, 0x7, 0x1, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x9, 0x100000001, 0x4, 0x4, 0x3, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x3, 0x4, 0x7, 0x402, 0x3, 0x8, 0x5, 0x0, 0x3, 0x40, 0x7fffffff, 0x7, 0x13, 0x1]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffff4}, 0x18)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0x0, 0x11, 0x148, 0x0, 0x0, 0x188, 0x2a8, 0x2a8, 0x188, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x0, 0x10, {0x8}}}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'wg2\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x1, 0x0, 0x4, 0x1, 0x1, 0x5], 0x1, 0x3}, {0xffffffffffffffff, [0x4, 0x0, 0x0, 0x3, 0x3, 0x4], 0x2, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f00000000c0)=0x11, 0x4)
r7 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0)
getgroups(0x0, 0x0)

502.73562ms ago: executing program 5 (id=2368):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000300)='./file0\x00', 0x28)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',version=9p2000'])

346.700416ms ago: executing program 4 (id=2369):
r0 = socket$caif_stream(0x25, 0x1, 0x0)
setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, 0x0, 0x15)

278.146942ms ago: executing program 4 (id=2370):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x20004800)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a99985000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

189.392081ms ago: executing program 3 (id=2371):
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18)
syz_open_dev$tty20(0xc, 0x4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x9a167000)

117.515788ms ago: executing program 5 (id=2372):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000180)='.pending_reads\x00', 0x131100, 0x190)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000540)={0x1, 0x89e, 0x0, 'queue1\x00', 0x2})
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0x94, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

61.585464ms ago: executing program 4 (id=2373):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x300, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000, 0x0, 0x200000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0xffffffff}, {}, {0x4}, {}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9d, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x0, 0x1}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

0s ago: executing program 4 (id=2374):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000680), r2)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4c0d0)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r4, 0x300, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x34}, 0x1, 0x0, 0x0, 0x24004000}, 0xc001)
getcwd(&(0x7f0000000000)=""/92, 0x5c)
sendfile(r1, r0, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.785422][ T6504] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.821424][ T6504] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.834655][ T6504] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.873699][ T6504] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.039237][ T9489] can0: slcan on ttyS3.
[  142.094961][ T9489] can0 (unregistered): slcan off ttyS3.
[  142.108227][ T9490] can0: slcan on ttyS3.
[  142.150663][ T9488] can0 (unregistered): slcan off ttyS3.
[  142.202169][ T9493] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1530'.
[  142.402016][ T9501] loop1: detected capacity change from 0 to 1024
[  142.413990][ T9501] EXT4-fs: Ignoring removed orlov option
[  142.425990][ T9501] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  142.445005][ T9499] loop2: detected capacity change from 0 to 1024
[  142.466205][ T9499] EXT4-fs: Ignoring removed nobh option
[  142.471865][ T9499] EXT4-fs: Ignoring removed nobh option
[  142.478382][ T9501] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.493639][ T9499] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  142.523154][ T9499] EXT4-fs error (device loop2): ext4_get_journal_inode:5808: comm syz.2.1534: inode #4294967295: comm syz.2.1534: iget: illegal inode #
[  142.560685][ T9499] EXT4-fs (loop2): no journal found
[  142.565966][ T9499] EXT4-fs (loop2): can't get journal size
[  142.582047][ T9499] EXT4-fs (loop2): failed to initialize system zone (-22)
[  142.598369][ T9499] EXT4-fs (loop2): mount failed
[  142.679706][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.752864][ T9513] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.795838][ T9513] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.892611][ T9513] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.043801][ T9513] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.231246][ T5483] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.280810][ T5483] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.321705][ T5483] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.381234][ T5483] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.421482][ T9526] loop3: detected capacity change from 0 to 4096
[  143.439408][ T9526] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.467330][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.502452][ T9530] loop3: detected capacity change from 0 to 1024
[  143.529047][ T9530] EXT4-fs: Ignoring removed oldalloc option
[  143.535161][ T9530] EXT4-fs: Ignoring removed bh option
[  143.606359][ T9530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.759046][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.773814][ T9541] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.871542][ T9546] loop5: detected capacity change from 0 to 1024
[  143.872436][ T9541] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.897234][ T9549] loop2: detected capacity change from 0 to 512
[  143.906516][ T9546] EXT4-fs: Ignoring removed oldalloc option
[  143.912698][ T9546] EXT4-fs: Ignoring removed bh option
[  143.942260][ T9541] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.953198][ T9546] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.970743][ T9549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.983629][ T9549] ext4 filesystem being mounted at /290/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  144.007173][ T9549] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.1549: corrupted inode contents
[  144.036783][ T9546] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.1548: Allocating blocks 497-513 which overlap fs metadata
[  144.059050][ T9545] EXT4-fs (loop5): pa ffff888106e3f620: logic 160, phys. 401, len 7
[  144.067238][ T9545] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  144.078482][ T9541] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.097933][ T9549] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #2: comm syz.2.1549: mark_inode_dirty error
[  144.105439][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.127477][ T9549] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.1549: corrupted inode contents
[  144.150161][ T6504] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.158713][ T9556] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #2: comm syz.2.1549: corrupted inode contents
[  144.185107][ T5483] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.210996][ T5483] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.224712][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.234073][ T5483] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.299555][ T9564] can0: slcan on ttyS3.
[  144.370719][ T9564] can0 (unregistered): slcan off ttyS3.
[  144.379238][ T9569] can0: slcan on ttyS3.
[  144.440546][ T9569] can0 (unregistered): slcan off ttyS3.
[  144.449547][ T9578] loop2: detected capacity change from 0 to 1024
[  144.462087][ T9578] EXT4-fs: Ignoring removed orlov option
[  144.502980][ T9578] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  144.530689][ T9587] loop3: detected capacity change from 0 to 1024
[  144.556228][ T9587] EXT4-fs: Ignoring removed oldalloc option
[  144.562258][ T9587] EXT4-fs: Ignoring removed bh option
[  144.571264][ T9578] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.618074][   T29] kauditd_printk_skb: 1037 callbacks suppressed
[  144.618090][   T29] audit: type=1326 audit(1760575410.686:18740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.1.1558" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x0
[  144.660184][ T9587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.712876][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.775900][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.935029][ T9614] can0: slcan on ttyS3.
[  144.980432][ T9614] can0 (unregistered): slcan off ttyS3.
[  145.002944][ T9615] can0: slcan on ttyS3.
[  145.090414][ T9613] can0 (unregistered): slcan off ttyS3.
[  145.111209][ T9617] can0: slcan on ttyS3.
[  145.142950][   T29] audit: type=1326 audit(1760575411.216:18741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.167515][ T9617] can0 (unregistered): slcan off ttyS3.
[  145.177262][   T29] audit: type=1326 audit(1760575411.216:18742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.201128][   T29] audit: type=1326 audit(1760575411.216:18743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.224828][   T29] audit: type=1326 audit(1760575411.216:18744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.234549][ T9617] can0: slcan on ttyS3.
[  145.248430][   T29] audit: type=1326 audit(1760575411.216:18745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.276142][   T29] audit: type=1326 audit(1760575411.216:18746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.299847][   T29] audit: type=1326 audit(1760575411.216:18747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.323466][   T29] audit: type=1326 audit(1760575411.216:18748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.347152][   T29] audit: type=1326 audit(1760575411.216:18749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9626 comm="syz.3.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  145.431305][ T9616] can0 (unregistered): slcan off ttyS3.
[  145.446616][ T9640] loop1: detected capacity change from 0 to 1024
[  145.460703][ T9640] EXT4-fs: Ignoring removed nobh option
[  145.466385][ T9640] EXT4-fs: Ignoring removed nobh option
[  145.484809][ T9640] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  145.509176][ T9645] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1568'.
[  145.520647][ T9640] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: comm syz.1.1566: inode #4294967295: comm syz.1.1566: iget: illegal inode #
[  145.564292][ T9640] EXT4-fs (loop1): no journal found
[  145.569648][ T9640] EXT4-fs (loop1): can't get journal size
[  145.623312][ T9640] EXT4-fs (loop1): failed to initialize system zone (-22)
[  145.650691][ T9640] EXT4-fs (loop1): mount failed
[  145.657301][ T9655] loop3: detected capacity change from 0 to 1024
[  145.693242][ T9655] EXT4-fs: Ignoring removed orlov option
[  145.699408][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1570'.
[  145.726186][ T9655] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  145.753434][ T9655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.894613][ T9674] loop1: detected capacity change from 0 to 512
[  145.922908][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.957439][ T9674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.036272][ T9674] ext4 filesystem being mounted at /358/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.052586][ T9684] can0: slcan on ttyS3.
[  146.091305][ T9674] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1572: corrupted inode contents
[  146.113500][ T9684] can0 (unregistered): slcan off ttyS3.
[  146.134667][ T9691] can0: slcan on ttyS3.
[  146.163457][ T9674] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.1572: mark_inode_dirty error
[  146.200839][ T9674] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1572: corrupted inode contents
[  146.214083][ T9697] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1572: corrupted inode contents
[  146.230403][ T9683] can0 (unregistered): slcan off ttyS3.
[  146.592135][ T9733] loop3: detected capacity change from 0 to 128
[  146.820109][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.017615][ T9745] loop1: detected capacity change from 0 to 1024
[  147.029639][ T9745] EXT4-fs: Ignoring removed nobh option
[  147.035624][ T9745] EXT4-fs: Ignoring removed nobh option
[  147.046421][ T9745] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  147.057469][ T9745] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: comm syz.1.1583: inode #4294967295: comm syz.1.1583: iget: illegal inode #
[  147.077962][ T9745] EXT4-fs (loop1): no journal found
[  147.083449][ T9745] EXT4-fs (loop1): can't get journal size
[  147.090398][ T9745] EXT4-fs (loop1): failed to initialize system zone (-22)
[  147.097729][ T9745] EXT4-fs (loop1): mount failed
[  147.174789][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1586'.
[  147.244297][ T9757] can0: slcan on ttyS3.
[  147.290658][ T9757] can0 (unregistered): slcan off ttyS3.
[  147.293707][ T9763] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1592'.
[  147.316834][ T9764] can0: slcan on ttyS3.
[  147.380770][ T9756] can0 (unregistered): slcan off ttyS3.
[  147.428425][ T9774] loop5: detected capacity change from 0 to 128
[  147.453135][ T9778] loop2: detected capacity change from 0 to 1024
[  147.477134][ T9778] EXT4-fs: Ignoring removed nobh option
[  147.482853][ T9778] EXT4-fs: Ignoring removed nobh option
[  147.483286][ T9781] can0: slcan on ttyS3.
[  147.506117][ T9778] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  147.516738][ T9778] EXT4-fs error (device loop2): ext4_get_journal_inode:5808: comm syz.2.1597: inode #4294967295: comm syz.2.1597: iget: illegal inode #
[  147.535063][ T9778] EXT4-fs (loop2): no journal found
[  147.540472][ T9778] EXT4-fs (loop2): can't get journal size
[  147.549838][ T9778] EXT4-fs (loop2): failed to initialize system zone (-22)
[  147.561252][ T9778] EXT4-fs (loop2): mount failed
[  147.570722][ T9781] can0 (unregistered): slcan off ttyS3.
[  147.583884][ T9781] can0: slcan on ttyS3.
[  147.640679][ T9780] can0 (unregistered): slcan off ttyS3.
[  147.732413][ T9811] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1604'.
[  147.827240][ T9829] loop1: detected capacity change from 0 to 128
[  148.030769][ T9842] SET target dimension over the limit!
[  148.247664][ T9852] loop4: detected capacity change from 0 to 1024
[  148.265540][ T9852] EXT4-fs: Ignoring removed nobh option
[  148.271352][ T9852] EXT4-fs: Ignoring removed nobh option
[  148.281812][ T9858] loop5: detected capacity change from 0 to 512
[  148.292761][ T9852] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  148.312299][ T9852] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.1615: inode #4294967295: comm syz.4.1615: iget: illegal inode #
[  148.334838][ T9863] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=19216 sclass=netlink_route_socket pid=9863 comm=syz.2.1619
[  148.340889][ T9852] EXT4-fs (loop4): no journal found
[  148.353087][ T9852] EXT4-fs (loop4): can't get journal size
[  148.359879][ T9858] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.371970][ T9863] loop2: detected capacity change from 0 to 2048
[  148.373496][ T9852] EXT4-fs (loop4): failed to initialize system zone (-22)
[  148.380626][ T9858] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  148.386692][ T9852] EXT4-fs (loop4): mount failed
[  148.413647][ T9863] EXT4-fs (loop2): failed to initialize system zone (-117)
[  148.430477][ T9863] EXT4-fs (loop2): mount failed
[  148.443700][ T9858] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1617: corrupted inode contents
[  148.457060][ T9858] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.1617: mark_inode_dirty error
[  148.473058][ T9858] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1617: corrupted inode contents
[  148.496151][ T9858] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1617: corrupted inode contents
[  148.530404][ T9871] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1622'.
[  148.569903][ T9875] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1624'.
[  148.578891][ T9875] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1624'.
[  148.589162][ T9877] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.642064][ T9877] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.704844][ T9877] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.821926][ T9877] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.855429][ T9896] can0: slcan on ttyS3.
[  148.917312][ T6504] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.929402][ T6504] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.947679][ T6504] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.974790][ T9896] can0 (unregistered): slcan off ttyS3.
[  148.987325][   T52] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.008529][ T9901] can0: slcan on ttyS3.
[  149.019534][ T9911] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1632'.
[  149.060320][ T3546] printk: udevd: 19 output lines suppressed due to ratelimiting
[  149.128760][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.140663][ T9895] can0 (unregistered): slcan off ttyS3.
[  149.164127][ T9920] loop5: detected capacity change from 0 to 128
[  149.205344][ T9922] bridge0: entered promiscuous mode
[  149.210961][ T9922] macsec1: entered promiscuous mode
[  149.217902][ T9922] bridge0: port 3(macsec1) entered blocking state
[  149.224505][ T9922] bridge0: port 3(macsec1) entered disabled state
[  149.231747][ T9922] macsec1: entered allmulticast mode
[  149.237193][ T9922] bridge0: entered allmulticast mode
[  149.240457][ T9930] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1640'.
[  149.252011][ T9922] macsec1: left allmulticast mode
[  149.257151][ T9922] bridge0: left allmulticast mode
[  149.263405][ T9922] bridge0: left promiscuous mode
[  149.620381][   T29] kauditd_printk_skb: 2355 callbacks suppressed
[  149.620460][   T29] audit: type=1326 audit(1760575415.696:21105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.650650][   T29] audit: type=1326 audit(1760575415.696:21106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.674477][   T29] audit: type=1326 audit(1760575415.696:21107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.698487][   T29] audit: type=1326 audit(1760575415.696:21108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.722542][   T29] audit: type=1326 audit(1760575415.696:21109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.746603][   T29] audit: type=1326 audit(1760575415.696:21110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.770847][   T29] audit: type=1326 audit(1760575415.696:21111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.794945][   T29] audit: type=1326 audit(1760575415.696:21112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.819016][   T29] audit: type=1326 audit(1760575415.696:21113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.842911][   T29] audit: type=1326 audit(1760575415.696:21114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9919 comm="syz.5.1637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d306c1785 code=0x7ffc0000
[  149.974873][ T9943] loop4: detected capacity change from 0 to 4096
[  149.985157][ T9943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.021388][ T9949] loop5: detected capacity change from 0 to 512
[  150.028660][ T9949] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  150.092074][ T9949] EXT4-fs (loop5): 1 truncate cleaned up
[  150.098180][ T9949] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.129773][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.143347][ T9958] loop1: detected capacity change from 0 to 512
[  150.164547][ T9958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.178412][ T9958] ext4 filesystem being mounted at /372/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  150.192919][ T9958] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1648: corrupted inode contents
[  150.236230][ T9958] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.1648: mark_inode_dirty error
[  150.268840][ T9958] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1648: corrupted inode contents
[  150.281551][ T9964] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1648: corrupted inode contents
[  150.415452][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.604626][ T9981] can0: slcan on ttyS3.
[  150.636667][ T9985] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1657'.
[  150.650513][ T9981] can0 (unregistered): slcan off ttyS3.
[  150.672960][ T9981] can0: slcan on ttyS3.
[  150.730586][ T9980] can0 (unregistered): slcan off ttyS3.
[  151.142521][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.294084][T10006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1663'.
[  151.303383][T10006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1663'.
[  151.339056][T10008] can0: slcan on ttyS3.
[  151.380546][T10008] can0 (unregistered): slcan off ttyS3.
[  151.389926][T10008] can0: slcan on ttyS3.
[  151.470345][T10007] can0 (unregistered): slcan off ttyS3.
[  151.849345][T10040] loop1: detected capacity change from 0 to 1024
[  151.886514][T10038] SET target dimension over the limit!
[  151.902008][T10040] EXT4-fs: Ignoring removed oldalloc option
[  151.908075][T10040] EXT4-fs: Ignoring removed bh option
[  152.017399][T10040] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.033925][T10045] can0: slcan on ttyS3.
[  152.130804][T10045] can0 (unregistered): slcan off ttyS3.
[  152.144117][T10048] can0: slcan on ttyS3.
[  152.162836][T10040] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.1678: Allocating blocks 497-513 which overlap fs metadata
[  152.254678][T10043] can0 (unregistered): slcan off ttyS3.
[  152.282150][T10036] EXT4-fs (loop1): pa ffff888106e1af50: logic 160, phys. 401, len 7
[  152.290230][T10036] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  152.324776][T10052] __nla_validate_parse: 3 callbacks suppressed
[  152.324796][T10052] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1681'.
[  152.352533][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.405363][T10061] can0: slcan on ttyS3.
[  152.451031][T10061] can0 (unregistered): slcan off ttyS3.
[  152.459814][T10061] can0: slcan on ttyS3.
[  152.551093][T10060] can0 (unregistered): slcan off ttyS3.
[  153.071477][T10092] can0: slcan on ttyS3.
[  153.077645][T10094] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1696'.
[  153.088364][T10090] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1695'.
[  153.104688][T10090] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1695'.
[  153.118565][T10090] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1695'.
[  153.132976][T10090] loop1: detected capacity change from 0 to 512
[  153.133785][T10095] bridge0: entered promiscuous mode
[  153.144946][T10092] can0 (unregistered): slcan off ttyS3.
[  153.145389][T10095] macsec1: entered promiscuous mode
[  153.156881][T10090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.157511][T10095] bridge0: port 3(macsec1) entered blocking state
[  153.170120][T10090] ext4 filesystem being mounted at /381/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.176894][T10095] bridge0: port 3(macsec1) entered disabled state
[  153.305453][T10095] macsec1: entered allmulticast mode
[  153.311226][T10095] bridge0: entered allmulticast mode
[  153.380758][T10095] macsec1: left allmulticast mode
[  153.385887][T10095] bridge0: left allmulticast mode
[  153.391258][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.410849][T10095] bridge0: left promiscuous mode
[  153.424135][T10098] can0: slcan on ttyS3.
[  153.716406][T10105] loop1: detected capacity change from 0 to 512
[  153.732077][T10105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.744854][T10091] can0 (unregistered): slcan off ttyS3.
[  153.750927][T10105] ext4 filesystem being mounted at /382/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  153.767191][T10105] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1699: corrupted inode contents
[  153.779437][T10105] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.1699: mark_inode_dirty error
[  153.791574][T10105] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1699: corrupted inode contents
[  153.804638][T10105] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.1699: corrupted inode contents
[  153.938631][T10127] loop3: detected capacity change from 0 to 128
[  153.942128][T10129] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1709'.
[  153.982646][T10134] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1711'.
[  154.129530][T10149] macsec1: entered promiscuous mode
[  154.134988][T10149] bridge0: entered promiscuous mode
[  154.140971][T10149] bridge0: port 3(macsec1) entered blocking state
[  154.147502][T10149] bridge0: port 3(macsec1) entered disabled state
[  154.154184][T10149] macsec1: entered allmulticast mode
[  154.160105][T10149] bridge0: entered allmulticast mode
[  154.166981][T10149] macsec1: left allmulticast mode
[  154.172164][T10149] bridge0: left allmulticast mode
[  154.178443][T10149] bridge0: left promiscuous mode
[  154.559220][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.577066][T10159] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1720'.
[  154.587114][T10159] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1720'.
[  154.596919][T10159] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1720'.
[  154.607544][T10159] FAULT_INJECTION: forcing a failure.
[  154.607544][T10159] name failslab, interval 1, probability 0, space 0, times 0
[  154.620490][T10159] CPU: 1 UID: 0 PID: 10159 Comm: syz.1.1720 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  154.620515][T10159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  154.620527][T10159] Call Trace:
[  154.620557][T10159]  <TASK>
[  154.620564][T10159]  __dump_stack+0x1d/0x30
[  154.620663][T10159]  dump_stack_lvl+0xe8/0x140
[  154.620681][T10159]  dump_stack+0x15/0x1b
[  154.620696][T10159]  should_fail_ex+0x265/0x280
[  154.620728][T10159]  should_failslab+0x8c/0xb0
[  154.620820][T10159]  kmem_cache_alloc_noprof+0x50/0x480
[  154.620845][T10159]  ? sk_prot_alloc+0x3f/0x190
[  154.620878][T10159]  ? should_failslab+0x8c/0xb0
[  154.620903][T10159]  sk_prot_alloc+0x3f/0x190
[  154.620928][T10159]  sk_alloc+0x34/0x360
[  154.620953][T10159]  inet_create+0x3c0/0x780
[  154.621063][T10159]  __sock_create+0x2ec/0x5b0
[  154.621093][T10159]  sock_create_kern+0x38/0x50
[  154.621120][T10159]  mptcp_subflow_create_socket+0x84/0x500
[  154.621155][T10159]  __mptcp_nmpc_sk+0xb5/0x3d0
[  154.621174][T10159]  mptcp_connect+0x58/0x890
[  154.621201][T10159]  __inet_stream_connect+0x169/0x7d0
[  154.621274][T10159]  ? _raw_spin_unlock_bh+0x36/0x40
[  154.621384][T10159]  ? release_sock+0x116/0x150
[  154.621404][T10159]  ? _raw_spin_unlock_bh+0x36/0x40
[  154.621431][T10159]  ? lock_sock_nested+0x112/0x140
[  154.621461][T10159]  ? selinux_netlbl_socket_connect+0x115/0x130
[  154.621489][T10159]  inet_stream_connect+0x44/0x70
[  154.621531][T10159]  ? __pfx_inet_stream_connect+0x10/0x10
[  154.621617][T10159]  __sys_connect+0x1f2/0x2b0
[  154.621645][T10159]  __x64_sys_connect+0x3f/0x50
[  154.621728][T10159]  x64_sys_call+0x2c0c/0x3000
[  154.621780][T10159]  do_syscall_64+0xd2/0x200
[  154.621802][T10159]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  154.621881][T10159]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  154.621945][T10159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.621965][T10159] RIP: 0033:0x7f5d6e35eec9
[  154.621979][T10159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.621997][T10159] RSP: 002b:00007f5d6cdbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  154.622015][T10159] RAX: ffffffffffffffda RBX: 00007f5d6e5b5fa0 RCX: 00007f5d6e35eec9
[  154.622026][T10159] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 000000000000000a
[  154.622038][T10159] RBP: 00007f5d6cdbf090 R08: 0000000000000000 R09: 0000000000000000
[  154.622049][T10159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.622062][T10159] R13: 00007f5d6e5b6038 R14: 00007f5d6e5b5fa0 R15: 00007ffdae8f3d88
[  154.622081][T10159]  </TASK>
[  154.886656][   T29] kauditd_printk_skb: 1144 callbacks suppressed
[  154.886673][   T29] audit: type=1326 audit(1760575420.966:22259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10126 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  154.928316][   T29] audit: type=1326 audit(1760575420.986:22260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10126 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  155.013372][T10169] loop4: detected capacity change from 0 to 128
[  155.066659][T10169] FAT-fs (loop4): Directory bread(block 414) failed
[  155.113595][T10169] FAT-fs (loop4): Directory bread(block 415) failed
[  155.206303][T10169] FAT-fs (loop4): Directory bread(block 416) failed
[  155.243073][T10169] FAT-fs (loop4): Directory bread(block 417) failed
[  155.297094][T10169] FAT-fs (loop4): Directory bread(block 418) failed
[  155.374666][T10169] FAT-fs (loop4): Directory bread(block 419) failed
[  155.392388][T10187] 9pnet_fd: Insufficient options for proto=fd
[  155.428430][T10169] FAT-fs (loop4): Directory bread(block 420) failed
[  155.447495][   T29] audit: type=1400 audit(1760575421.456:22261): avc:  denied  { ioctl } for  pid=10185 comm="syz.1.1731" path="socket:[27685]" dev="sockfs" ino=27685 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  155.473131][   T29] audit: type=1400 audit(1760575421.466:22262): avc:  denied  { mounton } for  pid=10185 comm="syz.1.1731" path="/syzcgroup/net/syz1/devices.allow" dev="cgroup" ino=67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  155.498204][   T29] audit: type=1326 audit(1760575421.496:22263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10191 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  155.521912][   T29] audit: type=1326 audit(1760575421.496:22264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10191 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  155.545541][   T29] audit: type=1326 audit(1760575421.496:22265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10191 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  155.569411][   T29] audit: type=1326 audit(1760575421.516:22266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10191 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  155.593437][   T29] audit: type=1326 audit(1760575421.516:22267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10191 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  155.617488][   T29] audit: type=1326 audit(1760575421.516:22268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10191 comm="syz.2.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  155.650569][T10190] loop5: detected capacity change from 0 to 1024
[  155.668184][T10169] FAT-fs (loop4): Directory bread(block 421) failed
[  155.678506][T10190] EXT4-fs (loop5): stripe (2039) is not aligned with cluster size (16), stripe is disabled
[  155.691099][T10190] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  155.915467][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.964378][T10215] loop5: detected capacity change from 0 to 1024
[  155.982277][T10216] bridge0: entered promiscuous mode
[  156.005446][T10216] macsec1: entered promiscuous mode
[  156.021138][T10215] EXT4-fs: Ignoring removed oldalloc option
[  156.027146][T10215] EXT4-fs: Ignoring removed bh option
[  156.042169][T10216] bridge0: port 3(macsec1) entered blocking state
[  156.048691][T10216] bridge0: port 3(macsec1) entered disabled state
[  156.095785][T10216] macsec1: entered allmulticast mode
[  156.101456][T10216] bridge0: entered allmulticast mode
[  156.119123][T10216] macsec1: left allmulticast mode
[  156.124305][T10216] bridge0: left allmulticast mode
[  156.136960][T10215] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.150955][T10216] bridge0: left promiscuous mode
[  156.176247][T10215] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.1737: Allocating blocks 497-513 which overlap fs metadata
[  156.250642][T10214] EXT4-fs (loop5): pa ffff888106e3f7e0: logic 160, phys. 401, len 7
[  156.258760][T10214] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  156.404919][T10285] can0: slcan on ttyS3.
[  156.450769][T10285] can0 (unregistered): slcan off ttyS3.
[  156.460647][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.470074][T10292] loop4: detected capacity change from 0 to 512
[  156.529969][T10292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.577973][T10292] ext4 filesystem being mounted at /299/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  156.625216][T10292] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.1746: corrupted inode contents
[  156.637867][T10292] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.1746: mark_inode_dirty error
[  156.649637][T10292] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.1746: corrupted inode contents
[  156.665882][T10292] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.1746: corrupted inode contents
[  156.746444][T10320] syzkaller0: entered allmulticast mode
[  156.752388][T10320] syzkaller0: entered promiscuous mode
[  156.762052][T10320] syzkaller0 (unregistering): left allmulticast mode
[  156.768891][T10320] syzkaller0 (unregistering): left promiscuous mode
[  156.856765][T10323] bridge0: entered promiscuous mode
[  156.863209][T10323] macsec1: entered promiscuous mode
[  156.871623][T10323] bridge0: port 3(macsec1) entered blocking state
[  156.878413][T10323] bridge0: port 3(macsec1) entered disabled state
[  156.891254][T10323] macsec1: entered allmulticast mode
[  156.896616][T10323] bridge0: entered allmulticast mode
[  156.903099][T10323] macsec1: left allmulticast mode
[  156.908197][T10323] bridge0: left allmulticast mode
[  156.916050][T10323] bridge0: left promiscuous mode
[  156.928264][T10331] can0: slcan on ttyS3.
[  156.939042][T10336] bond0: entered promiscuous mode
[  156.944383][T10336] bond_slave_0: entered promiscuous mode
[  156.950145][T10336] bond_slave_1: entered promiscuous mode
[  156.966941][T10336] dummy0: entered promiscuous mode
[  156.973314][T10336] hsr1: entered promiscuous mode
[  156.978616][T10336] hsr1: entered allmulticast mode
[  156.983767][T10336] bond0: entered allmulticast mode
[  156.989011][T10336] bond_slave_0: entered allmulticast mode
[  156.995207][T10336] bond_slave_1: entered allmulticast mode
[  157.001895][T10336] dummy0: entered allmulticast mode
[  157.060505][T10337] can0 (unregistered): slcan off ttyS3.
[  157.192402][T10357] infiniband syz2: set active
[  157.197238][T10357] infiniband syz2: added bond0
[  157.220856][T10357] RDS/IB: syz2: added
[  157.248776][T10365] loop3: detected capacity change from 0 to 4096
[  157.347333][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.359587][T10365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.557948][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.618224][T10376] SET target dimension over the limit!
[  157.665225][T10382] can0: slcan on ttyS3.
[  157.720407][T10382] can0 (unregistered): slcan off ttyS3.
[  157.757228][T10388] __nla_validate_parse: 9 callbacks suppressed
[  157.757243][T10388] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1779'.
[  157.796612][T10391] loop3: detected capacity change from 0 to 1024
[  157.803781][T10391] EXT4-fs: Ignoring removed orlov option
[  157.810018][T10391] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  157.831833][T10391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.001070][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.020527][T10400] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1784'.
[  158.235019][T10435] loop3: detected capacity change from 0 to 1024
[  158.241992][T10435] EXT4-fs: Ignoring removed orlov option
[  158.248324][T10435] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  158.279198][T10435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.689862][T10452] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1798'.
[  158.944015][T10470] SET target dimension over the limit!
[  159.163165][T10479] can0: slcan on ttyS3.
[  159.230369][T10483] can0 (unregistered): slcan off ttyS3.
[  159.238861][T10481] can0: slcan on ttyS3.
[  159.266779][T10485] ieee802154 phy0 wpan0: encryption failed: -22
[  159.307508][T10487] loop3: detected capacity change from 0 to 128
[  159.320792][T10480] can0 (unregistered): slcan off ttyS3.
[  159.483354][T10498] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1815'.
[  159.526746][T10500] tmpfs: Unknown parameter 'mÂLave'
[  159.579609][T10507] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1819'.
[  159.654260][T10512] can0: slcan on ttyS3.
[  159.710526][T10512] can0 (unregistered): slcan off ttyS3.
[  159.722011][T10515] can0: slcan on ttyS3.
[  159.777801][T10511] can0 (unregistered): slcan off ttyS3.
[  159.803409][T10518] loop5: detected capacity change from 0 to 1024
[  159.826126][T10518] EXT4-fs: Ignoring removed nobh option
[  159.832113][T10518] EXT4-fs: Ignoring removed nobh option
[  159.842312][T10518] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  159.852545][T10514] SET target dimension over the limit!
[  159.869030][T10518] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: comm syz.5.1823: inode #4294967295: comm syz.5.1823: iget: illegal inode #
[  159.890470][   T29] kauditd_printk_skb: 1331 callbacks suppressed
[  159.890489][   T29] audit: type=1326 audit(1760575425.966:23597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  159.930752][T10518] EXT4-fs (loop5): no journal found
[  159.936007][T10518] EXT4-fs (loop5): can't get journal size
[  159.938497][   T29] audit: type=1326 audit(1760575425.996:23598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  159.965727][   T29] audit: type=1326 audit(1760575426.006:23599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  159.989641][   T29] audit: type=1326 audit(1760575426.006:23600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.013977][   T29] audit: type=1326 audit(1760575426.006:23601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.037904][   T29] audit: type=1326 audit(1760575426.006:23602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.061866][   T29] audit: type=1326 audit(1760575426.006:23603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.086472][   T29] audit: type=1326 audit(1760575426.006:23604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.098730][T10518] EXT4-fs (loop5): failed to initialize system zone (-22)
[  160.111139][   T29] audit: type=1326 audit(1760575426.006:23605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.140088][T10518] EXT4-fs (loop5): mount failed
[  160.142871][   T29] audit: type=1326 audit(1760575426.006:23606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10486 comm="syz.3.1810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f96c8521785 code=0x7ffc0000
[  160.259500][    T9] hid-generic 0003:0004:0000.0005: item fetching failed at offset 16/18
[  160.268371][    T9] hid-generic 0003:0004:0000.0005: probe with driver hid-generic failed with error -22
[  160.313147][T10541] loop1: detected capacity change from 0 to 1024
[  160.330214][T10541] EXT4-fs: Ignoring removed oldalloc option
[  160.336447][T10541] EXT4-fs: Ignoring removed bh option
[  160.350030][T10544] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1832'.
[  160.446779][T10554] loop1: detected capacity change from 0 to 1024
[  160.459669][T10554] EXT4-fs: Ignoring removed orlov option
[  160.470086][T10554] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  160.561095][T10558] loop3: detected capacity change from 0 to 128
[  160.627857][T10552] SET target dimension over the limit!
[  160.939625][T10578] loop5: detected capacity change from 0 to 1024
[  160.960894][T10578] EXT4-fs: Ignoring removed oldalloc option
[  160.966956][T10578] EXT4-fs: Ignoring removed bh option
[  161.009234][T10580] loop1: detected capacity change from 0 to 1024
[  161.023962][T10580] EXT4-fs: Ignoring removed nobh option
[  161.029627][T10580] EXT4-fs: Ignoring removed nobh option
[  161.043061][T10580] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  161.061801][T10580] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: comm syz.1.1846: inode #4294967295: comm syz.1.1846: iget: illegal inode #
[  161.077458][T10580] EXT4-fs (loop1): no journal found
[  161.082994][T10580] EXT4-fs (loop1): can't get journal size
[  161.109815][T10580] EXT4-fs (loop1): failed to initialize system zone (-22)
[  161.118659][T10580] EXT4-fs (loop1): mount failed
[  161.173058][T10585] loop5: detected capacity change from 0 to 512
[  161.261679][T10585] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  161.282517][T10585] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1847: corrupted inode contents
[  161.308375][T10585] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.1847: mark_inode_dirty error
[  161.321278][T10585] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1847: corrupted inode contents
[  161.342832][T10596] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1847: corrupted inode contents
[  161.655809][T10607] SET target dimension over the limit!
[  161.830381][T10610] bridge0: entered promiscuous mode
[  161.840363][T10610] macsec1: entered promiscuous mode
[  161.846656][T10610] bridge0: port 3(macsec1) entered blocking state
[  161.853242][T10610] bridge0: port 3(macsec1) entered disabled state
[  161.871158][T10610] macsec1: entered allmulticast mode
[  161.876586][T10610] bridge0: entered allmulticast mode
[  161.882641][T10610] macsec1: left allmulticast mode
[  161.887721][T10610] bridge0: left allmulticast mode
[  161.893491][T10610] bridge0: left promiscuous mode
[  162.192434][T10627] loop1: detected capacity change from 0 to 1024
[  162.199653][T10627] EXT4-fs: Ignoring removed orlov option
[  162.206346][T10625] loop5: detected capacity change from 0 to 128
[  162.212768][T10627] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  162.493697][T10642] loop3: detected capacity change from 0 to 512
[  162.533154][T10642] ext4 filesystem being mounted at /435/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.563674][T10642] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1866: corrupted inode contents
[  162.573140][T10650] can0: slcan on ttyS3.
[  162.582285][T10642] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.1866: mark_inode_dirty error
[  162.600814][T10642] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1866: corrupted inode contents
[  162.624258][T10642] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1866: corrupted inode contents
[  162.641980][T10650] can0 (unregistered): slcan off ttyS3.
[  162.650648][T10652] can0: slcan on ttyS3.
[  162.710397][T10649] can0 (unregistered): slcan off ttyS3.
[  162.771809][T10654] loop1: detected capacity change from 0 to 4096
[  162.912883][T10658] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1871'.
[  163.301106][T10668] loop1: detected capacity change from 0 to 1024
[  163.337018][T10672] loop5: detected capacity change from 0 to 512
[  163.357499][T10668] EXT4-fs: Ignoring removed nobh option
[  163.363349][T10668] EXT4-fs: Ignoring removed nobh option
[  163.396388][T10672] EXT4-fs: Ignoring removed nobh option
[  163.425981][T10668] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  163.451188][T10672] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.1876: corrupted inode contents
[  163.479063][T10668] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: comm syz.1.1874: inode #4294967295: comm syz.1.1874: iget: illegal inode #
[  163.499625][T10672] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #3: comm syz.5.1876: mark_inode_dirty error
[  163.503189][T10668] EXT4-fs (loop1): no journal found
[  163.516252][T10668] EXT4-fs (loop1): can't get journal size
[  163.525353][T10672] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #3: comm syz.5.1876: corrupted inode contents
[  163.526426][T10668] EXT4-fs (loop1): failed to initialize system zone (-22)
[  163.545960][T10672] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #3: comm syz.5.1876: mark_inode_dirty error
[  163.558154][T10672] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.1876: Failed to acquire dquot type 0
[  163.569940][T10668] EXT4-fs (loop1): mount failed
[  163.582908][T10672] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.1876: corrupted inode contents
[  163.600862][T10672] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #16: comm syz.5.1876: mark_inode_dirty error
[  163.618721][T10672] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.1876: corrupted inode contents
[  163.632220][T10672] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #16: comm syz.5.1876: mark_inode_dirty error
[  163.645509][T10672] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.1876: corrupted inode contents
[  163.653841][T10685] loop1: detected capacity change from 0 to 128
[  163.664291][T10672] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  163.674876][T10672] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.1876: corrupted inode contents
[  163.687955][T10672] EXT4-fs error (device loop5): ext4_truncate:4637: inode #16: comm syz.5.1876: mark_inode_dirty error
[  163.699576][T10672] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  163.709630][T10672] EXT4-fs (loop5): 1 truncate cleaned up
[  163.716037][T10672] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.728822][T10672] xt_hashlimit: max too large, truncated to 1048576
[  163.751155][T10672] syz.5.1876 (10672) used greatest stack depth: 9680 bytes left
[  163.771151][T10693] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1883'.
[  163.804715][T10698] loop5: detected capacity change from 0 to 512
[  163.818926][T10700] FAULT_INJECTION: forcing a failure.
[  163.818926][T10700] name failslab, interval 1, probability 0, space 0, times 0
[  163.831631][T10700] CPU: 0 UID: 0 PID: 10700 Comm: syz.2.1886 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  163.831666][T10700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  163.831682][T10700] Call Trace:
[  163.831689][T10700]  <TASK>
[  163.831698][T10700]  __dump_stack+0x1d/0x30
[  163.831721][T10700]  dump_stack_lvl+0xe8/0x140
[  163.831740][T10700]  dump_stack+0x15/0x1b
[  163.831797][T10700]  should_fail_ex+0x265/0x280
[  163.831841][T10700]  should_failslab+0x8c/0xb0
[  163.831912][T10700]  kmem_cache_alloc_noprof+0x50/0x480
[  163.831948][T10700]  ? audit_log_start+0x342/0x720
[  163.831994][T10700]  audit_log_start+0x342/0x720
[  163.832022][T10700]  audit_seccomp+0x48/0x100
[  163.832085][T10700]  ? __seccomp_filter+0x82d/0x1250
[  163.832126][T10700]  __seccomp_filter+0x83e/0x1250
[  163.832237][T10700]  ? strncpy_from_user+0x1eb/0x230
[  163.832269][T10700]  ? kmem_cache_free+0xe4/0x3d0
[  163.832339][T10700]  __secure_computing+0x82/0x150
[  163.832372][T10700]  syscall_trace_enter+0xcf/0x1e0
[  163.832409][T10700]  do_syscall_64+0xac/0x200
[  163.832439][T10700]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  163.832546][T10700]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  163.832577][T10700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.832605][T10700] RIP: 0033:0x7f46a030d8dc
[  163.832620][T10700] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  163.832641][T10700] RSP: 002b:00007f469ed6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.832667][T10700] RAX: ffffffffffffffda RBX: 00007f46a0565fa0 RCX: 00007f46a030d8dc
[  163.832755][T10700] RDX: 000000000000000f RSI: 00007f469ed6f0a0 RDI: 0000000000000003
[  163.832772][T10700] RBP: 00007f469ed6f090 R08: 0000000000000000 R09: 0000000000000000
[  163.832785][T10700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.832797][T10700] R13: 00007f46a0566038 R14: 00007f46a0565fa0 R15: 00007ffeafbe9d28
[  163.832819][T10700]  </TASK>
[  163.833577][T10698] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  163.906816][T10704] tipc: Started in network mode
[  164.048784][T10704] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  164.062467][T10698] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1885: corrupted inode contents
[  164.063844][T10707] siw: device registration error -23
[  164.074544][T10698] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.1885: mark_inode_dirty error
[  164.097336][T10704] tipc: Enabled bearer <udp:s>, priority 10
[  164.106986][T10698] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1885: corrupted inode contents
[  164.147680][T10711] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1885: corrupted inode contents
[  164.199291][T10717] loop4: detected capacity change from 0 to 1024
[  164.207387][T10717] EXT4-fs: Ignoring removed nobh option
[  164.213194][T10717] EXT4-fs: Ignoring removed nobh option
[  164.220688][T10717] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  164.224150][T10719] loop3: detected capacity change from 0 to 1024
[  164.242977][T10719] EXT4-fs: Ignoring removed orlov option
[  164.251461][T10719] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  164.265851][T10717] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.1891: inode #4294967295: comm syz.4.1891: iget: illegal inode #
[  164.291457][T10717] EXT4-fs (loop4): no journal found
[  164.296704][T10717] EXT4-fs (loop4): can't get journal size
[  164.312293][T10717] EXT4-fs (loop4): failed to initialize system zone (-22)
[  164.327479][T10717] EXT4-fs (loop4): mount failed
[  164.336946][T10714] SET target dimension over the limit!
[  164.400064][T10725] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1894'.
[  164.557358][T10743] loop3: detected capacity change from 0 to 1024
[  164.577398][T10737] loop4: detected capacity change from 0 to 2048
[  164.591670][T10743] EXT4-fs: Ignoring removed nobh option
[  164.597349][T10743] EXT4-fs: Ignoring removed bh option
[  164.641942][T10737] rdma_rxe: rxe_newlink: failed to add bond0
[  164.679215][T10752] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1905'.
[  164.738231][T10743] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  164.749114][T10763] loop5: detected capacity change from 0 to 1024
[  164.756195][T10763] EXT4-fs: Ignoring removed nobh option
[  164.762060][T10763] EXT4-fs: Ignoring removed nobh option
[  164.769938][T10764] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1908'.
[  164.779128][T10763] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  164.789318][T10763] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: comm syz.5.1904: inode #4294967295: comm syz.5.1904: iget: illegal inode #
[  164.789538][T10763] EXT4-fs (loop5): no journal found
[  164.789609][T10763] EXT4-fs (loop5): can't get journal size
[  164.818826][T10763] EXT4-fs (loop5): failed to initialize system zone (-22)
[  164.818860][T10763] EXT4-fs (loop5): mount failed
[  164.865015][T10775] x_tables: duplicate underflow at hook 1
[  164.900610][   T29] kauditd_printk_skb: 2285 callbacks suppressed
[  164.900628][   T29] audit: type=1326 audit(1760575430.976:25888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  164.953275][ T3315] EXT4-fs unmount: 22 callbacks suppressed
[  164.953291][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.955378][   T29] audit: type=1326 audit(1760575431.026:25889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  164.991650][   T29] audit: type=1326 audit(1760575431.026:25890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.007669][T10778] SET target dimension over the limit!
[  165.015022][   T29] audit: type=1326 audit(1760575431.026:25891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.043685][   T29] audit: type=1326 audit(1760575431.026:25892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.067029][   T29] audit: type=1326 audit(1760575431.026:25893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.091289][   T29] audit: type=1326 audit(1760575431.026:25894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.114549][   T29] audit: type=1326 audit(1760575431.026:25895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  165.138488][   T29] audit: type=1326 audit(1760575431.026:25897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.163892][   T29] audit: type=1326 audit(1760575431.026:25898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10776 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d3068eec9 code=0x7ffc0000
[  165.187349][ T1029] tipc: Node number set to 4269801488
[  165.219918][T10784] loop4: detected capacity change from 0 to 512
[  165.247412][T10787] FAULT_INJECTION: forcing a failure.
[  165.247412][T10787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.260546][T10787] CPU: 1 UID: 0 PID: 10787 Comm: syz.5.1916 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  165.260598][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  165.260611][T10787] Call Trace:
[  165.260618][T10787]  <TASK>
[  165.260626][T10787]  __dump_stack+0x1d/0x30
[  165.260650][T10787]  dump_stack_lvl+0xe8/0x140
[  165.260698][T10787]  dump_stack+0x15/0x1b
[  165.260718][T10787]  should_fail_ex+0x265/0x280
[  165.260765][T10787]  should_fail+0xb/0x20
[  165.260805][T10787]  should_fail_usercopy+0x1a/0x20
[  165.260825][T10787]  _copy_from_iter+0xd2/0xe80
[  165.260848][T10787]  ? __build_skb_around+0x1ab/0x200
[  165.260875][T10787]  ? __alloc_skb+0x223/0x320
[  165.260933][T10787]  netlink_sendmsg+0x471/0x6b0
[  165.260976][T10787]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.261012][T10787]  __sock_sendmsg+0x145/0x180
[  165.261101][T10787]  ____sys_sendmsg+0x31e/0x4e0
[  165.261191][T10787]  ___sys_sendmsg+0x17b/0x1d0
[  165.261245][T10787]  __x64_sys_sendmsg+0xd4/0x160
[  165.261286][T10787]  x64_sys_call+0x191e/0x3000
[  165.261309][T10787]  do_syscall_64+0xd2/0x200
[  165.261385][T10787]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  165.261413][T10787]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  165.261445][T10787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.261475][T10787] RIP: 0033:0x7f1d3068eec9
[  165.261546][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.261566][T10787] RSP: 002b:00007f1d2f0ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.261613][T10787] RAX: ffffffffffffffda RBX: 00007f1d308e5fa0 RCX: 00007f1d3068eec9
[  165.261626][T10787] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[  165.261638][T10787] RBP: 00007f1d2f0ef090 R08: 0000000000000000 R09: 0000000000000000
[  165.261650][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.261662][T10787] R13: 00007f1d308e6038 R14: 00007f1d308e5fa0 R15: 00007fff21dbde48
[  165.261731][T10787]  </TASK>
[  165.498343][T10784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.513435][T10784] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  165.556046][T10784] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.1915: corrupted inode contents
[  165.556717][T10794] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1918'.
[  165.569908][T10784] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.1915: mark_inode_dirty error
[  165.595704][T10784] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.1915: corrupted inode contents
[  165.613156][T10784] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.1915: corrupted inode contents
[  165.680586][T10803] loop5: detected capacity change from 0 to 4096
[  165.698586][T10803] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.859910][T10823] SET target dimension over the limit!
[  165.874667][T10824] loop3: detected capacity change from 0 to 256
[  165.919774][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.951129][T10826] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1931'.
[  166.005845][T10832] loop1: detected capacity change from 0 to 512
[  166.014961][T10832] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.1933: error while reading EA inode 32 err=-116
[  166.018790][T10836] syzkaller1: entered promiscuous mode
[  166.028188][T10832] EXT4-fs (loop1): Remounting filesystem read-only
[  166.033087][T10836] syzkaller1: entered allmulticast mode
[  166.039809][T10832] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  166.059066][T10839] loop5: detected capacity change from 0 to 128
[  166.071907][T10832] EXT4-fs (loop1): 1 orphan inode deleted
[  166.078499][T10832] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.091593][T10832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.092234][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.237447][T10855] can0: slcan on ttyS3.
[  166.263373][T10861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.280287][T10855] can0 (unregistered): slcan off ttyS3.
[  166.289140][T10855] can0: slcan on ttyS3.
[  166.293681][T10861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.394618][T10870] loop5: detected capacity change from 0 to 512
[  166.401374][T10854] can0 (unregistered): slcan off ttyS3.
[  166.416125][T10859] SET target dimension over the limit!
[  166.423575][T10870] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.442020][T10870] ext4 filesystem being mounted at /201/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  166.496484][T10870] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1948: corrupted inode contents
[  166.540508][T10870] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.1948: mark_inode_dirty error
[  166.568671][T10870] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1948: corrupted inode contents
[  166.583155][T10882] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.1948: corrupted inode contents
[  166.744717][T10906] loop4: detected capacity change from 0 to 128
[  166.770039][T10910] loop1: detected capacity change from 0 to 1024
[  166.777037][T10910] EXT4-fs: Ignoring removed oldalloc option
[  166.778466][T10912] can0: slcan on ttyS3.
[  166.783154][T10910] EXT4-fs: Ignoring removed bh option
[  166.795216][T10910] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.822235][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.860406][T10912] can0 (unregistered): slcan off ttyS3.
[  166.869047][T10919] can0: slcan on ttyS3.
[  166.895242][T10921] loop3: detected capacity change from 0 to 512
[  166.911962][T10921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.924499][T10911] can0 (unregistered): slcan off ttyS3.
[  166.943349][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.088690][T10933] SET target dimension over the limit!
[  167.247557][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.306060][T10945] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1971'.
[  167.419913][T10956] can0: slcan on ttyS3.
[  167.470361][T10956] can0 (unregistered): slcan off ttyS3.
[  167.479483][T10958] can0: slcan on ttyS3.
[  167.530374][T10955] can0 (unregistered): slcan off ttyS3.
[  167.580173][T10962] FAULT_INJECTION: forcing a failure.
[  167.580173][T10962] name failslab, interval 1, probability 0, space 0, times 0
[  167.593082][T10962] CPU: 0 UID: 0 PID: 10962 Comm: syz.1.1978 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  167.593121][T10962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  167.593138][T10962] Call Trace:
[  167.593147][T10962]  <TASK>
[  167.593157][T10962]  __dump_stack+0x1d/0x30
[  167.593185][T10962]  dump_stack_lvl+0xe8/0x140
[  167.593256][T10962]  dump_stack+0x15/0x1b
[  167.593278][T10962]  should_fail_ex+0x265/0x280
[  167.593391][T10962]  ? __se_sys_memfd_create+0x1cc/0x590
[  167.593460][T10962]  should_failslab+0x8c/0xb0
[  167.593497][T10962]  __kmalloc_cache_noprof+0x4c/0x4a0
[  167.593611][T10962]  __se_sys_memfd_create+0x1cc/0x590
[  167.593638][T10962]  __x64_sys_memfd_create+0x31/0x40
[  167.593669][T10962]  x64_sys_call+0x2ac2/0x3000
[  167.593701][T10962]  do_syscall_64+0xd2/0x200
[  167.593733][T10962]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  167.593770][T10962]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  167.593800][T10962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.593870][T10962] RIP: 0033:0x7f5d6e35eec9
[  167.593892][T10962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.593932][T10962] RSP: 002b:00007f5d6cdbee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  167.594024][T10962] RAX: ffffffffffffffda RBX: 0000000000000519 RCX: 00007f5d6e35eec9
[  167.594038][T10962] RDX: 00007f5d6cdbeef0 RSI: 0000000000000000 RDI: 00007f5d6e3e2960
[  167.594054][T10962] RBP: 00002000000009c0 R08: 00007f5d6cdbebb7 R09: 00007f5d6cdbee40
[  167.594073][T10962] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000980
[  167.594089][T10962] R13: 00007f5d6cdbeef0 R14: 00007f5d6cdbeeb0 R15: 0000200000000100
[  167.594193][T10962]  </TASK>
[  168.306018][T10982] loop3: detected capacity change from 0 to 1024
[  168.313056][T10982] EXT4-fs: Ignoring removed oldalloc option
[  168.319141][T10982] EXT4-fs: Ignoring removed bh option
[  168.342305][T10982] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.359808][T10989] can0: slcan on ttyS3.
[  168.369710][T10982] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.1985: Allocating blocks 497-513 which overlap fs metadata
[  168.385469][T10981] EXT4-fs (loop3): pa ffff888106e1ae00: logic 160, phys. 401, len 7
[  168.393804][T10981] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  168.410352][T10989] can0 (unregistered): slcan off ttyS3.
[  168.419438][T10991] can0: slcan on ttyS3.
[  168.432183][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.454755][T10993] loop3: detected capacity change from 0 to 128
[  168.461346][T10987] can0 (unregistered): slcan off ttyS3.
[  168.491419][T10995] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  168.545450][T10986] netlink: 'syz.5.1987': attribute type 1 has an invalid length.
[  168.556721][T10986] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1987'.
[  168.698431][T11011] loop4: detected capacity change from 0 to 1024
[  168.706150][T11011] EXT4-fs: Ignoring removed nobh option
[  168.711861][T11011] EXT4-fs: Ignoring removed nobh option
[  168.718347][T11011] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  168.728164][T11011] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.1997: inode #4294967295: comm syz.4.1997: iget: illegal inode #
[  168.742534][T11011] EXT4-fs (loop4): no journal found
[  168.747802][T11011] EXT4-fs (loop4): can't get journal size
[  168.758510][T11011] EXT4-fs (loop4): failed to initialize system zone (-22)
[  168.767202][T11013] siw: device registration error -23
[  168.773462][T11011] EXT4-fs (loop4): mount failed
[  168.969282][T11028] loop4: detected capacity change from 0 to 4096
[  168.978827][T11028] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.981880][T11033] loop1: detected capacity change from 0 to 512
[  169.012329][T11033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.025149][T11033] ext4 filesystem being mounted at /449/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  169.037865][T11033] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.2005: corrupted inode contents
[  169.049924][T11033] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #2: comm syz.1.2005: mark_inode_dirty error
[  169.061478][T11033] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.2005: corrupted inode contents
[  169.074118][T11033] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #2: comm syz.1.2005: corrupted inode contents
[  169.176848][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.698773][T11065] can0: slcan on ttyS3.
[  169.750467][T11065] can0 (unregistered): slcan off ttyS3.
[  169.758648][T11066] can0: slcan on ttyS3.
[  169.810398][T11064] can0 (unregistered): slcan off ttyS3.
[  169.827623][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.851095][T11072] loop3: detected capacity change from 0 to 128
[  169.895546][T11078] loop1: detected capacity change from 0 to 1024
[  169.912739][T11078] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.925200][   T29] kauditd_printk_skb: 3666 callbacks suppressed
[  169.925217][   T29] audit: type=1326 audit(1760575436.006:29564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  169.960382][   T29] audit: type=1326 audit(1760575436.006:29565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  169.984145][   T29] audit: type=1326 audit(1760575436.006:29566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f96c84eef03 code=0x7ffc0000
[  170.007671][   T29] audit: type=1326 audit(1760575436.006:29567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f96c84eef87 code=0x7ffc0000
[  170.031285][   T29] audit: type=1326 audit(1760575436.006:29568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f96c84a632d code=0x7ffc0000
[  170.055077][   T29] audit: type=1326 audit(1760575436.006:29569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f96c8523609 code=0x7ffc0000
[  170.079146][   T29] audit: type=1326 audit(1760575436.006:29570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f96c84a6397 code=0x7ffc0000
[  170.102916][   T29] audit: type=1326 audit(1760575436.006:29571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  170.126959][   T29] audit: type=1326 audit(1760575436.006:29572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c84eeec9 code=0x7ffc0000
[  170.151160][   T29] audit: type=1326 audit(1760575436.006:29573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.3.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f96c84a5aa7 code=0x7ffc0000
[  170.180611][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.204773][T11097] FAULT_INJECTION: forcing a failure.
[  170.204773][T11097] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.218292][T11097] CPU: 0 UID: 0 PID: 11097 Comm:  Not tainted syzkaller #0 PREEMPT(voluntary) 
[  170.218355][T11097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  170.218370][T11097] Call Trace:
[  170.218378][T11097]  <TASK>
[  170.218388][T11097]  __dump_stack+0x1d/0x30
[  170.218416][T11097]  dump_stack_lvl+0xe8/0x140
[  170.218442][T11097]  dump_stack+0x15/0x1b
[  170.218464][T11097]  should_fail_ex+0x265/0x280
[  170.218548][T11097]  should_fail+0xb/0x20
[  170.218633][T11097]  should_fail_usercopy+0x1a/0x20
[  170.218657][T11097]  _copy_from_user+0x1c/0xb0
[  170.218687][T11097]  ___sys_sendmsg+0xc1/0x1d0
[  170.218740][T11097]  __x64_sys_sendmsg+0xd4/0x160
[  170.218837][T11097]  x64_sys_call+0x191e/0x3000
[  170.218943][T11097]  do_syscall_64+0xd2/0x200
[  170.218974][T11097]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  170.219071][T11097]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  170.219101][T11097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.219131][T11097] RIP: 0033:0x7f5d6e35eec9
[  170.219229][T11097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.219255][T11097] RSP: 002b:00007f5d6cdbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.219281][T11097] RAX: ffffffffffffffda RBX: 00007f5d6e5b5fa0 RCX: 00007f5d6e35eec9
[  170.219298][T11097] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  170.219315][T11097] RBP: 00007f5d6cdbf090 R08: 0000000000000000 R09: 0000000000000000
[  170.219400][T11097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.219417][T11097] R13: 00007f5d6e5b6038 R14: 00007f5d6e5b5fa0 R15: 00007ffdae8f3d88
[  170.219443][T11097]  </TASK>
[  170.419779][T11105] loop4: detected capacity change from 0 to 512
[  170.455869][T11105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.479846][T11109] loop1: detected capacity change from 0 to 512
[  170.486880][T11105] ext4 filesystem being mounted at /342/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.499178][T11109] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  170.512386][T11105] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2029: corrupted inode contents
[  170.512955][T11115] SET target dimension over the limit!
[  170.525898][T11105] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2029: mark_inode_dirty error
[  170.543401][T11105] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2029: corrupted inode contents
[  170.546577][T11109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.558062][T11105] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2029: corrupted inode contents
[  170.569296][T11109] ext4 filesystem being mounted at /453/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.616413][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.685092][T11130] loop1: detected capacity change from 0 to 1024
[  170.708377][T11130] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.726430][T11134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2037'.
[  170.736359][T11134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2037'.
[  170.761993][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.826869][T11144] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2040'.
[  170.855084][ T3400] IPVS: starting estimator thread 0...
[  170.888099][T11150] loop3: detected capacity change from 0 to 128
[  170.896854][T11150] syz.3.2041: attempt to access beyond end of device
[  170.896854][T11150] loop3: rw=2051, sector=128, nr_sectors = 913 limit=128
[  170.980429][T11145] IPVS: using max 2352 ests per chain, 117600 per kthread
[  171.354760][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.390840][T11162] SET target dimension over the limit!
[  171.399208][T11166] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.420150][T11168] netlink: 'syz.5.2047': attribute type 1 has an invalid length.
[  171.474324][T11168] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2047'.
[  171.474396][T11168] 0ªX¹¦À: renamed from caif0
[  171.498672][T11168] 0ªX¹¦À: entered allmulticast mode
[  171.504067][T11168] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  171.524306][T11166] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.545521][T11176] loop4: detected capacity change from 0 to 1024
[  171.574673][T11176] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.595828][T11190] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2052'.
[  171.607542][T11166] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.618210][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.649931][T11194] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2054'.
[  171.672254][T11166] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.709210][T11199] loop1: detected capacity change from 0 to 1024
[  171.715987][T11199] EXT4-fs: Ignoring removed oldalloc option
[  171.722049][T11199] EXT4-fs: Ignoring removed bh option
[  171.740940][T11199] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.744920][T11206] can0: slcan on ttyS3.
[  171.772538][ T5483] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.783530][T11199] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2056: Allocating blocks 497-513 which overlap fs metadata
[  171.791081][ T5483] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.812269][T11198] EXT4-fs (loop1): pa ffff888106e3fa10: logic 160, phys. 401, len 7
[  171.820365][T11198] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  171.830863][T11206] can0 (unregistered): slcan off ttyS3.
[  171.842097][T11208] can0: slcan on ttyS3.
[  171.852209][ T5483] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.864915][T11210] FAULT_INJECTION: forcing a failure.
[  171.864915][T11210] name failslab, interval 1, probability 0, space 0, times 0
[  171.870358][ T5483] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.877662][T11210] CPU: 1 UID: 0 PID: 11210 Comm: syz.3.2059 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  171.877703][T11210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  171.877721][T11210] Call Trace:
[  171.877731][T11210]  <TASK>
[  171.877744][T11210]  __dump_stack+0x1d/0x30
[  171.877778][T11210]  dump_stack_lvl+0xe8/0x140
[  171.877805][T11210]  dump_stack+0x15/0x1b
[  171.877827][T11210]  should_fail_ex+0x265/0x280
[  171.877936][T11210]  should_failslab+0x8c/0xb0
[  171.878076][T11210]  __kvmalloc_node_noprof+0x12e/0x670
[  171.878162][T11210]  ? xt_alloc_table_info+0x40/0x80
[  171.878207][T11210]  xt_alloc_table_info+0x40/0x80
[  171.878248][T11210]  do_ip6t_set_ctl+0x5a5/0x840
[  171.878466][T11210]  nf_setsockopt+0x199/0x1b0
[  171.878515][T11210]  ipv6_setsockopt+0x11a/0x130
[  171.878545][T11210]  udpv6_setsockopt+0x99/0xb0
[  171.878683][T11210]  sock_common_setsockopt+0x69/0x80
[  171.878737][T11210]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  171.878768][T11210]  __sys_setsockopt+0x184/0x200
[  171.878809][T11210]  __x64_sys_setsockopt+0x64/0x80
[  171.878862][T11210]  x64_sys_call+0x20ec/0x3000
[  171.878999][T11210]  do_syscall_64+0xd2/0x200
[  171.879093][T11210]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  171.879202][T11210]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  171.879236][T11210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.879266][T11210] RIP: 0033:0x7f96c84eeec9
[  171.879348][T11210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.879374][T11210] RSP: 002b:00007f96c6f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  171.879401][T11210] RAX: ffffffffffffffda RBX: 00007f96c8745fa0 RCX: 00007f96c84eeec9
[  171.879419][T11210] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[  171.879437][T11210] RBP: 00007f96c6f4f090 R08: 0000000000000328 R09: 0000000000000000
[  171.879455][T11210] R10: 00002000000010c0 R11: 0000000000000246 R12: 0000000000000001
[  171.879471][T11210] R13: 00007f96c8746038 R14: 00007f96c8745fa0 R15: 00007fff44a38a58
[  171.879513][T11210]  </TASK>
[  172.111128][T11205] can0 (unregistered): slcan off ttyS3.
[  172.132643][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.189331][T11214] SET target dimension over the limit!
[  172.373375][T11242] loop3: detected capacity change from 0 to 1024
[  172.401138][T11242] EXT4-fs: Ignoring removed nobh option
[  172.406961][T11242] EXT4-fs: Ignoring removed nobh option
[  172.438557][T11242] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  172.449116][T11242] EXT4-fs error (device loop3): ext4_get_journal_inode:5808: comm syz.3.2071: inode #4294967295: comm syz.3.2071: iget: illegal inode #
[  172.466921][T11242] EXT4-fs (loop3): no journal found
[  172.472423][T11242] EXT4-fs (loop3): can't get journal size
[  172.479305][T11242] EXT4-fs (loop3): failed to initialize system zone (-22)
[  172.486872][T11242] EXT4-fs (loop3): mount failed
[  172.508560][T11252] can0: slcan on ttyS3.
[  172.551972][T11252] can0 (unregistered): slcan off ttyS3.
[  172.587727][T11252] can0: slcan on ttyS3.
[  172.662636][T11273] netlink: 'syz.1.2082': attribute type 10 has an invalid length.
[  172.670746][T11251] can0 (unregistered): slcan off ttyS3.
[  172.678800][T11273] bond0: (slave batadv0): Error -22 calling dev_set_mtu
[  172.742060][T11268] SET target dimension over the limit!
[  172.775771][T11283] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2084'.
[  173.472519][T11309] can0: slcan on ttyS3.
[  173.510375][T11309] can0 (unregistered): slcan off ttyS3.
[  173.519593][T11309] can0: slcan on ttyS3.
[  173.560409][T11308] can0 (unregistered): slcan off ttyS3.
[  173.618879][T11322] FAULT_INJECTION: forcing a failure.
[  173.618879][T11322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.632613][T11322] CPU: 1 UID: 0 PID: 11322 Comm: syz.3.2100 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  173.632651][T11322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  173.632669][T11322] Call Trace:
[  173.632725][T11322]  <TASK>
[  173.632735][T11322]  __dump_stack+0x1d/0x30
[  173.632763][T11322]  dump_stack_lvl+0xe8/0x140
[  173.632789][T11322]  dump_stack+0x15/0x1b
[  173.632810][T11322]  should_fail_ex+0x265/0x280
[  173.632855][T11322]  should_fail+0xb/0x20
[  173.632941][T11322]  should_fail_usercopy+0x1a/0x20
[  173.632968][T11322]  _copy_from_user+0x1c/0xb0
[  173.633060][T11322]  bpf_test_init+0xb9/0x140
[  173.633105][T11322]  bpf_prog_test_run_skb+0x161/0xbf0
[  173.633185][T11322]  ? __rcu_read_unlock+0x4f/0x70
[  173.633220][T11322]  ? __fget_files+0x184/0x1c0
[  173.633290][T11322]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  173.633326][T11322]  bpf_prog_test_run+0x22a/0x390
[  173.633366][T11322]  __sys_bpf+0x4c0/0x7c0
[  173.633438][T11322]  __x64_sys_bpf+0x41/0x50
[  173.633469][T11322]  x64_sys_call+0x2aee/0x3000
[  173.633492][T11322]  do_syscall_64+0xd2/0x200
[  173.633517][T11322]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  173.633607][T11322]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  173.633630][T11322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.633712][T11322] RIP: 0033:0x7f96c84eeec9
[  173.633728][T11322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.633747][T11322] RSP: 002b:00007f96c6f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  173.633768][T11322] RAX: ffffffffffffffda RBX: 00007f96c8745fa0 RCX: 00007f96c84eeec9
[  173.633781][T11322] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  173.633867][T11322] RBP: 00007f96c6f4f090 R08: 0000000000000000 R09: 0000000000000000
[  173.633879][T11322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.633892][T11322] R13: 00007f96c8746038 R14: 00007f96c8745fa0 R15: 00007fff44a38a58
[  173.633912][T11322]  </TASK>
[  173.640112][T11324] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.892791][T11324] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.973969][T11341] bridge0: entered promiscuous mode
[  173.989524][T11343] loop5: detected capacity change from 0 to 128
[  173.996774][T11341] macsec1: entered promiscuous mode
[  174.005545][T11341] bridge0: port 3(macsec1) entered blocking state
[  174.012348][T11341] bridge0: port 3(macsec1) entered disabled state
[  174.023710][T11341] macsec1: entered allmulticast mode
[  174.029079][T11341] bridge0: entered allmulticast mode
[  174.035271][T11341] macsec1: left allmulticast mode
[  174.040414][T11341] bridge0: left allmulticast mode
[  174.046535][T11341] bridge0: left promiscuous mode
[  174.069022][T11324] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.132287][T11324] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.201043][ T5483] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.213413][ T5483] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.225398][  T161] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.239950][  T161] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.282412][T11352] can0: slcan on ttyS3.
[  174.310371][T11352] can0 (unregistered): slcan off ttyS3.
[  174.322234][T11352] can0: slcan on ttyS3.
[  174.390462][T11355] can0 (unregistered): slcan off ttyS3.
[  174.436256][T11358] loop1: detected capacity change from 0 to 4096
[  174.445812][T11358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.667706][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.713582][T11374] SET target dimension over the limit!
[  174.739389][T11377] can0: slcan on ttyS3.
[  174.772248][T11376] bridge0: entered promiscuous mode
[  174.778192][T11376] macsec1: entered promiscuous mode
[  174.784486][T11377] can0 (unregistered): slcan off ttyS3.
[  174.791625][T11376] bridge0: port 3(macsec1) entered blocking state
[  174.798173][T11376] bridge0: port 3(macsec1) entered disabled state
[  174.812650][T11376] macsec1: entered allmulticast mode
[  174.818264][T11376] bridge0: entered allmulticast mode
[  174.828541][T11376] macsec1: left allmulticast mode
[  174.833771][T11376] bridge0: left allmulticast mode
[  174.839368][T11376] bridge0: left promiscuous mode
[  174.848504][T11382] can0: slcan on ttyS3.
[  174.900438][T11375] can0 (unregistered): slcan off ttyS3.
[  174.930728][T11389] can0: slcan on ttyS3.
[  175.020522][T11389] can0 (unregistered): slcan off ttyS3.
[  175.029047][T11394] can0: slcan on ttyS3.
[  175.110576][T11396] can0 (unregistered): slcan off ttyS3.
[  175.173615][   T29] kauditd_printk_skb: 2289 callbacks suppressed
[  175.173635][   T29] audit: type=1400 audit(1760575441.246:31861): avc:  denied  { create } for  pid=11403 comm="syz.1.2129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  175.225232][T11410] loop1: detected capacity change from 0 to 128
[  175.232387][   T29] audit: type=1400 audit(1760575441.246:31862): avc:  denied  { connect } for  pid=11403 comm="syz.1.2129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  175.252474][   T29] audit: type=1326 audit(1760575441.286:31863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.268865][T11402] SET target dimension over the limit!
[  175.276441][   T29] audit: type=1326 audit(1760575441.286:31864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.306157][   T29] audit: type=1326 audit(1760575441.286:31865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.329966][   T29] audit: type=1326 audit(1760575441.296:31866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.353777][   T29] audit: type=1326 audit(1760575441.296:31867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.377511][   T29] audit: type=1326 audit(1760575441.296:31868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.401867][   T29] audit: type=1326 audit(1760575441.296:31869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.425785][   T29] audit: type=1326 audit(1760575441.296:31870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  175.530584][T11418] loop5: detected capacity change from 0 to 1024
[  175.541382][T11418] EXT4-fs: Ignoring removed nobh option
[  175.547142][T11418] EXT4-fs: Ignoring removed nobh option
[  175.555915][T11418] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  175.570542][T11418] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: comm syz.5.2134: inode #4294967295: comm syz.5.2134: iget: illegal inode #
[  175.585134][T11418] EXT4-fs (loop5): no journal found
[  175.590529][T11418] EXT4-fs (loop5): can't get journal size
[  175.599046][T11418] EXT4-fs (loop5): failed to initialize system zone (-22)
[  175.606800][T11418] EXT4-fs (loop5): mount failed
[  175.673449][T11435] can0: slcan on ttyS3.
[  175.801994][T11435] can0 (unregistered): slcan off ttyS3.
[  175.819808][T11447] can0: slcan on ttyS3.
[  176.010540][T11434] can0 (unregistered): slcan off ttyS3.
[  176.239243][T11461] macsec1: entered promiscuous mode
[  176.244596][T11461] bridge0: entered promiscuous mode
[  176.255058][T11461] bridge0: port 3(macsec1) entered blocking state
[  176.261726][T11461] bridge0: port 3(macsec1) entered disabled state
[  176.271074][T11461] macsec1: entered allmulticast mode
[  176.276463][T11461] bridge0: entered allmulticast mode
[  176.283325][T11461] macsec1: left allmulticast mode
[  176.289275][T11461] bridge0: left allmulticast mode
[  176.304377][T11467] loop1: detected capacity change from 0 to 1024
[  176.318345][T11461] bridge0: left promiscuous mode
[  176.324149][T11467] EXT4-fs: Ignoring removed nobh option
[  176.329857][T11467] EXT4-fs: Ignoring removed nobh option
[  176.353382][T11467] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  176.365370][T11467] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: comm syz.1.2151: inode #4294967295: comm syz.1.2151: iget: illegal inode #
[  176.422756][T11463] SET target dimension over the limit!
[  176.430442][T11467] EXT4-fs (loop1): no journal found
[  176.435717][T11467] EXT4-fs (loop1): can't get journal size
[  176.519229][T11467] EXT4-fs (loop1): failed to initialize system zone (-22)
[  176.540383][T11467] EXT4-fs (loop1): mount failed
[  177.713761][T11516] loop3: detected capacity change from 0 to 1024
[  177.721074][T11516] EXT4-fs: Ignoring removed orlov option
[  177.730582][T11516] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  177.775035][T11516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.424588][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.501135][T11541] loop3: detected capacity change from 0 to 1024
[  178.514533][T11541] EXT4-fs: Ignoring removed nobh option
[  178.520217][T11541] EXT4-fs: Ignoring removed nobh option
[  178.531123][T11541] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  178.541108][T11541] EXT4-fs error (device loop3): ext4_get_journal_inode:5808: comm syz.3.2175: inode #4294967295: comm syz.3.2175: iget: illegal inode #
[  178.556607][T11541] EXT4-fs (loop3): no journal found
[  178.561911][T11541] EXT4-fs (loop3): can't get journal size
[  178.570078][T11541] EXT4-fs (loop3): failed to initialize system zone (-22)
[  178.586237][T11541] EXT4-fs (loop3): mount failed
[  178.711867][T11549] loop4: detected capacity change from 0 to 1024
[  178.720830][T11549] EXT4-fs: Ignoring removed nobh option
[  178.726677][T11549] EXT4-fs: Ignoring removed nobh option
[  178.732959][T11549] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  178.743236][T11549] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.2178: inode #4294967295: comm syz.4.2178: iget: illegal inode #
[  178.758657][T11549] EXT4-fs (loop4): no journal found
[  178.764012][T11549] EXT4-fs (loop4): can't get journal size
[  178.772745][T11549] EXT4-fs (loop4): failed to initialize system zone (-22)
[  178.783701][T11549] EXT4-fs (loop4): mount failed
[  178.874917][T11561] can0: slcan on ttyS3.
[  178.930716][T11561] can0 (unregistered): slcan off ttyS3.
[  178.939661][T11564] can0: slcan on ttyS3.
[  178.964781][T11565] macsec1: entered promiscuous mode
[  178.970213][T11565] bridge0: entered promiscuous mode
[  178.977081][T11565] bridge0: port 3(macsec1) entered blocking state
[  178.983639][T11565] bridge0: port 3(macsec1) entered disabled state
[  178.990561][T11565] macsec1: entered allmulticast mode
[  178.995908][T11565] bridge0: entered allmulticast mode
[  179.000384][T11560] can0 (unregistered): slcan off ttyS3.
[  179.007944][T11565] macsec1: left allmulticast mode
[  179.013089][T11565] bridge0: left allmulticast mode
[  179.018971][T11565] bridge0: left promiscuous mode
[  179.207506][T11571] can0: slcan on ttyS3.
[  179.280775][T11571] can0 (unregistered): slcan off ttyS3.
[  179.294466][T11574] can0: slcan on ttyS3.
[  179.370374][T11570] can0 (unregistered): slcan off ttyS3.
[  179.722195][T11605] loop1: detected capacity change from 0 to 1024
[  179.747016][T11605] EXT4-fs: Ignoring removed orlov option
[  179.763276][T11607] loop4: detected capacity change from 0 to 1024
[  179.770915][T11607] EXT4-fs: Ignoring removed nobh option
[  179.776825][T11607] EXT4-fs: Ignoring removed nobh option
[  179.777550][T11605] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.796984][T11607] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  179.809183][T11607] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.2199: inode #4294967295: comm syz.4.2199: iget: illegal inode #
[  179.838297][T11607] EXT4-fs (loop4): no journal found
[  179.843731][T11607] EXT4-fs (loop4): can't get journal size
[  179.861311][T11607] EXT4-fs (loop4): failed to initialize system zone (-22)
[  179.868641][T11607] EXT4-fs (loop4): mount failed
[  179.926096][T11612] loop4: detected capacity change from 0 to 1024
[  179.933309][T11612] EXT4-fs: Ignoring removed orlov option
[  179.939763][T11612] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  179.979989][T11612] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.055249][T11620] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.081976][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.112248][T11620] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.192356][T11620] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.210944][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.226813][   T29] kauditd_printk_skb: 1015 callbacks suppressed
[  180.226832][   T29] audit: type=1326 audit(1760575446.296:32886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.267881][   T29] audit: type=1326 audit(1760575446.326:32887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.292021][   T29] audit: type=1326 audit(1760575446.326:32888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.316156][   T29] audit: type=1326 audit(1760575446.326:32889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.339749][   T29] audit: type=1326 audit(1760575446.326:32890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.363476][   T29] audit: type=1326 audit(1760575446.326:32891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.387545][   T29] audit: type=1326 audit(1760575446.326:32892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.411521][   T29] audit: type=1326 audit(1760575446.326:32893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.435570][   T29] audit: type=1326 audit(1760575446.326:32894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.460357][   T29] audit: type=1326 audit(1760575446.326:32895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11631 comm="syz.2.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46a030eec9 code=0x7ffc0000
[  180.486599][T11620] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.578931][T10257] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.608316][T10257] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.625605][ T5483] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.641362][T11645] bridge0: entered promiscuous mode
[  180.653722][T11645] macsec1: entered promiscuous mode
[  180.666664][T11645] bridge0: port 3(macsec1) entered blocking state
[  180.673436][T11645] bridge0: port 3(macsec1) entered disabled state
[  180.695367][T11645] macsec1: entered allmulticast mode
[  180.701135][T11645] bridge0: entered allmulticast mode
[  180.794442][T11645] macsec1: left allmulticast mode
[  180.799603][T11645] bridge0: left allmulticast mode
[  180.805486][T11645] bridge0: left promiscuous mode
[  180.838838][ T5483] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.930914][T11655] loop5: detected capacity change from 0 to 4096
[  180.943590][T11655] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.966531][T11660] loop1: detected capacity change from 0 to 1024
[  180.973570][T11660] EXT4-fs: Ignoring removed orlov option
[  180.979889][T11660] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  181.002011][T11660] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.054335][T11665] loop4: detected capacity change from 0 to 1024
[  181.061551][T11665] EXT4-fs: Ignoring removed orlov option
[  181.068058][T11665] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  181.082189][T11665] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.140000][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.150558][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.238141][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.287646][T11669] SET target dimension over the limit!
[  181.316179][T11678] can0: slcan on ttyS3.
[  181.317994][T11673] SET target dimension over the limit!
[  181.360567][T11682] can0 (unregistered): slcan off ttyS3.
[  181.620510][T11695] loop4: detected capacity change from 0 to 1024
[  181.628240][T11695] EXT4-fs: Ignoring removed nobh option
[  181.634097][T11695] EXT4-fs: Ignoring removed nobh option
[  181.640761][T11695] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  181.651037][T11695] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: comm syz.4.2228: inode #4294967295: comm syz.4.2228: iget: illegal inode #
[  181.674135][T11695] EXT4-fs (loop4): no journal found
[  181.679442][T11695] EXT4-fs (loop4): can't get journal size
[  181.687040][T11695] EXT4-fs (loop4): failed to initialize system zone (-22)
[  181.694971][T11695] EXT4-fs (loop4): mount failed
[  182.232226][T11714] SET target dimension over the limit!
[  182.375250][T11725] loop1: detected capacity change from 0 to 1024
[  182.383549][T11725] EXT4-fs: Ignoring removed nobh option
[  182.385624][T11727] can0: slcan on ttyS3.
[  182.389469][T11725] EXT4-fs: Ignoring removed nobh option
[  182.402978][T11725] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  182.413465][T11725] EXT4-fs error (device loop1): ext4_get_journal_inode:5808: comm syz.1.2239: inode #4294967295: comm syz.1.2239: iget: illegal inode #
[  182.430762][T11729] loop5: detected capacity change from 0 to 512
[  182.438426][T11725] EXT4-fs (loop1): no journal found
[  182.443775][T11725] EXT4-fs (loop1): can't get journal size
[  182.451627][T11725] EXT4-fs (loop1): failed to initialize system zone (-22)
[  182.459423][T11725] EXT4-fs (loop1): mount failed
[  182.464883][T11729] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.477814][T11729] ext4 filesystem being mounted at /242/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  182.490741][T11727] can0 (unregistered): slcan off ttyS3.
[  182.493186][T11729] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.2241: corrupted inode contents
[  182.499948][T11733] can0: slcan on ttyS3.
[  182.510864][T11729] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.2241: mark_inode_dirty error
[  182.533732][T11729] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.2241: corrupted inode contents
[  182.590798][T11726] can0 (unregistered): slcan off ttyS3.
[  182.667109][T11747] can0: slcan on ttyS3.
[  182.700549][T11747] can0 (unregistered): slcan off ttyS3.
[  182.709083][T11751] can0: slcan on ttyS3.
[  182.760472][T11751] can0 (unregistered): slcan off ttyS3.
[  182.770022][T11747] can0: slcan on ttyS3.
[  182.843768][T11754] can0 (unregistered): slcan off ttyS3.
[  182.884868][T11770] can0: slcan on ttyS3.
[  182.930757][T11770] can0 (unregistered): slcan off ttyS3.
[  182.939996][T11770] can0: slcan on ttyS3.
[  182.986776][T11776] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.000470][T11769] can0 (unregistered): slcan off ttyS3.
[  183.043814][T11776] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.092896][T11776] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.116181][T11788] can0: slcan on ttyS3.
[  183.142118][T11776] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.160660][T11788] can0 (unregistered): slcan off ttyS3.
[  183.171464][T11788] can0: slcan on ttyS3.
[  183.212877][T10263] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.260552][T11787] can0 (unregistered): slcan off ttyS3.
[  183.260736][T10263] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.279306][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.288993][T10263] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.297681][T10263] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.339192][T11798] loop5: detected capacity change from 0 to 512
[  183.356282][T11798] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.370639][T11798] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  183.382480][T11805] rdma_rxe: rxe_newlink: failed to add bond0
[  183.641164][T11814] can0: slcan on ttyS3.
[  183.700427][T11814] can0 (unregistered): slcan off ttyS3.
[  183.709366][T11816] can0: slcan on ttyS3.
[  183.770375][T11813] can0 (unregistered): slcan off ttyS3.
[  183.838894][T11822] can0: slcan on ttyS3.
[  183.886070][T11823] SET target dimension over the limit!
[  183.891064][T11822] can0 (unregistered): slcan off ttyS3.
[  183.900650][T11824] can0: slcan on ttyS3.
[  183.954624][T11826] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.960331][T11821] can0 (unregistered): slcan off ttyS3.
[  183.992048][T11826] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.042254][T11826] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.080718][T11833] macsec1: entered promiscuous mode
[  184.086500][T11833] bridge0: entered promiscuous mode
[  184.093508][T11833] bridge0: port 3(macsec1) entered blocking state
[  184.100326][T11833] bridge0: port 3(macsec1) entered disabled state
[  184.107926][T11833] macsec1: entered allmulticast mode
[  184.113477][T11833] bridge0: entered allmulticast mode
[  184.119657][T11833] macsec1: left allmulticast mode
[  184.125312][T11833] bridge0: left allmulticast mode
[  184.131288][T11833] bridge0: left promiscuous mode
[  184.140825][T11826] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.315136][T10257] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.361037][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.432420][T10257] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.515146][T10257] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.588009][T10257] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.696693][T11843] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.762698][T11843] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.791681][T11841] SET target dimension over the limit!
[  184.812399][T11843] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.862322][T11843] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.080334][T11864] tmpfs: Unknown parameter 'mÂLave'
[  185.128388][T11868] can0: slcan on ttyS3.
[  185.148342][T11860] SET target dimension over the limit!
[  185.190695][T11868] can0 (unregistered): slcan off ttyS3.
[  185.198926][T11870] can0: slcan on ttyS3.
[  185.231333][T11867] can0 (unregistered): slcan off ttyS3.
[  185.261145][T11879] loop4: detected capacity change from 0 to 512
[  185.279527][T11879] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.292500][T11879] ext4 filesystem being mounted at /394/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.307402][T11879] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2295: corrupted inode contents
[  185.319986][T11879] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2295: mark_inode_dirty error
[  185.332072][T11879] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2295: corrupted inode contents
[  185.346259][T11879] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2295: corrupted inode contents
[  185.372804][T11885] bridge0: entered promiscuous mode
[  185.390402][T11885] macsec1: entered promiscuous mode
[  185.396946][T11885] bridge0: port 3(macsec1) entered blocking state
[  185.403602][T11885] bridge0: port 3(macsec1) entered disabled state
[  185.421688][T11885] macsec1: entered allmulticast mode
[  185.427486][T11885] bridge0: entered allmulticast mode
[  185.451209][T11885] macsec1: left allmulticast mode
[  185.456318][T11885] bridge0: left allmulticast mode
[  185.474945][T11885] bridge0: left promiscuous mode
[  185.695955][   T29] kauditd_printk_skb: 666 callbacks suppressed
[  185.695971][   T29] audit: type=1326 audit(1760575451.766:33562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.726144][   T29] audit: type=1326 audit(1760575451.786:33563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.750036][   T29] audit: type=1326 audit(1760575451.786:33564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.774336][   T29] audit: type=1326 audit(1760575451.786:33565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.798230][   T29] audit: type=1326 audit(1760575451.786:33566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.822349][   T29] audit: type=1326 audit(1760575451.786:33567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.846268][   T29] audit: type=1326 audit(1760575451.786:33568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.871933][   T29] audit: type=1326 audit(1760575451.786:33569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.896175][   T29] audit: type=1326 audit(1760575451.786:33570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  185.920108][   T29] audit: type=1326 audit(1760575451.786:33571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.1.2293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f5d6e35eec9 code=0x7ffc0000
[  186.148352][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.171634][T11900] loop5: detected capacity change from 0 to 1024
[  186.203339][T11900] EXT4-fs: Ignoring removed bh option
[  186.230179][T11900] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  186.311898][T11900] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.413183][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.436532][T11922] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.493100][T11922] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.544955][T11922] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.574319][T11935] can0: slcan on ttyS3.
[  186.602075][T11922] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.660748][T10260] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.677360][T10260] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.690431][T10260] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.696965][T11935] can0 (unregistered): slcan off ttyS3.
[  186.698993][T10260] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.717516][T11936] can0: slcan on ttyS3.
[  186.749399][T11938] loop5: detected capacity change from 0 to 1024
[  186.756284][T11938] EXT4-fs: Ignoring removed orlov option
[  186.762127][T11934] can0 (unregistered): slcan off ttyS3.
[  186.770854][T11938] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  186.793112][T11938] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.806090][T11942] loop4: detected capacity change from 0 to 512
[  186.832001][T11942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.844711][T11942] ext4 filesystem being mounted at /397/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.858075][T11942] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2316: corrupted inode contents
[  186.870540][T11942] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.2316: mark_inode_dirty error
[  186.882106][T11942] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.2316: corrupted inode contents
[  186.952157][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.639777][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.952605][T10263] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.970369][T10263] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.984242][T10263] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.000842][T10263] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.031426][T11978] can0: slcan on ttyS3.
[  188.060406][T11977] can0 (unregistered): slcan off ttyS3.
[  188.077974][T11978] can0: slcan on ttyS3.
[  188.140970][T11976] can0 (unregistered): slcan off ttyS3.
[  188.190217][T11989] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2333'.
[  188.264595][T11997] tipc: Started in network mode
[  188.270401][T11997] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  188.289319][T11997] tipc: Enabled bearer <udp:s>, priority 10
[  188.302681][T11997] siw: device registration error -23
[  188.358214][T12006] loop1: detected capacity change from 0 to 4096
[  188.371505][T12008] loop5: detected capacity change from 0 to 1024
[  188.373701][T12006] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.378849][T12008] EXT4-fs: Ignoring removed nobh option
[  188.396334][T12008] EXT4-fs: Ignoring removed nobh option
[  188.402370][T12008] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  188.412430][T12008] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: comm syz.5.2340: inode #4294967295: comm syz.5.2340: iget: illegal inode #
[  188.428879][T12008] EXT4-fs (loop5): no journal found
[  188.434238][T12008] EXT4-fs (loop5): can't get journal size
[  188.439325][T12011] can0: slcan on ttyS3.
[  188.447756][T12008] EXT4-fs (loop5): failed to initialize system zone (-22)
[  188.461968][T12008] EXT4-fs (loop5): mount failed
[  188.467518][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.501050][T12011] can0 (unregistered): slcan off ttyS3.
[  188.509269][T12014] can0: slcan on ttyS3.
[  188.580399][T12014] can0 (unregistered): slcan off ttyS3.
[  188.588961][T12020] can0: slcan on ttyS3.
[  188.612785][T12022] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.655959][T12013] can0 (unregistered): slcan off ttyS3.
[  188.702038][T12022] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.762627][T12022] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.778380][T12039] loop5: detected capacity change from 0 to 1024
[  188.791281][T12039] EXT4-fs: Ignoring removed orlov option
[  188.799279][T12039] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  188.842097][T12022] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.911118][T12039] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.937944][T12047] loop3: detected capacity change from 0 to 4096
[  188.962682][T12050] SET target dimension over the limit!
[  188.991052][T12047] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.033443][T10260] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.064572][T10260] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.108197][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.122321][T10260] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.131152][T10260] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.166000][T12055] can0: slcan on ttyS3.
[  189.240470][T12055] can0 (unregistered): slcan off ttyS3.
[  189.255773][T12057] can0: slcan on ttyS3.
[  189.271544][ T6247] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.350343][T12053] can0 (unregistered): slcan off ttyS3.
[  189.401345][ T3741] tipc: Node number set to 4269801488
[  189.554123][T12068] can0: slcan on ttyS3.
[  189.610547][T12070] can0 (unregistered): slcan off ttyS3.
[  189.619349][T12068] can0: slcan on ttyS3.
[  189.720533][T12072] can0 (unregistered): slcan off ttyS3.
[  189.818407][T12077] loop4: detected capacity change from 0 to 4096
[  189.857480][T12077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.913255][T12088] loop5: detected capacity change from 0 to 1024
[  189.935835][T12088] EXT4-fs: Ignoring removed orlov option
[  189.953814][T12091] SET target dimension over the limit!
[  189.975620][T12088] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  189.997343][T12093] bridge0: entered promiscuous mode
[  190.013936][T12093] macsec1: entered promiscuous mode
[  190.020807][T12093] bridge0: port 3(macsec1) entered blocking state
[  190.027340][T12093] bridge0: port 3(macsec1) entered disabled state
[  190.034682][T12093] macsec1: entered allmulticast mode
[  190.040016][T12093] bridge0: entered allmulticast mode
[  190.047252][T12093] macsec1: left allmulticast mode
[  190.052440][T12093] bridge0: left allmulticast mode
[  190.058893][T12093] bridge0: left promiscuous mode
[  190.091400][T12099] can0: slcan on ttyS3.
[  190.180493][T12099] can0 (unregistered): slcan off ttyS3.
[  190.191180][T12100] can0: slcan on ttyS3.
[  190.260543][T12098] can0 (unregistered): slcan off ttyS3.
[  190.403369][T12110] loop4: detected capacity change from 0 to 1024
[  190.471002][T12110] EXT4-fs: Ignoring removed orlov option
[  190.703697][T12112] ==================================================================
[  190.711842][T12112] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  190.719953][T12112] 
[  190.722297][T12112] write to 0xffff88811ad91bb0 of 4 bytes by task 12110 on cpu 0:
[  190.730570][T12112]  writeback_single_inode+0x150/0x3f0
[  190.736245][T12112]  sync_inode_metadata+0x5b/0x90
[  190.741209][T12112]  generic_buffers_fsync_noflush+0xd9/0x120
[  190.747209][T12112]  ext4_sync_file+0x1ab/0x690
[  190.751899][T12112]  vfs_fsync_range+0x10d/0x130
[  190.756772][T12112]  ext4_buffered_write_iter+0x34f/0x3c0
[  190.762590][T12112]  ext4_file_write_iter+0x387/0xf60
[  190.767901][T12112]  iter_file_splice_write+0x666/0xa60
[  190.773327][T12112]  direct_splice_actor+0x156/0x2a0
[  190.778454][T12112]  splice_direct_to_actor+0x312/0x680
[  190.784107][T12112]  do_splice_direct+0xda/0x150
[  190.788949][T12112]  do_sendfile+0x380/0x650
[  190.793385][T12112]  __x64_sys_sendfile64+0x105/0x150
[  190.798610][T12112]  x64_sys_call+0x2bb4/0x3000
[  190.803300][T12112]  do_syscall_64+0xd2/0x200
[  190.807817][T12112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.813718][T12112] 
[  190.816064][T12112] read to 0xffff88811ad91bb0 of 4 bytes by task 12112 on cpu 1:
[  190.823790][T12112]  vfs_fsync_range+0x9b/0x130
[  190.828570][T12112]  ext4_buffered_write_iter+0x34f/0x3c0
[  190.834160][T12112]  ext4_file_write_iter+0x387/0xf60
[  190.839403][T12112]  iter_file_splice_write+0x666/0xa60
[  190.844789][T12112]  direct_splice_actor+0x156/0x2a0
[  190.849998][T12112]  splice_direct_to_actor+0x312/0x680
[  190.855391][T12112]  do_splice_direct+0xda/0x150
[  190.860202][T12112]  do_sendfile+0x380/0x650
[  190.864721][T12112]  __x64_sys_sendfile64+0x105/0x150
[  190.869938][T12112]  x64_sys_call+0x2bb4/0x3000
[  190.874664][T12112]  do_syscall_64+0xd2/0x200
[  190.879234][T12112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.885227][T12112] 
[  190.887551][T12112] value changed: 0x00000070 -> 0x00000002
[  190.893303][T12112] 
[  190.895631][T12112] Reported by Kernel Concurrency Sanitizer on:
[  190.901784][T12112] CPU: 1 UID: 0 PID: 12112 Comm: syz.4.2374 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  190.911613][T12112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  190.921764][T12112] ==================================================================
[  190.941603][T12114] can0: slcan on ttyS3.
[  190.990534][T12114] can0 (unregistered): slcan off ttyS3.
[  190.999946][T12116] can0: slcan on ttyS3.
[  191.040521][T12116] can0 (unregistered): slcan off ttyS3.
[  191.050382][T12116] can0: slcan on ttyS3.
[  191.100363][T12115] can0 (unregistered): slcan off ttyS3.