last executing test programs:

2m16.582458165s ago: executing program 1 (id=644):
r0 = socket$inet6(0xa, 0x815, 0x0)
socket(0x1e, 0x805, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000004000000040000000200010000180000", @ANYRES32, @ANYBLOB="0000000000000000000000000000e2366addc65bfa4554cb6a2fbd61062649418dfdda4c44b539ac4664a7c44c75ff2aac9553768238c3f1abf7ce09182583", @ANYRES32, @ANYBLOB="00000000ffffffff00"/28], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5b67000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x1fc, 0x3}, 0x102802, 0x2e, 0x0, 0x5, 0xfff, 0xe9, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffb, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000000)="46a1a0995a02", 0x0, 0x0, 0x14, 0x0, 0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x4}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff020400", 0x4)
semtimedop(0x0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2}], 0x1)

2m13.753284335s ago: executing program 1 (id=652):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x4008046}, 0x24040845)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xd, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xbc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xc}, 0xc000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x22020400)
poll(0x0, 0x0, 0x9)
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
socketpair(0x21, 0x6, 0x800, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r4, &(0x7f0000002dc0)={&(0x7f0000001640)=@l2tp6={0xa, 0x0, 0x7fff, @local, 0x8}, 0x80, &(0x7f0000000340)=[{0x0}], 0x1}, 0x41)
r5 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1)
r6 = dup(r5)
r7 = memfd_create(&(0x7f0000002600)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00x\xdd\x02', 0x0)
copy_file_range(r7, 0x0, r6, 0x0, 0x7, 0x0)
setsockopt$sock_attach_bpf(r4, 0x84, 0x1e, &(0x7f0000000000), 0x4)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={'ipvlan0\x00', @random="0200ff7fffff"})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
stat(&(0x7f00000034c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000000202050000000000303d00000700000108000840000000010600074000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b000000"], 0xcfa4)

2m12.775141095s ago: executing program 1 (id=656):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x42001)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x374a76c8977093c, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x81}, 0x100000, 0x400000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r5)
r7 = creat(&(0x7f0000000080)='./bus\x00', 0x154)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x4}, 0x0)
getuid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0xfd, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x84, 0xfffffffffffffffe, 0x10000, 0xf, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, r7, 0x1)
setsockopt$inet_sctp_SCTP_MAXSEG(r7, 0x84, 0xd, 0x0, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
msgget(0x2, 0x624)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x4)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x0, 'client1\x00', 0xffffffff80000004, "00000000ffffffe3", "71a19060009f0000000000005c4100a0200010040400", 0x800000, 0x40})
syz_emit_ethernet(0x11, &(0x7f0000000440)={@random="856b934629fa", @local, @void, {@llc_tr={0x11, {@llc={0xa6e64372c39a3c7e, 0xe, "f9"}}}}}, 0x0)

2m9.347492495s ago: executing program 1 (id=663):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x201d810, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a1)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r1, 0xee01)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x80)
socket(0x10, 0x803, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x1, 0xfffffffffffffff0}, 0x3830, 0x1, 0xbd6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1c, &(0x7f00000003c0)={@remote}, 0x14)
r5 = socket$kcm(0x10, 0x2, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_setup(0x202, 0x0)
r6 = eventfd(0x80)
io_submit(0x0, 0x4, &(0x7f0000000540)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x6, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x1}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7, 0x1, r5, 0x0, 0x0, 0x81, 0x0, 0x1}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0xff, r5, &(0x7f0000000180)="29a59cdb1520745294282c028c859f682a48c26a7cf3b985e6a91c03ae8e59c77712efbca5f585f86d46408e31a1517f171d69a2fd76ce519dc0864f0cfe2c6b37c75b3ef5839eb97ef827ef7b", 0x4d, 0xbd11, 0x0, 0x3, r6}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x9, r3, &(0x7f0000000400)="b2cad94f5b8d29cffc5dea4518429d52cfee9674b984214477fe2578d148a278aaf3090bd9803970049625e3f5514427cae2e73f2225d0927c4085b256c922b1a0fc47b5b230476f39fa84a3f3c1395d40931655d310c4ee8cd5d25ad5c118b5debe931b8310433d695dd267110572cb79868fd67239cd4b9ab224f8f9c811a042efa20918afdd8638232a5fffa21d09b6d5587462ed14ef1703e8765fd91cfd428c4a15926513f752de2414c51458e5709567c8571bf322d6f108d14700e61e52586e0308b546d674", 0xc9, 0x9, 0x0, 0x1, r6}])
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00')
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xd)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)

2m8.907274949s ago: executing program 1 (id=668):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="611570000000000061136c0000000000bfa000000000000014000000ee0016055e03010000000000040500000001000069163e0000000000bf07000000000000260507000fff0720d706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socket$unix(0x1, 0x1, 0x0)
fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@mpls_delroute={0x1c, 0x19, 0x50c668cbae6a51b3, 0x70bd29, 0x25dfdc01, {0x1c, 0x80, 0x10, 0x7, 0xfc, 0x3, 0xfd, 0x4, 0x100}}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x44, 0x16, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x18, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x6c}}, 0x800)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14}}, 0x70}}, 0x24040884)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'geneve0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000011000100000002000006000000000000", @ANYRES64=r4], 0x20}}, 0x44800)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0x4, 0xfff3}, {}, {0xfff2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}, @TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8858}, 0x20004804)

2m7.991349718s ago: executing program 1 (id=671):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket(0x10, 0x80003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x8100}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xb, "000b000000020400"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)

2m7.972677698s ago: executing program 32 (id=671):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket(0x10, 0x80003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x8100}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xb, "000b000000020400"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)

6.886470871s ago: executing program 0 (id=1538):
r0 = syz_ublk_setup_io_uring(0x34cf, &(0x7f0000000140)={0x0, 0x5607, 0x40, 0x0, 0x1b1}, &(0x7f00000001c0), 0x0, &(0x7f0000000240))
r1 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, 0xfffffffb, 0x0, r0}, &(0x7f0000ffe000), &(0x7f0000000100), &(0x7f0000000000))
r2 = socket(0x1d, 0x2, 0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0xffffffffffffffff, 0xfffffffffffffff4, 0x4a, 0x5, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a9, 0x2000000003, 0xc39, 0x8000003, 0x8, 0x100000000, 0x2, 0xa51, 0x8, 0x6, 0x800000000000001, 0x7, 0xfffffffffffffffb, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0xf, 0x8000000001000000, 0x7, 0x1, 0x8, 0x8, 0x6a8, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffffb, 0x4, 0x3, 0x8000000000000000, 0x5, 0x9, 0x80008000, 0x8000000000000000, 0x40000000000004, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x0, 0x4, 0x8000, 0xc9, 0x80, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x26, 0xffffffffffffffff, 0x7, 0xbfa, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x7, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x1, 0x300000003, 0x5, 0x7, 0x406, 0x3, 0x6, 0x3, 0x1, 0x3, 0x100000000010000, 0x7fffffff, 0x7, 0x3, 0x1]})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000fe4000/0x11000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r3 = io_uring_setup(0x7025, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000380)=0xe, 0x4)
io_uring_enter(r3, 0x2219, 0x7721, 0x52, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401f, 0x68180, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6f, 0x0, @perf_config_ext={0x4, 0x1}, 0x10c0e8, 0x3, 0x7, 0x3, 0x6, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
setsockopt$X25_QBITINCL(r2, 0x106, 0x1, &(0x7f00000002c0), 0x4)
r4 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x380407b, 0x0, 0x1, 0x0, &(0x7f0000000040))
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x102, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r2, 0x6a, 0x4, 0xfffffffa, 0x1f)
shutdown(r2, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x2, 0x0, 0xfe)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f0000000280))

6.502859583s ago: executing program 0 (id=1547):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_GET_NAME(0x10, &(0x7f0000000340)=""/131)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

6.436026485s ago: executing program 0 (id=1549):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="8510000004000000950080000000000018000000000000000000000000000002950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'gretap0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0xfffffffffffffff8}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r6)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="020000009eddd9b3f440b9", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xd, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1808000000000000000000002000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b70300002bb91a008500000008000000bc0900000000000045090100002000009500000000000000850000000c000000bf9800000000000056090000000000008500000084000000b70000000000000095000000000000006a9f121c1e1b1c712f5d32f5a7bfb6f0787817032d44b0c29972918fa8bd6d113245231e1b9cddea98bbc324e1c5242c775b717ac52b2e4a63eaf17c588e754e649664ef46eafe5f8271985168f477bd5cba5679fa9d31acab0ed63d3468705c14cc8c45393022235d12eb1f8e17e7"], &(0x7f0000000980)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, @sock_ops=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
sendto$packet(r2, &(0x7f0000000680)="3f031c00eee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdc9435e3ffe4612b470d15be1dec450b4ec826d0474ae650acaa2e5685ce20b047aa872effbe0a4a4ee6f1743473d3f9e546244c3561a366932fe389c405d98fddbfaf94b0a0eb1a0497eac6a83b946f277a28eadf2491cb010de7676f6b2c4c23b844d0c504193ee3d5fc41ac012ddd59b44c05aface028fd56038ea888f7725682795e26c2159572fa25dea0330c95dfb", 0xd3, 0x4040840, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r9, 0x560a, &(0x7f0000001040)={0x0, 0x1, 0x4, 0x20, 0x0, "0000e5ff0100"})
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x4, 0x2133, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_bp={&(0x7f00000001c0), 0x19}, 0x100, 0x8000000, 0x0, 0x2, 0xfff, 0xa001, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000002100)=ANY=[@ANYBLOB="1e00000000000000070000003a"], 0x50)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x8c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)

5.163067916s ago: executing program 4 (id=1559):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_GET_NAME(0x10, &(0x7f0000000340)=""/131)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

5.074586949s ago: executing program 4 (id=1560):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa00, 0x0, 0x101, 0x100, 0x5000}})

4.915902304s ago: executing program 4 (id=1563):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x40182, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000100), 0x21c004, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2091"])
copy_file_range(r0, &(0x7f00000000c0)=0x2, r1, &(0x7f0000000140)=0x6, 0x9, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000080)='memory.numa_stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x3]}, 0x8)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_print_times', 0x90201, 0x80)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000000090101000000000000000002000003300002002c00018014000300000000000000000000000000000000011400040000000000000000000000000000000101"], 0x44}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000000))

4.915632374s ago: executing program 4 (id=1564):
add_key$keyring(&(0x7f0000000500), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
add_key$fscrypt_provisioning(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000440)={0x2, 0x0, @a}, 0x48, 0x0)
write(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x80001009, 0x0, 0x0, 'queue0\x00', 0xfffffffc})
r3 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r3, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
connect$inet(r3, 0x0, 0x0)
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000500)={0x0, 0xe, 0x1, 'queue0\x00'})
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x41000, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10000, 0x8}, 0x0, 0xa, 0xffffffffffffffff, 0x8)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x109, 0x0, 0x0, 0x0, &(0x7f0000000000))
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x14, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48)
memfd_create(0x0, 0x2)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f00000001c0)={r5, &(0x7f00000000c0), 0x0}, 0x20)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, 0x0, 0x0)
sendmsg$rds(r6, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r8, 0x84, 0x74, 0x0, &(0x7f00000001c0))
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080b01000000e8fe55a1180015000600142603600e120800180000000401080016000a00014006001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

4.863559966s ago: executing program 3 (id=1568):
pipe(0x0)
fsopen(&(0x7f0000000000)='sysv\x00', 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x129c81, 0x0)
ppoll(&(0x7f0000000280)=[{r0, 0x6200}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = socket(0xa, 0x801, 0x0)
getsockopt(r1, 0x0, 0x40, &(0x7f0000b3ffac)=""/84, 0x0)
socket(0x840000000002, 0x80000, 0x100)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES16=r2], 0x20}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800dd8d000000000000"], 0x24}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2800000010000100010000000000850000000000", @ANYRES32=0x0, @ANYBLOB="200400000000000008001b0000000000"], 0x28}}, 0x0)

4.235565065s ago: executing program 2 (id=1571):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc097, 0x2, @perf_config_ext={0x288}, 0xa216, 0x6, 0x11000, 0x4, 0x9484, 0x2001, 0x400, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$FIONCLEX(r0, 0x5450)
r1 = syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x1, 0x5}, &(0x7f0000ff0000), &(0x7f0000000000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, 0x0, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x58)
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r4=>0x0})
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x2, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000384fb0157b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008512561c930000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.074307121s ago: executing program 4 (id=1572):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
syz_clone3(&(0x7f0000000080)={0x180801400, &(0x7f0000000000)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x2, 0x2}, 0x100a64, 0x10000, 0x804, 0x5, 0x8, 0x10001, 0xa48, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0x2, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000002c0)={[{@init_itable}, {@nobh}, {@nodiscard}]}, 0x3, 0x45c, &(0x7f0000000940)="$eJzs281vFGUYAPBnZtsCArYifvChVtHY+NFSQOXgQY0mHjAx0YMem7YQZKGG1kQIUTAGT8aYeDce/Rc86cUYTyZe9W5IiOECeFozuzN0d9ld6LLbLezvlwy873z0fZ6deXffmXc3gKE1mf2TRGyLiL8iYrxWbdxhsvbftSvn5q9fOTefRKXy3r9Jdb+rV87NF7sWx23NK1NpRPplEntatLt85uyJuXJ58XRen1k5+fHM8pmzLx4/OXds8djiqQOHDx86OPvKywde6kmeWUxXd3+2tHfX2x9++86Rr7N1aZF/Ux49Mtlp4zOVSo+bG6ztdeVkZICBsCaliMhO12i1/49HKVZP3ni89cVAgwP6qlKpVLa233y+AtzDkmis6/IwLIoP+uz+t1iaBwGv9W/4MXCXX6/dAGV5X8uX2paR6vOByO+Ntvep/cmI+OD8f99nS/TnOQQAQIOfs/HPC63Gf2k8XLff/fnc0EREPBAROyLiwYjYGREPRVT3fSQiHl1j+82TJDePf9JLXSV2m7Lx36v53Fbj+K8Y/cVEKa9tr+Y/mhw9Xl7cn78mUzG6KavPdmjjlzf//KbdtvrxX7Zk7RdjwTyOSyObGo9ZmFuZu5Oc612+ELF7pFX+yY2ZgCQidkXE7i7bOP7cj3vbbbt1/h30YJ6p8kPEs7Xzfz6a8i8knecnZzZHeXH/THFV3Oz3Py6+2679O8q/B7Lzf1/L6/9G/hNJ/Xzt8trbuPj3V23vabq9/seS96vlsXzdp3MrK6dnI8aSI7Wg69cfWD22qBf7Z/lP7Wvd/3fE6iuxJyKyi/ixiHg8Ip7IY38yIp6KiH0d8v/tjac/6j7//sryX1jT+V8tjEXzmtaF0olff2podOKm/K93Pv+HqqWpfM3tvP/dTlzdXc0AAABw90kjYlsk6fSNcppOT9e+L78zIi0vLa88f3Tpk1MLtd8ITESkxZOu8brnobP5bX2tfiEial8tKLYfzJ8bf1faUq1Pzy+VFwadPAy5rW36f+af0qCjA/rO77VgeOn/MLxu1f8/X6c4gPXn8x+GV4v+v2UQcQDrbVPLz39jfhgOTf3ftB8Mkab+v3lQcQDrr/vnf2M9jQNYf57/w1Ba3hK3/pF8x0Lxl7o8/J4txOiGCKNvhUg3RBgbtjB6l/eLwb0nAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9NL/AQAA//8kV94B")
getdents64(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x4580, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_bp={0x0, 0x8}, 0x102801, 0x9, 0x0, 0x3, 0xfff, 0x8001, 0x8f9, 0x0, 0x0, 0x0, 0x8000000000}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x7, &(0x7f0000000a40))
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
perf_event_open(0x0, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x1)
syz_usb_connect(0x4, 0x24, 0x0, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x40085507, &(0x7f0000000080)=0x1d)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x63, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x4, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
waitid$P_PIDFD(0x3, r0, 0x0, 0x40000004, 0x0)

3.968904064s ago: executing program 3 (id=1574):
prctl$PR_MCE_KILL(0x4e, 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000001c0)=0x5, 0x4)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xbc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x101001, 0x200)
r1 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f0000000500), &(0x7f0000000540)=0x4)
shutdown(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x5, 0x8, 0x8, 0x0, 0x1f, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x1}, 0xb06, 0x3, 0x8, 0x1, 0x7f, 0x800, 0x5, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x2, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x3f00, &(0x7f0000000780)}, 0x0)

2.52424151s ago: executing program 0 (id=1579):
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x2)
fchdir(r3)
mkdirat(r3, 0x0, 0x2)
r4 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40d9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x7, 0x1}, 0x204, 0x0, 0x43a1bd76, 0x6, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200c}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xe, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240))
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x19, 0x0)
set_mempolicy(0xffffbfff, &(0x7f0000000080)=0xfffffffffffffffd, 0x7)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_opts(r6, 0x0, 0x4, &(0x7f0000000080)="441f", 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/rt_cache\x00')
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000040)={[{@resgid}, {@stripe={'stripe', 0x3d, 0x40}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")

2.465979282s ago: executing program 5 (id=1580):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401f, 0x68180, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6f, 0x1, @perf_bp={0x0, 0x1}, 0x10c0e8, 0x0, 0x0, 0x3, 0x6, 0x8001, 0x7fff}, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/fib_triestat\x00')
preadv(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)=""/142, 0x8e}], 0x1, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00'})

2.427657633s ago: executing program 5 (id=1581):
r0 = socket$inet6(0xa, 0x815, 0x0)
socket(0x1e, 0x805, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000004000000040000000200010000180000", @ANYRES32, @ANYBLOB="0000000000000000000000000000e2366addc65bfa4554cb6a2fbd61062649418dfdda4c44b539ac4664a7c44c75ff2aac9553768238c3f1abf7ce09182583f9ef", @ANYRES32, @ANYBLOB="00000000ffffffff00"/28], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5b67000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x1fc, 0x3}, 0x102802, 0x2e, 0x0, 0x5, 0xfff, 0xe9, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffb, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000000)="46a1a0995a02", 0x0, 0x0, 0x14, 0x0, 0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x4}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff020400", 0x4)
semtimedop(0x0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2}], 0x1)

2.235238959s ago: executing program 3 (id=1582):
r0 = syz_ublk_setup_io_uring(0x34cf, &(0x7f0000000140)={0x0, 0x5607, 0x40, 0x0, 0x1b1}, &(0x7f00000001c0), 0x0, &(0x7f0000000240))
r1 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, 0xfffffffb, 0x0, r0}, &(0x7f0000ffe000), &(0x7f0000000100), &(0x7f0000000000))
r2 = socket(0x1d, 0x2, 0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0xffffffffffffffff, 0xfffffffffffffff4, 0x4a, 0x5, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a9, 0x2000000003, 0xc39, 0x8000003, 0x8, 0x100000000, 0x2, 0xa51, 0x8, 0x6, 0x800000000000001, 0x7, 0xfffffffffffffffb, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0xf, 0x8000000001000000, 0x7, 0x1, 0x8, 0x8, 0x6a8, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffffb, 0x4, 0x3, 0x8000000000000000, 0x5, 0x9, 0x80008000, 0x8000000000000000, 0x40000000000004, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x0, 0x4, 0x8000, 0xc9, 0x80, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x26, 0xffffffffffffffff, 0x7, 0xbfa, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x7, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x1, 0x300000003, 0x5, 0x7, 0x406, 0x3, 0x6, 0x3, 0x1, 0x3, 0x100000000010000, 0x7fffffff, 0x7, 0x3, 0x1]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004084)
r3 = io_uring_setup(0x7025, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000380)=0xe, 0x4)
io_uring_enter(r3, 0x2219, 0x7721, 0x52, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401f, 0x68180, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6f, 0x0, @perf_config_ext={0x4, 0x1}, 0x10c0e8, 0x3, 0x7, 0x3, 0x6, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
setsockopt$X25_QBITINCL(r2, 0x106, 0x1, &(0x7f00000002c0), 0x4)
r4 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x380407b, 0x0, 0x1, 0x0, &(0x7f0000000040))
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x102, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r2, 0x6a, 0x4, 0xfffffffa, 0x1f)
shutdown(r2, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x2, 0x0, 0xfe)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f0000000280))

2.2101754s ago: executing program 2 (id=1583):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x1}, 0x2002, 0x32, 0x43a1bd56, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140)={[{@nojournal_checksum}, {@auto_da_alloc}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
r1 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x8a, &(0x7f0000000500)={[{@jqfmt_vfsold}, {@data_err_ignore}, {@acl}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@init_itable_val={'init_itable', 0x3d, 0xfd}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}]}, 0x6, 0x473, &(0x7f0000001200)="$eJzs3MtvG8UfAPCv7Th9/+JfKY+WFkILouKRNOmDHrgUgcQBJCQ4FHEKSVqVug1qgkSrCloO5YgqcUcckfgLuFAuCDghcUICiSNCqlAvLZyM1t5NXcdO7MSxA/58JCcznlnNfHd37PGs1wEMrNHkTy5ie0T8EhEjtey9FUZr/+7cujz9163L07moVF7/M1etd/vW5emsarbdtlqmUlmm3WtvRUyVy7MX0vz4wrl3x+cvXnr2zLmp07OnZ89PHj9+5PC+4WOTR7sSZxLX7T0fzO3d/fKb11+dPnn97e+/TPq7PS2vj6NbRmt7t6knut1Yn+2oS+eG+tgROlKIiORwFavjfyQKsWWxbCRe+qivnQPWVaWSr2xqXXylAvyHJRN1YBBlb/TJ59/s0aOpx4Zw80QsrmPcSR+1kqHIp3WK6Wek9TAaESev/P1Z8oh1WocAAKh340REPNNs/pePB+rq/S+9hlKKiP9HxM6IuC8idkXE/RHVug9GxEMdtt94hWTp/KcysqrA2pTM/55Pr23dO//LZn9RKqS5HdX4i7lTZ8qzh9J9cjCKm5L8xDJtfPPiT5+0Kquf/yWPpP1sLpj244+hhgW6mamFqbXEXO/m1Yg9Q83izy3OeZP58e6I2LPKNs489cXeVmWlFeNfRhcm5ZXPI56sHf8r0RB/Jtfy+uTEc8cmj45vjvLsofHsrFjqhx+vvdaq/ZWP//q6eaMSWxvO/4bdWsptjpi/eOls9XrtfIcN/Bxx7dePW36mWe35P5x7o5oeTp97f2ph4cJExHDulaXPT97dNstn9ZPz/+CB5uN/Z7pNcvwfjojkJN4XEY9ExKNp3x+LiP0RcWCZXfDdC4+/03n8y6zKd1ES/0zT17/F87+UpO4e/84ThbPfftV5/Imt6fE/Us0dTLdp5/Wv3Q6udf8BAADAv0G++h34XH5sMZ3Pj43VvsO/K7bmy3PzC0+fmnvv/Eztu/KlKOazla6RuvXQiXQtL8tPNuQPp+vGnxa2VPNj03PlmX4HDwNuW4vxn/i9UPv/W197CKwr92vB4DL+YXAZ/zC4jH8YXMY/DK5m4//DPvQD6L0V3v+39KofQO+Z/8PgMv5hcK00/vf35l5koLda3hufX9Mt/xJ9Snw9vLbfamg/EfkNEvIGTRTaqHM1HYW1Z4rRtPJQ2z9mcU8ie1NfufKmpkV9fFECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoon8CAAD///T43is=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5b67000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x1fc, 0x4}, 0x102802, 0x2e, 0xfffffffb, 0x3, 0xfff, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT2(r4, &(0x7f0000000040), 0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x50)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x28011, r5, 0x0)
setuid(0x0)
syz_clone3(0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @remote, @void, {@ipv4={0x800, @dccp={{0x7, 0x4, 0x0, 0x1, 0x2c, 0x65, 0x0, 0x4, 0x21, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xc}, {[@generic={0x83, 0x2}, @cipso={0x86, 0x6, 0x2}]}}, {{0x4e21, 0x4e22, 0x4, 0x1, 0x5, 0x0, 0x0, 0x4, 0x0, "9cc7e8", 0x3, "94125f"}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x16, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
fallocate(r1, 0x0, 0x0, 0x8800000)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x8, 0x5, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x68, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0xd6, 0xa, 0x0, 0x0, 0x1000000, 0x61, 0x11, 0xc, 0x300}}, &(0x7f0000000000)='GPL\x00'}, 0x94)

2.078148564s ago: executing program 3 (id=1584):
r0 = socket$inet6(0xa, 0x815, 0x0)
socket(0x1e, 0x805, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000004000000040000000200010000180000", @ANYRES32, @ANYBLOB="0000000000000000000000000000e2366addc65bfa4554cb6a2fbd61062649418dfdda4c44b539ac4664a7c44c75ff2aac9553768238c3f1abf7ce09182583f9ef5b8d", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000ffffffff000000000000"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5b67000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x1fc, 0x3}, 0x102802, 0x2e, 0x0, 0x5, 0xfff, 0xe9, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffb, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000000)="46a1a0995a02", 0x0, 0x0, 0x14, 0x0, 0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x4}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff020400", 0x4)
semtimedop(0x0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2}], 0x1)

1.338213928s ago: executing program 5 (id=1585):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x30e600, 0x1000, 0x20da, 0x0, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x24, r2, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004400}, 0x8000)

1.247237761s ago: executing program 2 (id=1586):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x40182, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000100), 0x21c004, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2091"])
copy_file_range(r0, &(0x7f00000000c0)=0x2, r1, &(0x7f0000000140)=0x6, 0x9, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000080)='memory.numa_stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x3]}, 0x8)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_print_times', 0x90201, 0x80)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000000090101000000000000000002000003300002002c00018014000300000000000000000000000000000000011400040000000000000000000000000000000101"], 0x44}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000000))

1.231654851s ago: executing program 2 (id=1587):
r0 = creat(&(0x7f0000000640)='./file0\x00', 0xecf86c37d53049cc)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000140)='./file1\x00', 0xa4000021)
write$cgroup_devices(r0, &(0x7f0000000000)={'c', ' *:* ', 'm\x00'}, 0x8)
read(r1, 0x0, 0x20)
close(r1)
open$dir(&(0x7f0000000480)='./file0\x00', 0x20000, 0xe0)

1.187358493s ago: executing program 0 (id=1588):
socket$l2tp(0x2, 0x2, 0x73)
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000080)="d4", 0x1}], 0x1}, 0x8041)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e30025002d8d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r1, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001ec0)=""/4096, 0x1000}], 0x2}, 0x10000)

1.162004923s ago: executing program 0 (id=1589):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_lsm={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="8510000004000000950080000000000018000000000000000000000000000002950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'gretap0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0xfffffffffffffff8}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r6)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="020000009eddd9b3f440b9", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xd, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1808000000000000000000002000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b70300002bb91a008500000008000000bc0900000000000045090100002000009500000000000000850000000c000000bf9800000000000056090000000000008500000084000000b70000000000000095000000000000006a9f121c1e1b1c712f5d32f5a7bfb6f0787817032d44b0c29972918fa8bd6d113245231e1b9cddea98bbc324e1c5242c775b717ac52b2e4a63eaf17c588e754e649664ef46eafe5f8271985168f477bd5cba5679fa9d31acab0ed63d3468705c14cc8c45393022235d12eb1f8e17e7"], &(0x7f0000000980)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, @sock_ops=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
sendto$packet(r2, &(0x7f0000000680)="3f031c00eee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdc9435e3ffe4612b470d15be1dec450b4ec826d0474ae650acaa2e5685ce20b047aa872effbe0a4a4ee6f1743473d3f9e546244c3561a366932fe389c405d98fddbfaf94b0a0eb1a0497eac6a83b946f277a28eadf2491cb010de7676f6b2c4c23b844d0c504193ee3d5fc41ac012ddd59b44c05aface028fd56038ea888f7725682795e26c2159572fa25dea0330c95dfb", 0xd3, 0x4040840, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r9, 0x560a, &(0x7f0000001040)={0x0, 0x1, 0x4, 0x20, 0x0, "0000e5ff0100"})
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x4, 0x2133, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_bp={&(0x7f00000001c0), 0x19}, 0x100, 0x8000000, 0x0, 0x2, 0xfff, 0xa001, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000002100)=ANY=[@ANYBLOB="1e00000000000000070000003a"], 0x50)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x8c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)

1.151610894s ago: executing program 3 (id=1590):
socket$kcm(0xa, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20)
connect$unix(r1, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x303}, "b7a41f5d937e5523", "4705a7b6113b967d7314f7201eb2babf", 'O\x00', "ecba26893bcdc493"}, 0x28)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1)

453.988926ms ago: executing program 5 (id=1591):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000014c0)=ANY=[@ANYBLOB="140000001000010000001500000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320027000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x200000d1}, 0x44004000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

408.192307ms ago: executing program 5 (id=1592):
pipe(0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000040)={'ip6tnl0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb87, &(0x7f0000002380)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdras7W5LYcuQ9vNJZve9eSzvO02++9503nQC2LFGs5c0Yn9EfJ5EjBT704gYzEtDEYutf3dv6dpktiWxvPzOv0kkEXF36dpk+/9Kivc92Us1/2T89UvEM5W1/c4tXL3QaDanrxT1sfmLH47NLVw9PHuxcX76/PSlI6+OH5147diJV47d/9DQox3rwvH0sz/ffOO7G+e+/uPHEy98msSp2Fu0dR5Hv4zG6MrPpFM1It7rd2clqRTH0+04AQB48qQdc7j9MRKVvNQyEvXZUoMDAAAA+uKTiFgGAAAAtrnE+T8AAABsc+11AHeXrk22t3JXJACPy53TEVFr5X/7/v5WSzUW8/ehGIiI4XtJx51Brfu9a33ofzQifvjq+IFsiy26Dx/obvF6RDzXbfxP8vyvFX90Y3X+pxEx3of+R1fV5T88Pt3yv3VesHH+n+pD//IfAAAAAAAA+ufm6daF/LXX/9OV9T/R5fpfpcu1u4ex8fW/9HYfugG6uHM64vWOZ/vc68j/Qq1S1J7K1wMMJDOzzenxiHg6Ig7FwK6sPrFOH9/+dPLvXm2d6/+yLeu/vRawiON2ddf/PzPVmG88yjEDLXeuRzxf7Zb/ycr4n/RY//v2A/bx29mfZ3q1bZz/wFZZ/ibiYNfx//4T3ZL1n883ls8HxtqzgrXOvvjr9736l/9Qnmz8H14//2tJ5/M65zbfx/jw4fO92h52/j+YnMmfKjpY7Pu4MT9/ZSJiMHlr7f4jm48ZtqN2PrTzJcv/Qy91P/9fb/6fJdn7xbdEGhGN4j2rf7Cqz13nfv+iVzzGfyhPlv9Tmxr/N1/48t2lM736f7Dx/1g+ph8q9vj9H6zvQRO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSZJGxN5I0vpKOU3r9Yg9EfFsDKfNy3PzL89c/ujSVNYWUYuBdGa2OT0eESOtepLVJ/Ly/fqRVfWjEbEvIm6M7M7r9cnLzamyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAVeyJibyRpPSLSvJym9Xqr7Z+RsqMDAAAA+qZWdgAAAADAlnP+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj2nfg5q0kIhZP7s63zGDRNlBqZMBWS8sOAChNpewAgNJUyw4AKI1zfCDZoH2oZ4sZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBOcnD/zVtJRCye3J1vmcGibaDUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftQzxYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdZG7h6oVGszl9RWHdQjUinoAwFBQeU6HsbyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2s/8CAAD//yT3/f8=")
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x4, 0x1, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x4c142, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
sendfile(r1, r1, 0x0, 0xe3aa6ea)

335.25931ms ago: executing program 2 (id=1593):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40d9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x5, 0x7}, 0x9214, 0x0, 0x43a1bd76, 0x5, 0x5, 0x6, 0x2, 0x0, 0x1, 0x0, 0x200c}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfdef)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x11, &(0x7f0000000440)=ANY=[@ANYBLOB="180000008000000000000000fdffffff85000000ae000000b7080000300000007b8af8ff00000000b7080000161300007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018", @ANYRES32=0x0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87e}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@gettfilter={0x54, 0x2e, 0x2, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x3, 0xf}, {0xfff1, 0x4}, {0x0, 0x6}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x297}, {0x8, 0xb, 0x401}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x5902}, {0x8, 0xb, 0x1000006}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x40041)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000000)
socket(0x3, 0x80006, 0x3)
close(r3)
r5 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000004d31, 0x80008, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x8, 0x830a}, 0x0, 0x2, 0xfffffffc, 0x4, 0xffffffffffffffff}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4000a, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1946}, 0x0, 0xfffffffffffffffd, 0x0, 0x2, 0x7fff, 0x7fffffff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004800}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, 0x0)
r7 = socket$kcm(0x28, 0x5, 0x0)
setsockopt$sock_attach_bpf(r7, 0x28, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$bpf(0x20000000f0ff, 0x0, 0x0, 0x40, 0x0)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)

197.594554ms ago: executing program 3 (id=1594):
r0 = syz_ublk_setup_io_uring(0x34cf, &(0x7f0000000140)={0x0, 0x5607, 0x40, 0x0, 0x1b1}, &(0x7f00000001c0), 0x0, &(0x7f0000000240))
r1 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, 0xfffffffb, 0x0, r0}, &(0x7f0000ffe000), &(0x7f0000000100), &(0x7f0000000000))
r2 = socket(0x1d, 0x2, 0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0xffffffffffffffff, 0xfffffffffffffff4, 0x4a, 0x5, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a9, 0x2000000003, 0xc39, 0x8000003, 0x8, 0x100000000, 0x2, 0xa51, 0x8, 0x6, 0x800000000000001, 0x7, 0xfffffffffffffffb, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0xf, 0x8000000001000000, 0x7, 0x1, 0x8, 0x8, 0x6a8, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffffb, 0x4, 0x3, 0x8000000000000000, 0x5, 0x9, 0x80008000, 0x8000000000000000, 0x40000000000004, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x0, 0x4, 0x8000, 0xc9, 0x80, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x26, 0xffffffffffffffff, 0x7, 0xbfa, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x7, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x1, 0x300000003, 0x5, 0x7, 0x406, 0x3, 0x6, 0x3, 0x1, 0x3, 0x100000000010000, 0x7fffffff, 0x7, 0x3, 0x1]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004084)
r3 = io_uring_setup(0x7025, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000380)=0xe, 0x4)
io_uring_enter(r3, 0x2219, 0x7721, 0x52, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401f, 0x68180, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6f, 0x0, @perf_config_ext={0x4, 0x1}, 0x10c0e8, 0x3, 0x7, 0x3, 0x6, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
setsockopt$X25_QBITINCL(r2, 0x106, 0x1, &(0x7f00000002c0), 0x4)
r4 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x380407b, 0x0, 0x1, 0x0, &(0x7f0000000040))
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x102, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r2, 0x6a, 0x4, 0xfffffffa, 0x1f)
shutdown(r2, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x2, 0x0, 0xfe)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f0000000280))

137.828946ms ago: executing program 2 (id=1595):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x42001)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x374a76c8977093c, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x81}, 0x100000, 0x400000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r5)
r7 = creat(&(0x7f0000000080)='./bus\x00', 0x154)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x4}, 0x0)
getuid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0xfd, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x84, 0xfffffffffffffffe, 0x10000, 0xf, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, r7, 0x1)
setsockopt$inet_sctp_SCTP_MAXSEG(r7, 0x84, 0xd, 0x0, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')
msgget(0x2, 0x624)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x4)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x0, 'client1\x00', 0xffffffff80000004, "00000000ffffffe3", "71a19060009f0000000000005c4100a0200010040400", 0x800000, 0x40})
syz_emit_ethernet(0x11, &(0x7f0000000440)={@random="856b934629fa", @local, @void, {@llc_tr={0x11, {@llc={0xa6e64372c39a3c7e, 0xe, "f9"}}}}}, 0x0)

63.194338ms ago: executing program 5 (id=1596):
r0 = socket$inet6(0xa, 0x815, 0x0)
socket(0x1e, 0x805, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000004000000040000000200010000180000", @ANYRES32, @ANYBLOB="0000000000000000000000000000e2366addc65bfa4554cb6a2fbd61062649418dfdda4c44b539ac4664a7c44c75ff2aac9553768238c3f1abf7ce09182583f9ef", @ANYRES32, @ANYBLOB="00000000ffffffff00"/28], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5b67000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffc, 0x4, @perf_config_ext={0x1fc, 0x3}, 0x102802, 0x2e, 0x0, 0x5, 0xfff, 0xe9, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffffffffffb, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000000)="46a1a0995a02", 0x0, 0x0, 0x14, 0x0, 0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x4}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff020400", 0x4)
semtimedop(0x0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2}], 0x1)

0s ago: executing program 4 (id=1597):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x40182, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000100), 0x21c004, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2091"])
copy_file_range(r0, &(0x7f00000000c0)=0x2, r1, &(0x7f0000000140)=0x6, 0x9, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000080)='memory.numa_stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x3]}, 0x8)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_print_times', 0x90201, 0x80)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000000090101000000000000000002000003300002002c00018014000300000000000000000000000000000000011400040000000000000000000000000000000101"], 0x44}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

 223.688898][ T7631] pgpgin 53778
[  223.688906][ T7631] pgpgout 53776
[  223.688914][ T7631] pgfault 76913
[  223.688979][ T7631] pgmajfault 120
[  223.688987][ T7631] inactive_anon 0
[  223.688994][ T7631] active_anon 8192
[  223.689000][ T7631] inactive_file 0
[  223.689007][ T7631] active_file 0
[  223.689015][ T7631] unevictable 0
[  223.689023][ T7631] hierarchical_memory_limit 314572800
[  223.689034][ T7631] hierarchical_memsw_limit 9223372036854771712
[  223.720673][ T7652] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.722535][ T7631] total_cache 0
[  223.722545][ T7631] total_rss 4096
[  223.727332][   T28] kauditd_printk_skb: 153 callbacks suppressed
[  223.727417][   T28] audit: type=1326 audit(2000000023.779:5822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3505c1d68e code=0x7ffc0000
[  223.728937][ T7631] total_shmem 0
[  223.733194][   T28] audit: type=1326 audit(2000000023.789:5823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f3505c5b297 code=0x7ffc0000
[  223.736868][ T7631] total_mapped_file 0
[  223.736877][ T7631] total_dirty 0
[  223.736906][ T7631] total_writeback 0
[  223.736913][ T7631] total_workingset_refault_anon 205
[  223.736921][ T7631] total_workingset_refault_file 0
[  223.736929][ T7631] total_swap 196608
[  223.736935][ T7631] total_swapcached 16228352
[  223.736943][ T7631] total_pgpgin 53778
[  223.736949][ T7631] total_pgpgout 53776
[  223.736956][ T7631] total_pgfault 76913
[  223.742582][   T28] audit: type=1326 audit(2000000023.809:5824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3505c1d68e code=0x7ffc0000
[  223.758424][ T7631] total_pgmajfault 120
[  223.760793][   T28] audit: type=1326 audit(2000000023.809:5825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.768433][ T7631] total_inactive_anon 0
[  223.771197][   T28] audit: type=1326 audit(2000000023.809:5826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.782577][ T7631] total_active_anon 8192
[  223.787232][   T28] audit: type=1326 audit(2000000023.819:5827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.803928][ T7631] total_inactive_file 0
[  223.807181][   T28] audit: type=1326 audit(2000000023.819:5828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.826141][ T7631] total_active_file 0
[  223.843286][   T28] audit: type=1326 audit(2000000023.819:5829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.867528][ T7631] total_unevictable 0
[  223.872248][   T28] audit: type=1326 audit(2000000023.839:5830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.879504][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.882937][   T28] audit: type=1326 audit(2000000023.839:5831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7651 comm="syz.4.1140" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  223.893682][ T7631] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1133,pid=7631,uid=0
[  224.164431][ T7631] Memory cgroup out of memory: Killed process 7631 (syz.5.1133) total-vm:94168kB, anon-rss:1236kB, file-rss:22484kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  224.226648][ T7662] loop4: detected capacity change from 0 to 1024
[  224.279364][ T7662] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  224.297199][ T7668] loop2: detected capacity change from 0 to 512
[  224.327201][ T7668] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  224.329365][ T7662] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  224.361062][ T7662] EXT4-fs error (device loop4): ext4_get_journal_inode:5896: inode #32: comm syz.4.1141: iget: special inode unallocated
[  224.389323][ T7662] loop4: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117
[  224.389472][ T7662] EXT4-fs (loop4): no journal found
[  224.398667][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  224.398689][    C1] EXT4-fs (loop4): initial error at time 2000000024: ext4_get_journal_inode:5896: inode 32
[  224.398720][    C1] EXT4-fs (loop4): last error at time 2000000024: ext4_get_journal_inode:5896: inode 32
[  224.439020][ T7668] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1146'.
[  224.470682][ T7662] EXT4-fs (loop4): can't get journal size
[  224.477887][ T7662] EXT4-fs (loop4): filesystem is read-only
[  224.489806][ T7662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  224.516049][ T7668] EXT4-fs error (device loop2): ext4_readdir:265: inode #2: block 3: comm syz.2.1146: path /220/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  224.537821][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.649960][ T3304] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  224.672841][ T7686] loop4: detected capacity change from 0 to 512
[  224.687986][ T7686] program syz.4.1150 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  225.629098][ T7694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1152'.
[  225.728782][ T7696] loop0: detected capacity change from 0 to 512
[  225.750732][ T7696] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  225.835837][ T7694] netlink: 818 bytes leftover after parsing attributes in process `syz.2.1152'.
[  225.923702][ T7702] loop5: detected capacity change from 0 to 512
[  225.969365][ T7702] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  226.200036][ T7724] loop2: detected capacity change from 0 to 512
[  226.236764][ T7724] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  226.331626][ T7724] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1162'.
[  226.417406][ T7724] EXT4-fs error (device loop2): ext4_readdir:265: inode #2: block 3: comm syz.2.1162: path /224/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  226.585710][ T3304] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  226.666464][ T3303] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  226.693653][ T3303] CPU: 1 UID: 0 PID: 3303 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  226.693749][ T3303] Tainted: [W]=WARN
[  226.693757][ T3303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  226.693768][ T3303] Call Trace:
[  226.693774][ T3303]  <TASK>
[  226.693781][ T3303]  __dump_stack+0x1d/0x30
[  226.693804][ T3303]  dump_stack_lvl+0x95/0xd0
[  226.693824][ T3303]  dump_stack+0x15/0x1b
[  226.693880][ T3303]  dump_header+0x80/0x240
[  226.693905][ T3303]  oom_kill_process+0x295/0x350
[  226.693936][ T3303]  out_of_memory+0x97d/0xb80
[  226.694035][ T3303]  try_charge_memcg+0x62f/0xa10
[  226.694060][ T3303]  ? radix_tree_lookup+0xfa/0x140
[  226.694169][ T3303]  charge_memcg+0x6d/0x120
[  226.694198][ T3303]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  226.694279][ T3303]  __swap_cache_prepare_and_add+0x69/0x4a0
[  226.694303][ T3303]  ? alloc_pages_mpol+0x217/0x260
[  226.694417][ T3303]  swap_cache_alloc_folio+0xa2/0x120
[  226.694444][ T3303]  swap_cluster_readahead+0x35c/0x3c0
[  226.694500][ T3303]  swapin_readahead+0xde/0x840
[  226.694537][ T3303]  ? _raw_spin_unlock_irqrestore+0x9/0x30
[  226.694571][ T3303]  ? hrtimer_start_range_ns+0x58c/0x10a0
[  226.694596][ T3303]  ? __rcu_read_unlock+0x4e/0x70
[  226.694621][ T3303]  ? swap_cache_get_folio+0x1e0/0x1f0
[  226.694701][ T3303]  do_swap_page+0x31e/0x2180
[  226.694737][ T3303]  ? __schedule+0x951/0xd40
[  226.694759][ T3303]  ? __rcu_read_lock+0x36/0x50
[  226.694780][ T3303]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  226.694861][ T3303]  handle_mm_fault+0xb30/0x2e70
[  226.694888][ T3303]  ? vma_start_read+0x1c7/0x2c0
[  226.694950][ T3303]  do_user_addr_fault+0x62f/0x1050
[  226.694986][ T3303]  ? trace_page_fault_user+0x1f/0xa0
[  226.695064][ T3303]  exc_page_fault+0x62/0xa0
[  226.695087][ T3303]  asm_exc_page_fault+0x26/0x30
[  226.695147][ T3303] RIP: 0033:0x7f1a03ea7fd7
[  226.695165][ T3303] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  226.695185][ T3303] RSP: 002b:00007ffe61041050 EFLAGS: 00010202
[  226.695204][ T3303] RAX: 0000000000000000 RBX: 000055557d726500 RCX: 00007f1a03ea7fd7
[  226.695220][ T3303] RDX: 00007ffe61041090 RSI: 0000000000000000 RDI: 0000000000000000
[  226.695232][ T3303] RBP: 00007ffe610410fc R08: 0000000000000000 R09: 0000000000000000
[  226.695319][ T3303] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  226.695334][ T3303] R13: 00000000000927c0 R14: 000000000003748b R15: 00007ffe61041150
[  226.695353][ T3303]  </TASK>
[  226.695429][ T3303] memory: usage 307200kB, limit 307200kB, failcnt 3228
[  227.501877][ T7748] loop4: detected capacity change from 0 to 128
[  227.514358][ T7744] b��Y�4��`Ҙ: left allmulticast mode
[  227.559010][ T7748] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  227.589292][ T7744] 0��{X��: left allmulticast mode
[  227.625631][ T7744] vxcan1: left allmulticast mode
[  227.658459][ T7744] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.669787][ T7744] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  227.747141][ T4943] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.756411][ T4943] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.774933][ T4943] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.792410][ T4943] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.841982][ T4943] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.855505][ T4943] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.871185][ T4943] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  227.884089][ T7748] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1168'.
[  227.893614][ T4943] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.951511][ T3303] memory+swap: usage 311232kB, limit 9007199254740988kB, failcnt 0
[  227.980213][ T3303] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  228.006116][ T3303] Memory cgroup stats for /syz0:
[  228.006307][ T3303] cache 0
[  228.017316][ T7757] loop4: detected capacity change from 0 to 256
[  228.024492][ T3303] rss 0
[  228.027340][ T3303] shmem 0
[  228.068889][ T3303] mapped_file 0
[  228.077782][ T3303] dirty 0
[  228.084053][ T3303] writeback 0
[  228.090514][ T3303] workingset_refault_anon 328
[  228.106971][ T3303] workingset_refault_file 1099
[  228.118114][ T3303] swap 4128768
[  228.146165][ T3303] swapcached 17711104
[  228.151977][ T3303] pgpgin 152977
[  228.159391][ T3303] pgpgout 152977
[  228.178854][ T3303] pgfault 196150
[  228.182418][ T3303] pgmajfault 218
[  228.186025][ T3303] inactive_anon 0
[  228.189673][ T3303] active_anon 0
[  228.193185][ T3303] inactive_file 0
[  228.196801][ T3303] active_file 0
[  228.200245][ T3303] unevictable 0
[  228.203689][ T3303] hierarchical_memory_limit 314572800
[  228.209133][ T3303] hierarchical_memsw_limit 9223372036854771712
[  228.215270][ T3303] total_cache 0
[  228.218714][ T3303] total_rss 0
[  228.222062][ T3303] total_shmem 0
[  228.225503][ T3303] total_mapped_file 0
[  228.229521][ T3303] total_dirty 0
[  228.232967][ T3303] total_writeback 0
[  228.236756][ T3303] total_workingset_refault_anon 328
[  228.241932][ T3303] total_workingset_refault_file 1099
[  228.247256][ T3303] total_swap 4128768
[  228.251131][ T3303] total_swapcached 17711104
[  228.255625][ T3303] total_pgpgin 152977
[  228.300654][ T3303] total_pgpgout 152977
[  228.304786][ T3303] total_pgfault 196150
[  228.308841][ T3303] total_pgmajfault 218
[  228.312891][ T3303] total_inactive_anon 0
[  228.317049][ T3303] total_active_anon 0
[  228.328311][ T3303] total_inactive_file 0
[  228.332481][ T3303] total_active_file 0
[  228.336443][ T3303] total_unevictable 0
[  228.340432][ T3303] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1153,pid=7695,uid=0
[  228.355090][ T3303] Memory cgroup out of memory: Killed process 7695 (syz.0.1153) total-vm:96348kB, anon-rss:1232kB, file-rss:22512kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  228.426064][ T7701] syz.5.1154 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  228.438318][ T7701] CPU: 0 UID: 0 PID: 7701 Comm: syz.5.1154 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  228.438349][ T7701] Tainted: [W]=WARN
[  228.438358][ T7701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  228.438369][ T7701] Call Trace:
[  228.438376][ T7701]  <TASK>
[  228.438384][ T7701]  __dump_stack+0x1d/0x30
[  228.438481][ T7701]  dump_stack_lvl+0x95/0xd0
[  228.438500][ T7701]  dump_stack+0x15/0x1b
[  228.438518][ T7701]  dump_header+0x80/0x240
[  228.438584][ T7701]  oom_kill_process+0x295/0x350
[  228.438620][ T7701]  out_of_memory+0x97d/0xb80
[  228.438653][ T7701]  try_charge_memcg+0x62f/0xa10
[  228.438693][ T7701]  charge_memcg+0x6d/0x120
[  228.438716][ T7701]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  228.438790][ T7701]  __swap_cache_prepare_and_add+0x69/0x4a0
[  228.438815][ T7701]  ? alloc_pages_mpol+0x217/0x260
[  228.438839][ T7701]  swap_cache_alloc_folio+0xa2/0x120
[  228.438866][ T7701]  swap_cluster_readahead+0x25f/0x3c0
[  228.438910][ T7701]  swapin_readahead+0xde/0x840
[  228.438932][ T7701]  ? _raw_spin_unlock+0x9/0x30
[  228.438960][ T7701]  ? swap_put_entries_cluster+0x46c/0x490
[  228.438991][ T7701]  ? __rcu_read_unlock+0x4e/0x70
[  228.439038][ T7701]  ? swap_cache_get_folio+0x1e0/0x1f0
[  228.439064][ T7701]  do_swap_page+0x31e/0x2180
[  228.439174][ T7701]  ? css_rstat_updated+0xbb/0x280
[  228.439246][ T7701]  ? __rcu_read_lock+0x36/0x50
[  228.439269][ T7701]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  228.439294][ T7701]  handle_mm_fault+0xb30/0x2e70
[  228.439318][ T7701]  ? vma_start_read+0x1c7/0x2c0
[  228.439411][ T7701]  do_user_addr_fault+0x62f/0x1050
[  228.439438][ T7701]  ? fpregs_assert_state_consistent+0xb3/0xe0
[  228.439525][ T7701]  ? arch_exit_to_user_mode_prepare+0x26/0x60
[  228.439547][ T7701]  ? trace_page_fault_user+0x1f/0xa0
[  228.439584][ T7701]  exc_page_fault+0x62/0xa0
[  228.439612][ T7701]  asm_exc_page_fault+0x26/0x30
[  228.439635][ T7701] RIP: 0033:0x7fdf73aa1530
[  228.439653][ T7701] Code: 83 f8 04 75 ec 31 f6 80 7c 24 0e 00 74 70 40 88 74 24 0e 8b 7c 24 08 48 89 de e8 7b f2 fd ff 84 c0 75 5b 80 7c 24 0f 00 75 0d <80> 3d 51 0b 3a 00 00 0f 85 a3 01 00 00 49 83 7f 68 07 77 08 49 c7
[  228.439736][ T7701] RSP: 002b:00007fff4593d310 EFLAGS: 00010246
[  228.439751][ T7701] RAX: 0000000000000000 RBX: ffffffff8192c4b3 RCX: ffffffff8192c4b3
[  228.439833][ T7701] RDX: 00000000000004b3 RSI: ffffffff8192c4b3 RDI: 0000000000000002
[  228.439846][ T7701] RBP: 0000000000000000 R08: 00007fdf73e30000 R09: 00007fdf73e32000
[  228.439858][ T7701] R10: 000000008192c4b7 R11: 0000000000000002 R12: 00007fdf73e46038
[  228.439870][ T7701] R13: 0000000000000014 R14: ffffffff8192cf42 R15: 00007fdf74975720
[  228.439883][ T7701]  ? policy_nodemask+0x202/0x5e0
[  228.439904][ T7701]  ? mempolicy_slab_node+0xf3/0x3c0
[  228.439939][ T7701]  ? mempolicy_slab_node+0xf3/0x3c0
[  228.439959][ T7701]  ? mempolicy_slab_node+0xf3/0x3c0
[  228.439982][ T7701]  </TASK>
[  228.759868][ T7775] loop2: detected capacity change from 0 to 512
[  228.767003][   T28] kauditd_printk_skb: 24 callbacks suppressed
[  228.767018][   T28] audit: type=1326 audit(2000000028.819:5856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.808845][   T28] audit: type=1326 audit(2000000028.819:5857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.834626][   T28] audit: type=1326 audit(2000000028.819:5858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.861127][ T7775] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  228.868434][ T7777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1176'.
[  228.879011][   T28] audit: type=1326 audit(2000000028.819:5859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.904716][   T28] audit: type=1326 audit(2000000028.849:5860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.930069][   T28] audit: type=1326 audit(2000000028.849:5861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.955461][   T28] audit: type=1326 audit(2000000028.849:5862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  228.981704][   T28] audit: type=1326 audit(2000000028.859:5863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  229.007328][   T28] audit: type=1326 audit(2000000028.859:5864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  229.034209][   T28] audit: type=1326 audit(2000000028.859:5865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7770 comm="syz.4.1175" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  229.076780][ T7701] memory: usage 304312kB, limit 307200kB, failcnt 1079
[  229.084015][ T7701] memory+swap: usage 298256kB, limit 9007199254740988kB, failcnt 0
[  229.092087][ T7701] kmem: usage 293092kB, limit 9007199254740988kB, failcnt 0
[  229.099481][ T7701] Memory cgroup stats for /syz5:
[  229.099848][ T7701] cache 0
[  229.107749][ T7701] rss 12288
[  229.111274][ T7701] shmem 0
[  229.114332][ T7701] mapped_file 0
[  229.117836][ T7701] dirty 0
[  229.121203][ T7701] writeback 0
[  229.124601][ T7701] workingset_refault_anon 239
[  229.141677][ T7701] workingset_refault_file 0
[  229.158580][ T7701] swap 188416
[  229.165010][ T7701] swapcached 16506880
[  229.173423][ T7701] pgpgin 53975
[  229.181237][ T7701] pgpgout 53971
[  229.201361][ T7701] pgfault 77268
[  229.213757][ T7701] pgmajfault 147
[  229.225372][ T7701] inactive_anon 0
[  229.249643][ T7701] active_anon 16384
[  229.262643][ T7701] inactive_file 0
[  229.281950][ T7701] active_file 0
[  229.298127][ T7701] unevictable 0
[  229.415141][ T7701] hierarchical_memory_limit 314572800
[  229.431078][ T7701] hierarchical_memsw_limit 9223372036854771712
[  229.449923][ T7701] total_cache 0
[  229.469998][ T7701] total_rss 12288
[  229.719573][ T7701] total_shmem 0
[  229.741103][ T7701] total_mapped_file 0
[  229.772665][ T7701] total_dirty 0
[  229.792048][ T7701] total_writeback 0
[  229.812338][ T7701] total_workingset_refault_anon 239
[  229.819947][ T7701] total_workingset_refault_file 0
[  229.825024][ T7701] total_swap 188416
[  229.829060][ T7701] total_swapcached 16506880
[  229.833675][ T7701] total_pgpgin 53975
[  229.837636][ T7701] total_pgpgout 53971
[  229.842244][ T7701] total_pgfault 77268
[  229.846261][ T7701] total_pgmajfault 147
[  229.850388][ T7701] total_inactive_anon 0
[  229.854638][ T7701] total_active_anon 16384
[  229.859021][ T7701] total_inactive_file 0
[  229.863230][ T7701] total_active_file 0
[  229.867240][ T7701] total_unevictable 0
[  229.871938][ T7701] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1154,pid=7701,uid=0
[  229.887318][ T7701] Memory cgroup out of memory: Killed process 7701 (syz.5.1154) total-vm:94168kB, anon-rss:1244kB, file-rss:22484kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  230.330028][ T7804] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.337221][ T7804] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.373065][ T7804] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.385573][ T7804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.407828][ T7814] loop0: detected capacity change from 0 to 512
[  230.431014][ T7814] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.452236][ T7814] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.509495][ T7808] pim6reg: entered allmulticast mode
[  230.518793][   T39] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  230.527798][   T39] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  230.537840][   T39] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  230.546927][   T39] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  230.568747][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.793949][ T7828] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1190'.
[  231.663947][ T7828] tipc: Cannot configure node identity twice
[  231.897501][ T7836] loop4: detected capacity change from 0 to 512
[  231.904619][ T7836] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  232.151118][ T7849] loop5: detected capacity change from 0 to 512
[  232.207763][ T7849] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  232.314241][ T7849] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1196'.
[  232.355420][ T3300] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  232.366376][ T3300] CPU: 0 UID: 0 PID: 3300 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  232.366419][ T3300] Tainted: [W]=WARN
[  232.366426][ T3300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  232.366441][ T3300] Call Trace:
[  232.366449][ T3300]  <TASK>
[  232.366459][ T3300]  __dump_stack+0x1d/0x30
[  232.366484][ T3300]  dump_stack_lvl+0x95/0xd0
[  232.366579][ T3300]  dump_stack+0x15/0x1b
[  232.366601][ T3300]  dump_header+0x80/0x240
[  232.366622][ T3300]  oom_kill_process+0x295/0x350
[  232.366650][ T3300]  out_of_memory+0x97d/0xb80
[  232.366702][ T3300]  try_charge_memcg+0x62f/0xa10
[  232.366741][ T3300]  charge_memcg+0x6d/0x120
[  232.366764][ T3300]  __mem_cgroup_charge+0x28/0xb0
[  232.366829][ T3300]  filemap_add_folio+0x110/0x350
[  232.366859][ T3300]  __filemap_get_folio_mpol+0x326/0x680
[  232.366956][ T3300]  filemap_fault+0x462/0xb70
[  232.366988][ T3300]  ? __pfx_filemap_map_pages+0x10/0x10
[  232.367035][ T3300]  handle_mm_fault+0x16cd/0x2e70
[  232.367060][ T3300]  ? __pfx_filemap_fault+0x10/0x10
[  232.367142][ T3300]  do_user_addr_fault+0x62f/0x1050
[  232.367177][ T3300]  ? trace_page_fault_user+0x1f/0xa0
[  232.367203][ T3300]  exc_page_fault+0x62/0xa0
[  232.367225][ T3300]  asm_exc_page_fault+0x26/0x30
[  232.367287][ T3300] RIP: 0033:0x7f3505b2ae74
[  232.367305][ T3300] Code: 85 62 0a 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 40 a9 ed 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 39 a8 ed 00 48 01 d1
[  232.367385][ T3300] RSP: 002b:00007ffd58c4bce0 EFLAGS: 00010202
[  232.367404][ T3300] RAX: 0000001b32e24000 RBX: 00000000000002e7 RCX: 0000000000038a40
[  232.367420][ T3300] RDX: 000000000500a1b1 RSI: 00007ffd58c4bd70 RDI: 0000000000000001
[  232.367502][ T3300] RBP: 00007ffd58c4bd1c R08: 00000000131538ce R09: 3fffffffffffffff
[  232.367516][ T3300] R10: 4000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  232.367528][ T3300] R13: 00000000000927c0 R14: 0000000000038a1e R15: 00007ffd58c4bd70
[  232.367547][ T3300]  </TASK>
[  232.367553][ T3300] memory: usage 307200kB, limit 307200kB, failcnt 2928
[  232.660577][ T7849] EXT4-fs error (device loop5): ext4_readdir:265: inode #2: block 3: comm syz.5.1196: path /111/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  232.699087][ T7857] loop3: detected capacity change from 0 to 512
[  232.749957][ T3300] memory+swap: usage 167700kB, limit 9007199254740988kB, failcnt 0
[  232.761190][ T3300] kmem: usage 153092kB, limit 9007199254740988kB, failcnt 0
[  232.774886][ T3300] Memory cgroup stats for /syz4:
[  232.775296][ T3300] cache 524288
[  232.835400][ T3300] rss 110592
[  232.840299][ T7857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.858605][ T3300] shmem 0
[  232.862001][ T3300] mapped_file 4096
[  232.883912][ T3300] dirty 4096
[  232.887863][ T6055] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  232.917109][ T7857] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  232.927696][ T3300] writeback 0
[  232.932521][ T3300] workingset_refault_anon 297
[  232.937294][ T3300] workingset_refault_file 4025
[  232.943569][ T3300] swap 32768
[  232.960118][ T3300] swapcached 15376384
[  232.968201][ T3300] pgpgin 239892
[  232.975057][ T3300] pgpgout 239720
[  232.978858][ T3300] pgfault 214824
[  232.982434][ T3300] pgmajfault 119
[  232.986460][ T3300] inactive_anon 131072
[  232.990873][ T3300] active_anon 49152
[  232.994705][ T3300] inactive_file 0
[  232.998356][ T3300] active_file 524288
[  233.002648][ T3300] unevictable 0
[  233.007138][ T3300] hierarchical_memory_limit 314572800
[  233.009607][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.012962][ T3300] hierarchical_memsw_limit 9223372036854771712
[  233.027980][ T3300] total_cache 524288
[  233.032138][ T3300] total_rss 110592
[  233.035885][ T3300] total_shmem 0
[  233.039547][ T3300] total_mapped_file 4096
[  233.043929][ T3300] total_dirty 4096
[  233.047680][ T7880] netlink: 'syz.5.1203': attribute type 49 has an invalid length.
[  233.056092][ T3300] total_writeback 0
[  233.060111][ T3300] total_workingset_refault_anon 297
[  233.066132][ T3300] total_workingset_refault_file 4025
[  233.071680][ T3300] total_swap 32768
[  233.075450][ T3300] total_swapcached 15376384
[  233.080264][ T3300] total_pgpgin 239892
[  233.084327][ T3300] total_pgpgout 239720
[  233.088624][ T3300] total_pgfault 214824
[  233.092764][ T3300] total_pgmajfault 119
[  233.096855][ T3300] total_inactive_anon 131072
[  233.106034][ T7880] ip6gretap0: entered promiscuous mode
[  233.119737][ T7880] ip6gretap0: entered allmulticast mode
[  233.125365][ T3300] total_active_anon 49152
[  233.135248][ T3300] total_inactive_file 0
[  233.177062][ T3300] total_active_file 524288
[  233.192440][ T3300] total_unevictable 0
[  233.210627][ T3300] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1194,pid=7835,uid=0
[  233.230663][ T7887] loop3: detected capacity change from 0 to 512
[  233.239425][ T3300] Memory cgroup out of memory: OOM victim 7835 (syz.4.1194) is already exiting. Skip killing the task
[  233.299603][ T7883] sctp: [Deprecated]: syz.3.1202 (pid 7883) Use of int in max_burst socket option.
[  233.299603][ T7883] Use struct sctp_assoc_value instead
[  234.164379][ T7922] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7922 comm=syz.0.1211
[  234.315294][ T7928] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7928 comm=syz.5.1212
[  234.464287][   T28] kauditd_printk_skb: 97 callbacks suppressed
[  234.464302][   T28] audit: type=1400 audit(2000000034.519:5963): avc:  denied  { create } for  pid=7935 comm="syz.0.1215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=udp_socket permissive=1
[  234.482834][ T7937] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1214'.
[  234.493608][   T28] audit: type=1400 audit(2000000034.559:5964): avc:  denied  { bind } for  pid=7935 comm="syz.0.1215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=udp_socket permissive=1
[  234.520821][   T28] audit: type=1400 audit(2000000034.559:5965): avc:  denied  { name_bind } for  pid=7935 comm="syz.0.1215" src=20000 scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  234.532721][ T7936] syzkaller1: entered promiscuous mode
[  234.543384][   T28] audit: type=1400 audit(2000000034.559:5966): avc:  denied  { node_bind } for  pid=7935 comm="syz.0.1215" src=20000 scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:node_t tclass=udp_socket permissive=1
[  234.573369][   T28] audit: type=1400 audit(2000000034.559:5967): avc:  denied  { setopt } for  pid=7935 comm="syz.0.1215" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=udp_socket permissive=1
[  234.593082][ T7936] syzkaller1: entered allmulticast mode
[  234.595699][   T28] audit: type=1400 audit(2000000034.579:5968): avc:  denied  { create } for  pid=7935 comm="syz.0.1215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1
[  234.621285][   T28] audit: type=1400 audit(2000000034.579:5969): avc:  denied  { ioctl } for  pid=7935 comm="syz.0.1215" path="socket:[18311]" dev="sockfs" ino=18311 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1
[  234.651985][ T7936] syzkaller1: left promiscuous mode
[  234.664815][ T7936] syzkaller1: left allmulticast mode
[  234.686825][   T28] audit: type=1400 audit(2000000034.739:5970): avc:  denied  { create } for  pid=7935 comm="syz.0.1215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[  234.829232][   T28] audit: type=1326 audit(2000000034.879:5971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7951 comm="syz.0.1220" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  234.859837][   T28] audit: type=1326 audit(2000000034.889:5972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7951 comm="syz.0.1220" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  234.874425][ T7952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1220'.
[  234.950772][ T7956] loop0: detected capacity change from 0 to 512
[  235.041736][ T7956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.063000][ T7956] ext4 filesystem being mounted at /263/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.077062][ T7971] xt_hashlimit: size too large, truncated to 1048576
[  235.083809][ T7971] xt_hashlimit: overflow, try lower: 3/0
[  235.107566][ T7955] netlink: 'syz.3.1221': attribute type 1 has an invalid length.
[  235.268716][ T7955] netlink: 'syz.3.1221': attribute type 2 has an invalid length.
[  235.276849][ T7955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1221'.
[  235.627283][ T7974] loop2: detected capacity change from 0 to 1024
[  236.058935][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.117393][ T7982] Invalid option length (0) for dns_resolver key
[  236.160241][ T7982] loop5: detected capacity change from 0 to 164
[  236.189227][ T7982] iso9660: Unknown parameter 'mapWacorn'
[  236.257529][ T7990] FAULT_INJECTION: forcing a failure.
[  236.257529][ T7990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.279954][ T7982] loop5: detected capacity change from 0 to 256
[  236.338096][ T7982] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  236.355982][ T7990] CPU: 0 UID: 0 PID: 7990 Comm: syz.4.1231 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  236.356020][ T7990] Tainted: [W]=WARN
[  236.356084][ T7990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  236.356098][ T7990] Call Trace:
[  236.356119][ T7990]  <TASK>
[  236.356127][ T7990]  __dump_stack+0x1d/0x30
[  236.356149][ T7990]  dump_stack_lvl+0x95/0xd0
[  236.356168][ T7990]  dump_stack+0x15/0x1b
[  236.356216][ T7990]  should_fail_ex+0x263/0x280
[  236.356244][ T7990]  should_fail+0xb/0x20
[  236.356267][ T7990]  should_fail_usercopy+0x1a/0x20
[  236.356300][ T7990]  strncpy_from_user+0x27/0x250
[  236.356402][ T7990]  __se_sys_memfd_create+0x20f/0x3b0
[  236.356430][ T7990]  __x64_sys_memfd_create+0x31/0x40
[  236.356498][ T7990]  x64_sys_call+0x1f22/0x3020
[  236.356592][ T7990]  do_syscall_64+0x12c/0x3b0
[  236.356691][ T7990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.356792][ T7990] RIP: 0033:0x7f3505c5ce59
[  236.356807][ T7990] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  236.356884][ T7990] RSP: 002b:00007f35046aee08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  236.356907][ T7990] RAX: ffffffffffffffda RBX: 00000000000004ed RCX: 00007f3505c5ce59
[  236.356923][ T7990] RDX: 00007f35046aeee0 RSI: 0000000000000000 RDI: 00007f3505cf2f4f
[  236.356938][ T7990] RBP: 0000200000000a40 R08: 00000000ffffffff R09: 0000000000000000
[  236.356993][ T7990] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000140
[  236.357005][ T7990] R13: 00007f35046aeee0 R14: 00007f35046aeea0 R15: 00002000000004c0
[  236.357026][ T7990]  </TASK>
[  236.586877][ T7982] FAT-fs (loop5): error, corrupted file size (i_pos 196, 16779008)
[  236.595252][ T7982] FAT-fs (loop5): Filesystem has been set read-only
[  236.602424][ T7982] FAT-fs (loop5): error, corrupted file size (i_pos 196, 16779008)
[  236.610542][ T7982] FAT-fs (loop5): error, corrupted file size (i_pos 196, 16779008)
[  236.618890][ T7982] FAT-fs (loop5): error, corrupted file size (i_pos 196, 16779008)
[  236.812285][ T8001] loop4: detected capacity change from 0 to 2048
[  236.860449][ T8004] netlink: 'syz.5.1234': attribute type 27 has an invalid length.
[  237.007350][ T8001]  loop4: p3 < > p4 < >
[  237.007715][ T8009] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1237'.
[  237.022876][ T8001] loop4: partition table partially beyond EOD, truncated
[  237.026011][ T8009] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1237'.
[  237.031991][ T8001] loop4: p3 start 4284289 is beyond EOD, truncated
[  237.097706][ T8015] loop4: detected capacity change from 0 to 512
[  237.104207][ T8016] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967272. macoff=96
[  237.119757][ T8015] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  237.132865][ T8015] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.1240: bad orphan inode 131083
[  237.143358][ T8015] loop4: lost filesystem error report for type 5 error -117
[  237.144252][ T8015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.230348][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.287776][ T8032] loop4: detected capacity change from 0 to 512
[  237.294848][ T8032] EXT4-fs: Ignoring removed nomblk_io_submit option
[  237.305494][ T8032] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.310686][ T8033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1246'.
[  237.313992][ T8032] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  237.326458][ T8033] loop2: detected capacity change from 0 to 512
[  237.330456][ T8032] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  237.345641][ T8032] EXT4-fs (loop4): 1 truncate cleaned up
[  237.354270][ T8032] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.368835][ T8032] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #2: block 4: comm syz.4.1245: lblock 0 mapped to illegal pblock 4 (length 1)
[  237.383457][ T8032] EXT4-fs (loop4): Remounting filesystem read-only
[  237.386129][ T8036] netlink: 'syz.0.1244': attribute type 2 has an invalid length.
[  237.391205][ T8032] FAULT_INJECTION: forcing a failure.
[  237.391205][ T8032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.398642][ T8036] netlink: 'syz.0.1244': attribute type 8 has an invalid length.
[  237.410937][ T8032] CPU: 1 UID: 0 PID: 8032 Comm: syz.4.1245 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  237.410970][ T8032] Tainted: [W]=WARN
[  237.410976][ T8032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  237.410989][ T8032] Call Trace:
[  237.410997][ T8032]  <TASK>
[  237.411005][ T8032]  __dump_stack+0x1d/0x30
[  237.411065][ T8032]  dump_stack_lvl+0x95/0xd0
[  237.411085][ T8032]  dump_stack+0x15/0x1b
[  237.411102][ T8032]  should_fail_ex+0x263/0x280
[  237.411130][ T8032]  should_fail+0xb/0x20
[  237.411185][ T8032]  should_fail_usercopy+0x1a/0x20
[  237.411216][ T8032]  strncpy_from_user+0x27/0x250
[  237.411315][ T8032]  ? kmem_cache_alloc_noprof+0x18c/0x3f0
[  237.411350][ T8032]  do_getname+0x59/0x1c0
[  237.411396][ T8032]  __se_sys_mkdirat+0x21/0xf0
[  237.411428][ T8032]  __x64_sys_mkdirat+0x43/0x50
[  237.411457][ T8032]  x64_sys_call+0x2c4e/0x3020
[  237.411502][ T8032]  do_syscall_64+0x12c/0x3b0
[  237.411534][ T8032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.411557][ T8032] RIP: 0033:0x7f3505c5ce59
[  237.411579][ T8032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  237.411597][ T8032] RSP: 002b:00007f35046af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  237.411618][ T8032] RAX: ffffffffffffffda RBX: 00007f3505ed5fa0 RCX: 00007f3505c5ce59
[  237.411639][ T8032] RDX: 0000000000000141 RSI: 0000200000000240 RDI: ffffffffffffff9c
[  237.411688][ T8032] RBP: 00007f35046af090 R08: 0000000000000000 R09: 0000000000000000
[  237.411702][ T8032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.411716][ T8032] R13: 00007f3505ed6038 R14: 00007f3505ed5fa0 R15: 00007ffd58c4b978
[  237.411736][ T8032]  </TASK>
[  237.425492][ T8033] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.429795][ T8036] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1244'.
[  237.434135][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.444137][ T8040] netlink: 'syz.0.1244': attribute type 2 has an invalid length.
[  237.447444][ T8033] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.457414][ T8040] netlink: 'syz.0.1244': attribute type 8 has an invalid length.
[  237.649400][ T8040] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1244'.
[  237.672143][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.700145][ T8044] loop3: detected capacity change from 0 to 512
[  237.706777][ T8044] EXT4-fs: Ignoring removed nomblk_io_submit option
[  237.714697][ T8044] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.734067][ T8044] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  237.739094][ T8047] loop2: detected capacity change from 0 to 1024
[  237.759711][ T8047] EXT4-fs (loop2): bad geometry: bigalloc file system with non-zero first_data_block
[  237.759711][ T8047] 
[  237.760460][ T8044] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  237.781701][ T8044] EXT4-fs (loop3): 1 truncate cleaned up
[  237.791590][ T8047] SET target dimension over the limit!
[  237.798838][ T8044] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.825437][ T8044] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #2: block 4: comm syz.3.1249: lblock 0 mapped to illegal pblock 4 (length 1)
[  237.856672][ T8044] EXT4-fs (loop3): Remounting filesystem read-only
[  237.875494][ T8047] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.892659][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.937096][ T8057] xt_TPROXY: Can be used only with -p tcp or -p udp
[  237.980495][ T8047] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  237.993542][ T8047] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.028512][ T8047] EXT4-fs error (device loop2): ext4_map_blocks:833: inode #15: comm syz.2.1248: lblock 0 mapped to illegal pblock 0 (length 1)
[  238.068253][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  238.175873][ T8078] EXT4-fs: inline encryption not supported
[  238.201966][ T8078] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  238.244874][ T8078] EXT4-fs (loop0): orphan cleanup on readonly fs
[  238.260596][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1259'.
[  238.260804][ T8078] EXT4-fs error (device loop0): mb_free_blocks:2049: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  238.284321][ T8078] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.1258: corrupted inode contents
[  238.296187][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  238.296207][    C0] EXT4-fs (loop0): initial error at time 2000000038: mb_free_blocks:2049: inode 12: block 14
[  238.296261][    C0] EXT4-fs (loop0): last error at time 2000000038: mb_free_blocks:2049: inode 12: block 14
[  238.300113][ T8084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.303919][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.315624][ T8084] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.358515][ T8078] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #12: comm syz.0.1258: mark_inode_dirty error
[  238.385087][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.385348][ T8078] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.1258: corrupted inode contents
[  238.396411][ T8090] EXT4-fs: Ignoring removed mblk_io_submit option
[  238.407043][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.414183][ T8078] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #12: comm syz.0.1258: mark_inode_dirty error
[  238.421359][ T8090] ext4: Bad value for 'resuid'
[  238.423913][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.434978][ T8090] ext4: Bad value for 'resuid'
[  238.439920][ T8078] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.1258: corrupted inode contents
[  238.439970][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.440103][ T8078] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  238.484062][ T8078] loop0: lost filesystem error report for type 5 error -117
[  238.488252][ T8078] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #12: comm syz.0.1258: corrupted inode contents
[  238.512724][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.513001][ T8078] EXT4-fs error (device loop0): ext4_truncate:4690: inode #12: comm syz.0.1258: mark_inode_dirty error
[  238.534216][ T8078] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  238.534386][ T8078] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  238.553311][ T8078] loop0: lost filesystem error report for type 5 error -117
[  238.553771][ T8078] EXT4-fs (loop0): 1 truncate cleaned up
[  238.554291][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.575968][   T39] EXT4-fs error (device loop0): ext4_release_dquot:7070: comm kworker/u8:2: Failed to release dquot type 1
[  238.576520][ T8095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1261'.
[  238.587576][   T39] loop0: lost filesystem error report for type 5 error -5
[  238.598029][ T8078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  238.628263][ T8078] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  238.639664][ T8078] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  238.813681][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.835134][ T8105] program syz.3.1265 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.082925][ T8113] netlink: 'syz.0.1268': attribute type 10 has an invalid length.
[  239.191233][ T8115] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  239.277442][ T8115] EXT4-fs error (device loop0): ext4_readdir:265: inode #2: block 3: comm syz.0.1269: path /272/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  239.364190][ T3303] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  239.472010][   T28] kauditd_printk_skb: 452 callbacks suppressed
[  239.472023][   T28] audit: type=1326 audit(2000000039.529:6424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  239.652197][ T8127] __nla_validate_parse: 2 callbacks suppressed
[  239.652260][ T8127] netlink: 2160 bytes leftover after parsing attributes in process `syz.3.1271'.
[  239.674377][   T28] audit: type=1326 audit(2000000039.709:6425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  239.712494][ T8126] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1273'.
[  239.724426][   T28] audit: type=1326 audit(2000000039.759:6426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  239.775894][ T8127] netlink: 2160 bytes leftover after parsing attributes in process `syz.3.1271'.
[  239.786299][   T28] audit: type=1326 audit(2000000039.759:6427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  239.858058][   T28] audit: type=1326 audit(2000000039.759:6428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  239.910577][ T8133] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.945509][   T28] audit: type=1326 audit(2000000039.759:6429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  240.079756][   T28] audit: type=1326 audit(2000000039.759:6430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  240.106904][ T8133] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.139481][   T28] audit: type=1326 audit(2000000039.759:6431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  240.172336][ T8150] set_capacity_and_notify: 7 callbacks suppressed
[  240.172353][ T8150] loop5: detected capacity change from 0 to 512
[  240.192593][   T28] audit: type=1326 audit(2000000039.759:6432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  240.241319][   T28] audit: type=1326 audit(2000000039.759:6433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8125 comm="syz.2.1273" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e668ce59 code=0x7ffc0000
[  240.280098][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.300665][ T8150] program syz.5.1277 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  240.494419][ T8166] ip6erspan0: left promiscuous mode
[  240.804966][ T8188] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1288'.
[  240.814218][ T8191] loop0: detected capacity change from 0 to 512
[  240.821370][ T8191] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  240.825521][ T8188] loop4: detected capacity change from 0 to 512
[  240.853009][ T8188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.866209][ T8188] ext4 filesystem being mounted at /267/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.891821][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.187584][ T8198] loop3: detected capacity change from 0 to 512
[  241.205012][ T8198] program syz.3.1291 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.271799][ T8205] loop3: detected capacity change from 0 to 512
[  241.299389][ T8205] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  241.313704][ T8205] EXT4-fs (loop3): 1 truncate cleaned up
[  241.327818][ T8205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.396119][ T8205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1293'.
[  241.451227][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.490731][ T8216] FAULT_INJECTION: forcing a failure.
[  241.490731][ T8216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.510960][ T8216] CPU: 1 UID: 0 PID: 8216 Comm: syz.5.1296 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  241.510995][ T8216] Tainted: [W]=WARN
[  241.511002][ T8216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  241.511061][ T8216] Call Trace:
[  241.511066][ T8216]  <TASK>
[  241.511073][ T8216]  __dump_stack+0x1d/0x30
[  241.511172][ T8216]  dump_stack_lvl+0x95/0xd0
[  241.511271][ T8216]  dump_stack+0x15/0x1b
[  241.511292][ T8216]  should_fail_ex+0x263/0x280
[  241.511321][ T8216]  should_fail+0xb/0x20
[  241.511421][ T8216]  should_fail_usercopy+0x1a/0x20
[  241.511454][ T8216]  _copy_from_user+0x1c/0xb0
[  241.511482][ T8216]  __se_sys_rt_tgsigqueueinfo+0x5d/0x420
[  241.511629][ T8216]  ? perf_pending_task+0x1df/0x210
[  241.511657][ T8216]  __x64_sys_rt_tgsigqueueinfo+0x55/0x70
[  241.511677][ T8216]  x64_sys_call+0x150e/0x3020
[  241.511738][ T8216]  do_syscall_64+0x12c/0x3b0
[  241.511771][ T8216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.511796][ T8216] RIP: 0033:0x7fdf73bcce59
[  241.511814][ T8216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  241.511915][ T8216] RSP: 002b:00007fdf72627028 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[  241.511936][ T8216] RAX: ffffffffffffffda RBX: 00007fdf73e45fa0 RCX: 00007fdf73bcce59
[  241.511965][ T8216] RDX: 0000000000000025 RSI: 0000000000000000 RDI: 0000000000000000
[  241.511976][ T8216] RBP: 00007fdf72627090 R08: 0000000000000000 R09: 0000000000000000
[  241.511991][ T8216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.512050][ T8216] R13: 00007fdf73e46038 R14: 00007fdf73e45fa0 R15: 00007fff4593d278
[  241.512069][ T8216]  </TASK>
[  241.786692][ T8191] syz.0.1289 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  241.801699][ T8191] CPU: 1 UID: 0 PID: 8191 Comm: syz.0.1289 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  241.801734][ T8191] Tainted: [W]=WARN
[  241.801741][ T8191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  241.801753][ T8191] Call Trace:
[  241.801760][ T8191]  <TASK>
[  241.801767][ T8191]  __dump_stack+0x1d/0x30
[  241.801869][ T8191]  dump_stack_lvl+0x95/0xd0
[  241.801890][ T8191]  dump_stack+0x15/0x1b
[  241.801910][ T8191]  dump_header+0x80/0x240
[  241.801976][ T8191]  oom_kill_process+0x295/0x350
[  241.802008][ T8191]  out_of_memory+0x97d/0xb80
[  241.802038][ T8191]  try_charge_memcg+0x62f/0xa10
[  241.802099][ T8191]  __memcg_kmem_charge_page+0x1ce/0x3d0
[  241.802124][ T8191]  __alloc_frozen_pages_noprof+0x18a/0x350
[  241.802174][ T8191]  alloc_pages_mpol+0xb3/0x260
[  241.802199][ T8191]  alloc_pages_noprof+0x8f/0x140
[  241.802223][ T8191]  __vmalloc_node_range_noprof+0xaed/0x11c0
[  241.802252][ T8191]  __kvmalloc_node_noprof+0x3d4/0x640
[  241.802280][ T8191]  ? futex_hash_allocate+0x190/0x9a0
[  241.802332][ T8191]  ? futex_hash_allocate+0x190/0x9a0
[  241.802367][ T8191]  futex_hash_allocate+0x190/0x9a0
[  241.802466][ T8191]  ? cap_task_prctl+0x13f/0x6b0
[  241.802492][ T8191]  futex_hash_prctl+0xd8/0xf0
[  241.802523][ T8191]  __se_sys_prctl+0x4f4/0x1400
[  241.802551][ T8191]  __x64_sys_prctl+0x67/0x80
[  241.802608][ T8191]  x64_sys_call+0x2533/0x3020
[  241.802633][ T8191]  do_syscall_64+0x12c/0x3b0
[  241.802786][ T8191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.802852][ T8191] RIP: 0033:0x7f1a03eece59
[  241.802871][ T8191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  241.802893][ T8191] RSP: 002b:00007f1a0293f028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  241.802918][ T8191] RAX: ffffffffffffffda RBX: 00007f1a04165fa0 RCX: 00007f1a03eece59
[  241.802961][ T8191] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e
[  241.802976][ T8191] RBP: 00007f1a03f82d6f R08: 0000000000000000 R09: 0000000000000000
[  241.803031][ T8191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  241.803047][ T8191] R13: 00007f1a04166038 R14: 00007f1a04165fa0 R15: 00007ffe61040d58
[  241.803070][ T8191]  </TASK>
[  241.803090][ T8191] memory: usage 307200kB, limit 307200kB, failcnt 3441
[  241.946368][ T8235] loop4: detected capacity change from 0 to 512
[  241.952838][ T8191] memory+swap: usage 307604kB, limit 9007199254740988kB, failcnt 0
[  242.005772][ T8235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.012884][ T8191] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  242.021265][ T8235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1300'.
[  242.027241][ T8191] Memory cgroup stats for 
[  242.028304][ T8235] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1300'.
[  242.052388][ T8191] /syz0
[  242.062498][ T8235] netlink: 716 bytes leftover after parsing attributes in process `syz.4.1300'.
[  242.119454][ T8235] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1300'.
[  242.126358][ T8246] loop3: detected capacity change from 0 to 512
[  242.169622][ T8191] :
[  242.170383][ T8191] cache 0
[  242.176097][ T8191] rss 0
[  242.179552][ T8191] shmem 0
[  242.182552][ T8191] mapped_file 0
[  242.186308][ T8191] dirty 0
[  242.197049][ T8191] writeback 0
[  242.200980][ T8191] workingset_refault_anon 1917
[  242.205837][ T8191] workingset_refault_file 1184
[  242.211346][ T8191] swap 413696
[  242.214727][ T8191] swapcached 24375296
[  242.226584][ T8191] pgpgin 166400
[  242.231074][ T8191] pgpgout 166400
[  242.236726][ T8191] pgfault 210717
[  242.238310][ T8246] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.1303: corrupted in-inode xattr: overlapping e_value 
[  242.256431][ T8246] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  242.256897][ T8246] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1303: couldn't read orphan inode 15 (err -117)
[  242.266044][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  242.266065][    C1] EXT4-fs (loop3): initial error at time 2000000042: ext4_iget_extra_inode:5128: inode 15
[  242.266111][    C1] EXT4-fs (loop3): last error at time 2000000042: ext4_iget_extra_inode:5128: inode 15
[  242.304639][ T8246] loop3: lost filesystem error report for type 5 error -117
[  242.309929][ T8246] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.330772][ T8246] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.450920][ T8249] loop2: detected capacity change from 0 to 512
[  242.544611][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.565402][ T8249] program syz.2.1304 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.633155][ T8191] pgmajfault 257
[  242.636838][ T8191] inactive_anon 0
[  242.640527][ T8191] active_anon 0
[  242.644009][ T8191] inactive_file 0
[  242.647669][ T8191] active_file 0
[  242.651154][ T8191] unevictable 0
[  242.654676][ T8191] hierarchical_memory_limit 314572800
[  242.660137][ T8191] hierarchical_memsw_limit 9223372036854771712
[  242.666347][ T8191] total_cache 0
[  242.669847][ T8191] total_rss 0
[  242.673162][ T8191] total_shmem 0
[  242.676686][ T8191] total_mapped_file 0
[  242.682828][ T8191] total_dirty 0
[  242.692917][ T8191] total_writeback 0
[  242.698657][ T8191] total_workingset_refault_anon 1917
[  242.707164][ T8253] loop4: detected capacity change from 0 to 256
[  242.713881][ T8191] total_workingset_refault_file 1184
[  242.724230][ T8191] total_swap 413696
[  242.728091][ T8191] total_swapcached 24375296
[  242.732778][ T8191] total_pgpgin 166400
[  242.736872][ T8191] total_pgpgout 166400
[  242.741311][ T8191] total_pgfault 210717
[  242.745523][ T8191] total_pgmajfault 257
[  242.750006][ T8191] total_inactive_anon 0
[  242.754245][ T8191] total_active_anon 0
[  242.758328][ T8191] total_inactive_file 0
[  242.762827][ T8191] total_active_file 0
[  242.766859][ T8191] total_unevictable 0
[  242.795801][ T8191] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1289,pid=8190,uid=0
[  242.810774][ T8191] Memory cgroup out of memory: Killed process 8190 (syz.0.1289) total-vm:94168kB, anon-rss:1232kB, file-rss:22420kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  242.914317][ T8262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1309'.
[  242.924722][ T8259] loop5: detected capacity change from 0 to 512
[  242.947152][ T8263] 9p: Bad value for 'wfdno'
[  242.975300][ T8263] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  243.019184][ T8263] SELinux: failed to load policy
[  243.058801][ T8269] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  243.290468][ T3303] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  243.651983][ T8289] program syz.0.1316 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  244.590613][ T8300] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  244.948479][   T28] kauditd_printk_skb: 153 callbacks suppressed
[  244.948496][   T28] audit: type=1400 audit(2000000044.979:6587): avc:  denied  { write } for  pid=8307 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  244.994114][   T28] audit: type=1400 audit(2000000045.039:6588): avc:  denied  { write } for  pid=8319 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  245.056989][   T28] audit: type=1400 audit(2000000045.109:6589): avc:  denied  { compute_member } for  pid=8324 comm="syz.2.1323" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  245.126284][   T28] audit: type=1400 audit(2000000045.179:6590): avc:  denied  { write } for  pid=8323 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  245.174610][   T28] audit: type=1400 audit(2000000045.219:6591): avc:  denied  { write } for  pid=8336 comm="rm" name="hook-state" dev="tmpfs" ino=486 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  245.307824][ T8343] set_capacity_and_notify: 3 callbacks suppressed
[  245.307839][ T8343] loop3: detected capacity change from 0 to 512
[  245.334764][ T8343] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  245.345569][ T8346] netlink: 'syz.5.1324': attribute type 10 has an invalid length.
[  245.379962][ T8343] __nla_validate_parse: 4 callbacks suppressed
[  245.379980][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1325'.
[  245.405195][ T8343] EXT4-fs error (device loop3): ext4_readdir:265: inode #2: block 3: comm syz.3.1325: path /258/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  245.498945][   T28] audit: type=1400 audit(2000000045.549:6592): avc:  denied  { write } for  pid=8350 comm="syz.0.1328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  245.523854][ T3302] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  245.535442][ T8351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.570794][ T8351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.626853][   T28] audit: type=1400 audit(2000000045.679:6593): avc:  denied  { write } for  pid=8350 comm="syz.0.1328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  245.659439][ T8351] ieee802154 phy0 wpan0: encryption failed: -126
[  245.678337][ T8357] loop3: detected capacity change from 0 to 512
[  245.725602][ T8357] program syz.3.1331 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  248.054814][ T8393] loop2: detected capacity change from 0 to 512
[  248.110142][ T8393] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  248.163049][ T8393] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1340'.
[  248.252445][ T3304] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  248.336125][ T8404] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1342'.
[  248.361148][ T8404] loop2: detected capacity change from 0 to 512
[  248.499197][ T8404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.523477][ T8404] ext4 filesystem being mounted at /256/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.574719][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.048526][ T8414] loop4: detected capacity change from 0 to 512
[  249.068856][ T8414] EXT4-fs: Ignoring removed nobh option
[  249.108367][ T8414] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  249.141669][ T8414] EXT4-fs (loop4): 1 truncate cleaned up
[  249.160584][ T8414] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.378073][ T8422] loop5: detected capacity change from 0 to 1024
[  249.401617][ T8422] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  249.515108][   T28] audit: type=1400 audit(2000000049.569:6594): avc:  denied  { create } for  pid=8421 comm="syz.5.1347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  249.592701][  T832] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  250.297717][  T832] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  250.319404][  T832] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  250.343608][  T832] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  251.349980][ T8433] loop2: detected capacity change from 0 to 128
[  251.364608][ T8433] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  251.372576][ T8433] System zones: 1-3, 19-19, 35-36
[  251.386245][ T8433] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  251.423693][ T8433] ext4 filesystem being mounted at /258/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  251.455371][ T8438] loop3: detected capacity change from 0 to 512
[  251.481047][ T8431] EXT4-fs warning (device loop2): verify_group_input:137: Cannot add at group 5 (only 1 groups)
[  251.503683][ T6055] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  251.503933][ T8438] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.543396][ T8438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1352'.
[  251.560259][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  251.585205][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.635551][ T3302] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  251.641766][ T8442] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1353'.
[  251.662699][ T8442] loop5: detected capacity change from 0 to 512
[  251.690932][ T8442] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.718888][ T8442] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.911248][ T6055] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.348620][ T8464] loop5: detected capacity change from 0 to 512
[  254.355276][ T8464] EXT4-fs: test_dummy_encryption option not supported
[  254.365766][ T8479] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1364'.
[  254.443701][   T28] audit: type=1326 audit(2000000054.449:6595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.474440][   T28] audit: type=1326 audit(2000000054.449:6596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.516810][   T28] audit: type=1326 audit(2000000054.449:6597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.575742][   T28] audit: type=1326 audit(2000000054.449:6598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.625842][   T28] audit: type=1326 audit(2000000054.449:6599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.692025][   T28] audit: type=1326 audit(2000000054.449:6600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.717444][   T28] audit: type=1326 audit(2000000054.449:6601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.742792][   T28] audit: type=1326 audit(2000000054.449:6602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3505c5ce59 code=0x7ffc0000
[  254.807563][   T28] audit: type=1326 audit(2000000054.559:6603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3505c1d68e code=0x7ffc0000
[  254.847780][   T28] audit: type=1326 audit(2000000054.659:6604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8478 comm="syz.4.1364" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3505c1d68e code=0x7ffc0000
[  255.037035][ T8497] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1369'.
[  255.053943][ T8493] loop3: detected capacity change from 0 to 8192
[  255.063901][ T8497] loop5: detected capacity change from 0 to 512
[  255.101139][ T8497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.157576][ T8506] loop4: detected capacity change from 0 to 512
[  255.167066][ T8497] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.224288][ T8507] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1370'.
[  255.285214][ T6055] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.397635][ T8518] loop5: detected capacity change from 0 to 4096
[  255.419646][ T8518] ext3: Unknown parameter 'euid>00000000000000000000'
[  255.562408][ T8521] loop5: detected capacity change from 0 to 512
[  255.607218][ T8521] EXT4-fs error (device loop5): ext4_map_blocks:791: inode #11: block 327694: comm syz.5.1376: lblock 0 mapped to illegal pblock 327694 (length 1)
[  255.669137][ T8521] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  255.669415][ T8521] ------------[ cut here ]------------
[  255.684058][ T8521] EA inode 11 i_nlink=2
[  255.684090][ T8521] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#0: syz.5.1376/8521
[  255.699037][ T8521] Modules linked in:
[  255.702998][ T8521] CPU: 0 UID: 0 PID: 8521 Comm: syz.5.1376 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  255.714365][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  255.714503][    C0] EXT4-fs (loop5): initial error at time 2000000055: ext4_map_blocks:791: inode 11: block 327694
[  255.714844][    C0] EXT4-fs (loop5): last error at time 2000000055: ext4_map_blocks:791: inode 11: block 327694
[  255.743813][ T8521] Tainted: [W]=WARN
[  255.748113][ T8521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  255.759024][ T8521] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350
[  255.766077][ T8521] Code: 74 5a 98 ff 4c 8d 2d 5d 68 5c 05 49 8d 7e 40 e8 04 18 b6 ff 49 8b 6e 40 4c 89 e7 e8 38 13 b6 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 af fe d7 03 66 66 66 66 66 66 2e
[  255.786514][ T8521] RSP: 0018:ffffc9000181f778 EFLAGS: 00010246
[  255.793245][ T8521] RAX: ffff8881056be000 RBX: ffff888145c7c178 RCX: ffffffff81c0d898
[  255.802174][ T8521] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff871d40e0
[  255.810894][ T8521] RBP: 000000000000000b R08: 0001888145c7c12b R09: 0000000000000000
[  255.819415][ T8521] R10: ffffc9000181f6a8 R11: 0001c9000181f6a8 R12: ffff888145c7c128
[  255.828154][ T8521] R13: ffffffff871d40e0 R14: ffff888145c7c0e0 R15: 0000000000000001
[  255.836428][ T8521] FS:  00007fdf726066c0(0000) GS:ffff8882ae8fa000(0000) knlGS:0000000000000000
[  255.845436][ T8521] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  255.852029][ T8521] CR2: 0000000034747865 CR3: 000000017dc18000 CR4: 00000000003506f0
[  255.860045][ T8521] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  255.868022][ T8521] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  255.875996][ T8521] Call Trace:
[  255.879324][ T8521]  <TASK>
[  255.882309][ T8521]  ext4_xattr_inode_dec_ref_all+0x57c/0x8b0
[  255.888291][ T8521]  ? errseq_check+0x2c/0x50
[  255.892832][ T8521]  ext4_xattr_delete_inode+0x6c1/0x7a0
[  255.898300][ T8521]  ? ext4_truncate+0x89f/0xa10
[  255.903083][ T8521]  ext4_evict_inode+0xb16/0xe30
[  255.907953][ T8521]  ? __pfx_ext4_evict_inode+0x10/0x10
[  255.913340][ T8521]  evict+0x2af/0x510
[  255.917416][ T8521]  ? __dquot_initialize+0x146/0x7c0
[  255.922698][ T8521]  iput+0x41a/0x580
[  255.926506][ T8521]  ext4_process_orphan+0x1a9/0x1c0
[  255.932034][ T8521]  ext4_orphan_cleanup+0x69c/0x9f0
[  255.938135][ T8521]  ext4_fill_super+0x3408/0x37c0
[  255.943370][ T8521]  ? set_blocksize+0x14c/0x270
[  255.948171][ T8521]  ? setup_bdev_super+0x30e/0x370
[  255.953217][ T8521]  ? __pfx_ext4_fill_super+0x10/0x10
[  255.958639][ T8521]  get_tree_bdev_flags+0x291/0x300
[  255.963759][ T8521]  ? __pfx_ext4_fill_super+0x10/0x10
[  255.969098][ T8521]  get_tree_bdev+0x1f/0x30
[  255.973601][ T8521]  ext4_get_tree+0x1c/0x30
[  255.978074][ T8521]  vfs_get_tree+0x57/0x1d0
[  255.982511][ T8521]  do_new_mount+0x288/0x8d0
[  255.987047][ T8521]  path_mount+0x4d0/0xbc0
[  255.991393][ T8521]  __se_sys_mount+0x28c/0x2e0
[  255.996121][ T8521]  ? __hrtimer_rearm_deferred+0x58d/0x670
[  256.001958][ T8521]  __x64_sys_mount+0x67/0x80
[  256.006617][ T8521]  x64_sys_call+0x2d61/0x3020
[  256.011347][ T8521]  do_syscall_64+0x12c/0x3b0
[  256.016025][ T8521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.021936][ T8521] RIP: 0033:0x7fdf73bce0ca
[  256.026357][ T8521] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  256.046623][ T8521] RSP: 002b:00007fdf72605e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  256.055594][ T8521] RAX: ffffffffffffffda RBX: 00007fdf72605ee0 RCX: 00007fdf73bce0ca
[  256.064353][ T8521] RDX: 0000200000000080 RSI: 00002000000001c0 RDI: 00007fdf72605ea0
[  256.073142][ T8521] RBP: 0000200000000080 R08: 00007fdf72605ee0 R09: 0000000000800718
[  256.081935][ T8521] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[  256.090794][ T8521] R13: 00007fdf72605ea0 R14: 0000000000000492 R15: 00002000000000c0
[  256.099472][ T8521]  </TASK>
[  256.102887][ T8521] ---[ end trace 0000000000000000 ]---
[  256.112204][ T8521] EXT4-fs (loop5): 1 orphan inode deleted
[  256.125130][ T8521] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.160960][ T8527] loop0: detected capacity change from 0 to 512
[  256.231737][ T8527] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  256.247935][ T8527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1378'.
[  256.285068][ T3303] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  256.309103][ T6055] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.427973][ T8544] FAULT_INJECTION: forcing a failure.
[  256.427973][ T8544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.441094][ T8544] CPU: 0 UID: 0 PID: 8544 Comm: syz.0.1381 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  256.441150][ T8544] Tainted: [W]=WARN
[  256.441224][ T8544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  256.441300][ T8544] Call Trace:
[  256.441306][ T8544]  <TASK>
[  256.441313][ T8544]  __dump_stack+0x1d/0x30
[  256.441398][ T8544]  dump_stack_lvl+0x95/0xd0
[  256.441418][ T8544]  dump_stack+0x15/0x1b
[  256.441436][ T8544]  should_fail_ex+0x263/0x280
[  256.441463][ T8544]  should_fail+0xb/0x20
[  256.441562][ T8544]  should_fail_usercopy+0x1a/0x20
[  256.441589][ T8544]  _copy_to_iter+0x387/0xea0
[  256.441618][ T8544]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  256.441713][ T8544]  __skb_datagram_iter+0xc6/0x680
[  256.441738][ T8544]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  256.441769][ T8544]  skb_copy_datagram_iter+0x3f/0xf0
[  256.441793][ T8544]  netlink_recvmsg+0x1a8/0x550
[  256.441824][ T8544]  ? __pfx_netlink_recvmsg+0x10/0x10
[  256.441852][ T8544]  sock_recvmsg+0xf5/0x120
[  256.441900][ T8544]  ____sys_recvmsg+0xf5/0x280
[  256.441929][ T8544]  ___sys_recvmsg+0x11f/0x3b0
[  256.441960][ T8544]  do_recvmmsg+0x1ef/0x560
[  256.442022][ T8544]  ? get_timespec64+0xd2/0x100
[  256.442126][ T8544]  __x64_sys_recvmmsg+0xfb/0x170
[  256.442153][ T8544]  x64_sys_call+0x80f/0x3020
[  256.442176][ T8544]  do_syscall_64+0x12c/0x3b0
[  256.442267][ T8544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.442289][ T8544] RIP: 0033:0x7f1a03eece59
[  256.442304][ T8544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  256.442322][ T8544] RSP: 002b:00007f1a0293f028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  256.442342][ T8544] RAX: ffffffffffffffda RBX: 00007f1a04165fa0 RCX: 00007f1a03eece59
[  256.442355][ T8544] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  256.442380][ T8544] RBP: 00007f1a0293f090 R08: 0000200000003700 R09: 0000000000000000
[  256.442393][ T8544] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  256.442405][ T8544] R13: 00007f1a04166038 R14: 00007f1a04165fa0 R15: 00007ffe61040d58
[  256.442426][ T8544]  </TASK>
[  256.704992][ T8547] loop4: detected capacity change from 0 to 512
[  256.741244][ T8553] netlink: 'syz.4.1387': attribute type 14 has an invalid length.
[  256.787787][ T8561] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1388'.
[  256.837121][ T4943] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  256.848503][ T4943] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  256.857445][ T4943] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  256.870940][ T4943] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  256.933743][ T8569] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.1391'.
[  257.162495][ T5703] IPVS: ip_vs_send_async error -101
[  257.339885][ T8583] loop2: detected capacity change from 0 to 512
[  257.348011][ T8583] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  257.562712][ T8586] loop5: detected capacity change from 0 to 128
[  257.649510][ T8588] loop5: detected capacity change from 0 to 512
[  257.768012][ T8594] loop4: detected capacity change from 0 to 512
[  257.775797][ T8594] EXT4-fs: Ignoring removed nomblk_io_submit option
[  257.788116][ T8594] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  257.796649][ T8594] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e128, mo2=0002]
[  257.811678][ T8594] System zones: 0-1, 15-15, 18-18, 34-34
[  257.817679][ T8594] EXT4-fs (loop4): orphan cleanup on readonly fs
[  257.824301][ T8594] EXT4-fs warning (device loop4): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  257.840359][ T8594] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  257.912927][ T8594] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1401: bg 0: block 40: padding at end of block bitmap is not set
[  258.008456][ T8594] loop4: lost filesystem error report for type 5 error -117
[  258.018441][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  258.032172][    C1] EXT4-fs (loop4): initial error at time 2000000058: ext4_validate_block_bitmap:441
[  258.041581][    C1] EXT4-fs (loop4): last error at time 2000000058: ext4_validate_block_bitmap:441
[  258.083433][ T8594] EXT4-fs (loop4): Remounting filesystem read-only
[  258.127745][ T8594] EXT4-fs (loop4): 1 truncate cleaned up
[  258.134592][ T8594] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  258.148304][ T8607] loop3: detected capacity change from 0 to 1024
[  258.155411][ T8594] EXT4-fs (loop4): shut down requested (1)
[  258.421492][ T8612] loop2: detected capacity change from 0 to 1024
[  258.433678][ T8608] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  258.442852][ T8608] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  258.453451][ T8607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.459925][ T8612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.487441][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.510798][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.521214][ T8607] netlink: 'syz.3.1405': attribute type 10 has an invalid length.
[  258.572282][ T8607] A link change request failed with some changes committed already. Interface b��Y�4��`Ҙ may have been left with an inconsistent configuration, please check.
[  258.700022][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.773892][ T8634] loop3: detected capacity change from 0 to 128
[  258.780963][ T8634] vfat: Unknown parameter '00000000000000000000000'
[  260.410522][ T8656] loop4: detected capacity change from 0 to 512
[  260.444540][ T8656] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  261.749498][ T8664] loop2: detected capacity change from 0 to 512
[  261.760908][   T28] kauditd_printk_skb: 281 callbacks suppressed
[  261.760922][   T28] audit: type=1400 audit(2000000061.819:6885): avc:  denied  { create } for  pid=8662 comm="syz.5.1419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  261.794237][ T8664] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  262.123365][ T8687] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1425'.
[  262.235913][ T8664] syz.2.1417 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  262.328514][ T8664] CPU: 1 UID: 0 PID: 8664 Comm: syz.2.1417 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  262.328551][ T8664] Tainted: [W]=WARN
[  262.328560][ T8664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  262.328644][ T8664] Call Trace:
[  262.328651][ T8664]  <TASK>
[  262.328659][ T8664]  __dump_stack+0x1d/0x30
[  262.328735][ T8664]  dump_stack_lvl+0x95/0xd0
[  262.328761][ T8664]  dump_stack+0x15/0x1b
[  262.328862][ T8664]  dump_header+0x80/0x240
[  262.328888][ T8664]  oom_kill_process+0x295/0x350
[  262.328985][ T8664]  out_of_memory+0x97d/0xb80
[  262.329017][ T8664]  ? mutex_lock_killable+0x62/0xa0
[  262.329050][ T8664]  try_charge_memcg+0x62f/0xa10
[  262.329167][ T8664]  __memcg_kmem_charge_page+0x1ce/0x3d0
[  262.329195][ T8664]  __alloc_frozen_pages_noprof+0x18a/0x350
[  262.329268][ T8664]  alloc_pages_mpol+0xb3/0x260
[  262.329298][ T8664]  alloc_pages_noprof+0x8f/0x140
[  262.329328][ T8664]  __vmalloc_node_range_noprof+0xaed/0x11c0
[  262.329405][ T8664]  __kvmalloc_node_noprof+0x3d4/0x640
[  262.329437][ T8664]  ? futex_hash_allocate+0x190/0x9a0
[  262.329492][ T8664]  ? futex_hash_allocate+0x190/0x9a0
[  262.329551][ T8664]  futex_hash_allocate+0x190/0x9a0
[  262.329587][ T8664]  ? cap_task_prctl+0x13f/0x6b0
[  262.329615][ T8664]  futex_hash_prctl+0xd8/0xf0
[  262.329685][ T8664]  __se_sys_prctl+0x4f4/0x1400
[  262.329719][ T8664]  __x64_sys_prctl+0x67/0x80
[  262.329749][ T8664]  x64_sys_call+0x2533/0x3020
[  262.329809][ T8664]  do_syscall_64+0x12c/0x3b0
[  262.329840][ T8664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.329867][ T8664] RIP: 0033:0x7f94e668ce59
[  262.329932][ T8664] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  262.329953][ T8664] RSP: 002b:00007f94e50df028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  262.329973][ T8664] RAX: ffffffffffffffda RBX: 00007f94e6905fa0 RCX: 00007f94e668ce59
[  262.329988][ T8664] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e
[  262.330004][ T8664] RBP: 00007f94e6722d6f R08: 0000000000000000 R09: 0000000000000000
[  262.330019][ T8664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  262.330094][ T8664] R13: 00007f94e6906038 R14: 00007f94e6905fa0 R15: 00007fff20c05aa8
[  262.330115][ T8664]  </TASK>
[  262.334356][ T8664] memory: usage 238824kB, limit 307200kB, failcnt 3644
[  262.354086][   T28] audit: type=1326 audit(2000000062.409:6886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  262.553955][ T8664] memory+swap: usage 105724kB, limit 9007199254740988kB, failcnt 0
[  262.645269][   T28] audit: type=1326 audit(2000000062.409:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  262.692169][   T28] audit: type=1326 audit(2000000062.439:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  262.772751][ T8695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1427'.
[  262.797460][   T28] audit: type=1326 audit(2000000062.439:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  262.818440][ T8664] kmem: usage 2032kB, limit 9007199254740988kB, failcnt 0
[  262.842109][   T28] audit: type=1326 audit(2000000062.489:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  262.878449][ T8664] Memory cgroup stats for /syz2:
[  262.878696][ T8664] cache 16384
[  262.889957][   T28] audit: type=1326 audit(2000000062.489:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  262.923474][ T8664] rss 4096
[  262.933305][   T28] audit: type=1326 audit(2000000062.489:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd2eb4ecbc2 code=0x7ffc0000
[  262.938434][ T8664] shmem 12288
[  262.968559][   T28] audit: type=1326 audit(2000000062.489:6893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd2eb4ecc57 code=0x7ffc0000
[  262.998591][   T28] audit: type=1326 audit(2000000062.489:6894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8688 comm="syz.3.1426" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd2eb4a9b51 code=0x7ffc0000
[  263.135865][ T8700] loop3: detected capacity change from 0 to 512
[  263.196112][ T8700] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  263.208448][ T8664] mapped_file 4096
[  263.231793][ T8700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1429'.
[  263.237525][ T8664] dirty 0
[  263.259582][ T8664] writeback 0
[  263.263097][ T8664] workingset_refault_anon 395
[  263.267925][ T8664] workingset_refault_file 5232
[  263.272767][ T8664] swap 552960
[  263.272835][ T8700] EXT4-fs error (device loop3): ext4_readdir:265: inode #2: block 3: comm syz.3.1429: path /286/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  263.276110][ T8664] swapcached 46714880
[  263.300880][ T8664] pgpgin 279682
[  263.304344][ T8664] pgpgout 279677
[  263.307916][ T8664] pgfault 279964
[  263.311541][ T8664] pgmajfault 292
[  263.315095][ T8664] inactive_anon 0
[  263.318776][ T8664] active_anon 4096
[  263.322732][ T8664] inactive_file 0
[  263.326599][ T8664] active_file 4096
[  263.330425][ T8664] unevictable 12288
[  263.334349][ T8664] hierarchical_memory_limit 314572800
[  263.339732][ T8664] hierarchical_memsw_limit 9223372036854771712
[  263.346028][ T8664] total_cache 16384
[  263.349923][ T8664] total_rss 4096
[  263.353463][ T8664] total_shmem 12288
[  263.357342][ T8664] total_mapped_file 4096
[  263.368868][ T8664] total_dirty 0
[  263.372505][ T8664] total_writeback 0
[  263.376309][ T8664] total_workingset_refault_anon 395
[  263.388457][ T8664] total_workingset_refault_file 5232
[  263.393981][ T8664] total_swap 552960
[  263.397785][ T8664] total_swapcached 46714880
[  263.402305][ T8664] total_pgpgin 279682
[  263.406372][ T8664] total_pgpgout 279677
[  263.410606][ T8664] total_pgfault 279964
[  263.414679][ T8664] total_pgmajfault 292
[  263.419083][ T8664] total_inactive_anon 0
[  263.423266][ T8664] total_active_anon 4096
[  263.427596][ T8664] total_inactive_file 0
[  263.432790][ T8664] total_active_file 4096
[  263.437054][ T8664] total_unevictable 12288
[  263.441686][ T8664] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1417,pid=8659,uid=0
[  263.456560][ T8664] Memory cgroup out of memory: Killed process 8659 (syz.2.1417) total-vm:94168kB, anon-rss:1232kB, file-rss:22416kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  263.509528][ T3302] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  263.605512][ T8723] loop3: detected capacity change from 0 to 512
[  263.639950][ T8725] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1446'.
[  263.669072][ T8725] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1446'.
[  264.034612][ T8743] loop2: detected capacity change from 0 to 512
[  264.545728][ T8743] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  264.570361][ T8743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1441'.
[  264.587891][ T8743] EXT4-fs error (device loop2): ext4_readdir:265: inode #2: block 3: comm syz.2.1441: path /274/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  264.667780][ T3304] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  264.882337][ T8749] loop2: detected capacity change from 0 to 512
[  264.936238][ T8749] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  265.092188][ T8760] loop5: detected capacity change from 0 to 512
[  265.135046][ T8762] loop4: detected capacity change from 0 to 512
[  265.146777][ T8764] FAULT_INJECTION: forcing a failure.
[  265.146777][ T8764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.172302][ T8762] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  265.193732][ T8762] EXT4-fs (loop4): orphan cleanup on readonly fs
[  265.214766][ T8762] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1450: Block bitmap for bg 0 marked uninitialized
[  265.216287][ T8764] CPU: 0 UID: 0 PID: 8764 Comm: syz.5.1451 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  265.216316][ T8764] Tainted: [W]=WARN
[  265.216322][ T8764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  265.216418][ T8764] Call Trace:
[  265.216425][ T8764]  <TASK>
[  265.216433][ T8764]  __dump_stack+0x1d/0x30
[  265.216459][ T8764]  dump_stack_lvl+0x95/0xd0
[  265.216481][ T8764]  dump_stack+0x15/0x1b
[  265.216501][ T8764]  should_fail_ex+0x263/0x280
[  265.216544][ T8764]  should_fail+0xb/0x20
[  265.216569][ T8764]  should_fail_usercopy+0x1a/0x20
[  265.216675][ T8764]  _copy_to_user+0x20/0xa0
[  265.216706][ T8764]  simple_read_from_buffer+0xb5/0x130
[  265.216815][ T8764]  proc_fail_nth_read+0x10e/0x150
[  265.216917][ T8764]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  265.216946][ T8764]  vfs_read+0x1ab/0x7f0
[  265.216973][ T8764]  ? __rcu_read_unlock+0x4e/0x70
[  265.217037][ T8764]  ? __fget_files+0x184/0x1c0
[  265.217058][ T8764]  ? mutex_lock+0x57/0x90
[  265.217083][ T8764]  ksys_read+0xdc/0x1a0
[  265.217111][ T8764]  __x64_sys_read+0x40/0x50
[  265.217163][ T8764]  x64_sys_call+0x2886/0x3020
[  265.217188][ T8764]  do_syscall_64+0x12c/0x3b0
[  265.217234][ T8764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.217288][ T8764] RIP: 0033:0x7fdf73b8d68e
[  265.217364][ T8764] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  265.217382][ T8764] RSP: 002b:00007fdf72626fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  265.217461][ T8764] RAX: ffffffffffffffda RBX: 00007fdf726276c0 RCX: 00007fdf73b8d68e
[  265.217476][ T8764] RDX: 000000000000000f RSI: 00007fdf726270a0 RDI: 0000000000000004
[  265.217490][ T8764] RBP: 00007fdf72627090 R08: 0000000000000000 R09: 0000000000000000
[  265.217504][ T8764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.217573][ T8764] R13: 00007fdf73e46038 R14: 00007fdf73e45fa0 R15: 00007fff4593d278
[  265.217593][ T8764]  </TASK>
[  265.327561][ T8777] loop0: detected capacity change from 0 to 512
[  265.342402][ T8762] loop4: lost filesystem error report for type 5 error -117
[  265.410611][ T8777] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  265.418423][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  265.442295][ T8777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1454'.
[  265.454634][    C1] EXT4-fs (loop4): initial error at time 2000000065: ext4_read_block_bitmap_nowait:517
[  265.454665][    C1] EXT4-fs (loop4): last error at time 2000000065: ext4_read_block_bitmap_nowait:517
[  265.470417][ T8777] EXT4-fs error (device loop0): ext4_readdir:265: inode #2: block 3: comm syz.0.1454: path /301/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  265.479579][    C1] 
[  265.480294][ T8762] EXT4-fs (loop4): Remounting filesystem read-only
[  265.546332][ T3303] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  265.563569][ T8762] EXT4-fs (loop4): 1 orphan inode deleted
[  265.577194][ T8762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  265.621434][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.691574][ T8796] loop5: detected capacity change from 0 to 512
[  265.720523][ T8794] loop0: detected capacity change from 0 to 512
[  265.741476][ T8797] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1461'.
[  265.803700][ T8797] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1461'.
[  265.827119][ T8797] 8021q: VLANs not supported on gre0
[  265.953983][ T8809] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  266.004801][ T8813] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  266.047608][ T8813] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1469'.
[  266.075065][ T8813] EXT4-fs error (device loop4): ext4_readdir:265: inode #2: block 3: comm syz.4.1469: path /305/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  266.207341][ T3300] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  266.335228][ T8830] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  266.782674][ T8809] syz.2.1467 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  266.799278][ T8809] CPU: 1 UID: 0 PID: 8809 Comm: syz.2.1467 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  266.799433][ T8809] Tainted: [W]=WARN
[  266.799444][ T8809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  266.799460][ T8809] Call Trace:
[  266.799468][ T8809]  <TASK>
[  266.799478][ T8809]  __dump_stack+0x1d/0x30
[  266.799511][ T8809]  dump_stack_lvl+0x95/0xd0
[  266.799554][ T8809]  dump_stack+0x15/0x1b
[  266.799575][ T8809]  dump_header+0x80/0x240
[  266.799660][ T8809]  oom_kill_process+0x295/0x350
[  266.799699][ T8809]  out_of_memory+0x97d/0xb80
[  266.799735][ T8809]  try_charge_memcg+0x62f/0xa10
[  266.799777][ T8809]  __memcg_kmem_charge_page+0x1ce/0x3d0
[  266.799857][ T8809]  __alloc_frozen_pages_noprof+0x18a/0x350
[  266.799886][ T8809]  alloc_pages_mpol+0xb3/0x260
[  266.799917][ T8809]  alloc_pages_noprof+0x8f/0x140
[  266.799946][ T8809]  __vmalloc_node_range_noprof+0xaed/0x11c0
[  266.800021][ T8809]  __kvmalloc_node_noprof+0x3d4/0x640
[  266.800045][ T8809]  ? futex_hash_allocate+0x190/0x9a0
[  266.800081][ T8809]  ? futex_hash_allocate+0x190/0x9a0
[  266.800151][ T8809]  futex_hash_allocate+0x190/0x9a0
[  266.800186][ T8809]  ? cap_task_prctl+0x13f/0x6b0
[  266.800266][ T8809]  futex_hash_prctl+0xd8/0xf0
[  266.800299][ T8809]  __se_sys_prctl+0x4f4/0x1400
[  266.800330][ T8809]  __x64_sys_prctl+0x67/0x80
[  266.800389][ T8809]  x64_sys_call+0x2533/0x3020
[  266.800479][ T8809]  do_syscall_64+0x12c/0x3b0
[  266.800519][ T8809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.800556][ T8809] RIP: 0033:0x7f94e668ce59
[  266.800573][ T8809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  266.800591][ T8809] RSP: 002b:00007f94e50df028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  266.800612][ T8809] RAX: ffffffffffffffda RBX: 00007f94e6905fa0 RCX: 00007f94e668ce59
[  266.800628][ T8809] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e
[  266.800700][ T8809] RBP: 00007f94e6722d6f R08: 0000000000000000 R09: 0000000000000000
[  266.800716][ T8809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  266.800732][ T8809] R13: 00007f94e6906038 R14: 00007f94e6905fa0 R15: 00007fff20c05aa8
[  266.800754][ T8809]  </TASK>
[  266.800808][ T8809] memory: usage 307200kB, limit 307200kB, failcnt 3906
[  267.039816][ T8809] memory+swap: usage 307732kB, limit 9007199254740988kB, failcnt 0
[  267.047734][ T8809] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  267.055084][ T8809] Memory cgroup stats for /syz2:
[  267.055341][ T8809] cache 12288
[  267.064172][ T8809] rss 0
[  267.066923][ T8809] shmem 12288
[  267.070249][ T8809] mapped_file 0
[  267.073785][ T8809] dirty 0
[  267.076715][ T8809] writeback 0
[  267.080034][ T8809] workingset_refault_anon 466
[  267.084763][ T8809] workingset_refault_file 6361
[  267.090688][ T8809] swap 544768
[  267.445843][ T8851] set_capacity_and_notify: 5 callbacks suppressed
[  267.446059][ T8851] loop4: detected capacity change from 0 to 512
[  267.676516][ T8851] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  267.800692][ T8851] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1482'.
[  267.834744][ T8851] EXT4-fs error (device loop4): ext4_readdir:265: inode #2: block 3: comm syz.4.1482: path /308/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[  268.043411][ T8809] swapcached 47157248
[  268.047471][ T8809] pgpgin 282557
[  268.051615][ T8809] pgpgout 282551
[  268.055382][ T8809] pgfault 282202
[  268.059527][ T8809] pgmajfault 333
[  268.063617][ T8809] inactive_anon 12288
[  268.063761][ T3300] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  268.067877][ T8809] active_anon 0
[  268.081754][ T8809] inactive_file 0
[  268.085764][ T8809] active_file 0
[  268.089594][ T8809] unevictable 12288
[  268.192246][ T8809] hierarchical_memory_limit 314572800
[  268.197731][ T8809] hierarchical_memsw_limit 9223372036854771712
[  268.204527][ T8809] total_cache 12288
[  268.208831][ T8809] total_rss 0
[  268.212552][ T8809] total_shmem 12288
[  268.342288][ T8809] total_mapped_file 0
[  268.346334][ T8809] total_dirty 0
[  268.349977][ T8809] total_writeback 0
[  268.354032][ T8809] total_workingset_refault_anon 466
[  268.359590][ T8809] total_workingset_refault_file 6361
[  268.364960][ T8809] total_swap 544768
[  268.368945][ T8809] total_swapcached 47157248
[  268.373499][ T8809] total_pgpgin 282557
[  268.377609][ T8809] total_pgpgout 282551
[  268.381940][ T8809] total_pgfault 282202
[  268.386055][ T8809] total_pgmajfault 333
[  268.870487][ T8809] total_inactive_anon 12288
[  268.875255][ T8809] total_active_anon 0
[  268.880384][ T8809] total_inactive_file 0
[  268.884672][ T8809] total_active_file 0
[  268.905468][ T8809] total_unevictable 12288
[  268.920161][ T8809] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1467,pid=8808,uid=0
[  268.992925][   T28] kauditd_printk_skb: 220 callbacks suppressed
[  268.992947][   T28] audit: type=1400 audit(2000000069.039:7115): avc:  denied  { write } for  pid=8868 comm="syz.5.1486" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  269.036528][ T8809] Memory cgroup out of memory: Killed process 8808 (syz.2.1467) total-vm:96216kB, anon-rss:1232kB, file-rss:22520kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  270.091410][   T28] audit: type=1326 audit(2000000069.219:7116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  270.139406][   T28] audit: type=1326 audit(2000000069.219:7117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  270.708710][ T8895] loop2: detected capacity change from 0 to 512
[  270.733126][ T8895] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  271.141554][   T28] audit: type=1326 audit(2000000069.219:7118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  271.662388][   T28] audit: type=1326 audit(2000000069.219:7119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  271.714963][   T28] audit: type=1326 audit(2000000069.219:7120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  271.776459][   T28] audit: type=1326 audit(2000000069.219:7121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  272.096119][   T28] audit: type=1326 audit(2000000069.219:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  273.099924][   T28] audit: type=1326 audit(2000000069.219:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  273.918459][   T28] audit: type=1326 audit(2000000069.219:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8875 comm="syz.5.1488" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf73bcce59 code=0x7ffc0000
[  274.693620][ T8914] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1501'.
[  274.705672][ T8914] loop5: detected capacity change from 0 to 512
[  274.713628][ T8914] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  274.740277][ T8914] EXT4-fs (loop5): 1 truncate cleaned up
[  274.746344][ T8916] loop4: detected capacity change from 0 to 512
[  274.752970][ T8916] EXT4-fs: Ignoring removed bh option
[  274.759180][ T8914] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.802379][ T6055] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.817434][   T28] kauditd_printk_skb: 58 callbacks suppressed
[  274.817450][   T28] audit: type=1326 audit(2000000074.869:7183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  274.849823][ T8916] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  274.854988][ T8930] loop2: detected capacity change from 0 to 512
[  274.862202][   T28] audit: type=1326 audit(2000000074.869:7184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  274.893924][   T28] audit: type=1326 audit(2000000074.869:7185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  274.920197][   T28] audit: type=1326 audit(2000000074.869:7186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  274.946329][   T28] audit: type=1326 audit(2000000074.869:7187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  274.973006][   T28] audit: type=1326 audit(2000000074.869:7188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  275.008856][   T28] audit: type=1326 audit(2000000075.069:7189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  275.016735][ T8930] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  275.034566][   T28] audit: type=1326 audit(2000000075.069:7190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  275.035817][ T8916] EXT4-fs (loop4): 1 truncate cleaned up
[  275.112384][   T28] audit: type=1326 audit(2000000075.169:7191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  275.182783][ T8916] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.195879][   T28] audit: type=1326 audit(2000000075.169:7192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8927 comm="syz.0.1506" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x0
[  275.350264][ T8932] loop0: detected capacity change from 0 to 8192
[  275.395047][ T8932]  loop0: p2 p3
[  275.395724][ T8932] loop0: p3 start 117440512 is beyond EOD, truncated
[  276.030798][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.723778][ T9005] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  277.730318][ T9005] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  277.737857][ T9005] vhci_hcd vhci_hcd.0: Device attached
[  277.745259][ T9005] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(5)
[  277.751768][ T9005] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  277.768357][ T9005] vhci_hcd vhci_hcd.0: Device attached
[  277.827203][ T9010] loop3: detected capacity change from 0 to 128
[  277.858453][ T9010] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  277.884825][ T9010] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.978469][ T7512] usb 7-1: new low-speed USB device number 2 using vhci_hcd
[  277.996094][ T9018] FAULT_INJECTION: forcing a failure.
[  277.996094][ T9018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.010151][ T9018] CPU: 1 UID: 0 PID: 9018 Comm: syz.4.1534 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  278.010183][ T9018] Tainted: [W]=WARN
[  278.010191][ T9018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  278.010205][ T9018] Call Trace:
[  278.010211][ T9018]  <TASK>
[  278.010218][ T9018]  __dump_stack+0x1d/0x30
[  278.010240][ T9018]  dump_stack_lvl+0x95/0xd0
[  278.010333][ T9018]  dump_stack+0x15/0x1b
[  278.010350][ T9018]  should_fail_ex+0x263/0x280
[  278.010376][ T9018]  should_fail+0xb/0x20
[  278.010422][ T9018]  should_fail_usercopy+0x1a/0x20
[  278.010455][ T9018]  _copy_from_user+0x1c/0xb0
[  278.010539][ T9018]  br_dev_siocdevprivate+0x82/0xf40
[  278.010569][ T9018]  ? full_name_hash+0x92/0xe0
[  278.010590][ T9018]  dev_ifsioc+0x8e6/0xfd0
[  278.010617][ T9018]  dev_ioctl+0x78c/0x960
[  278.010724][ T9018]  sock_ioctl+0x593/0x610
[  278.010750][ T9018]  ? __pfx_sock_ioctl+0x10/0x10
[  278.010775][ T9018]  __se_sys_ioctl+0xce/0x140
[  278.010853][ T9018]  __x64_sys_ioctl+0x43/0x50
[  278.010957][ T9018]  x64_sys_call+0x1563/0x3020
[  278.010985][ T9018]  do_syscall_64+0x12c/0x3b0
[  278.011013][ T9018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.011049][ T9018] RIP: 0033:0x7f3505c5ce59
[  278.011067][ T9018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  278.011086][ T9018] RSP: 002b:00007f35046af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  278.011109][ T9018] RAX: ffffffffffffffda RBX: 00007f3505ed5fa0 RCX: 00007f3505c5ce59
[  278.011123][ T9018] RDX: 0000200000000180 RSI: 00000000000089f0 RDI: 000000000000001a
[  278.011193][ T9018] RBP: 00007f35046af090 R08: 0000000000000000 R09: 0000000000000000
[  278.011205][ T9018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.011217][ T9018] R13: 00007f3505ed6038 R14: 00007f3505ed5fa0 R15: 00007ffd58c4b978
[  278.011234][ T9018]  </TASK>
[  278.207857][ T9022] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(14)
[  278.214551][ T9022] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  278.308609][ T9029] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(20)
[  278.315234][ T9029] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  278.322535][ T9022] vhci_hcd vhci_hcd.0: Device attached
[  278.324356][ T9027] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(17)
[  278.334935][ T9027] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  278.349670][ T9029] vhci_hcd vhci_hcd.0: Device attached
[  278.355242][ T9027] vhci_hcd vhci_hcd.0: Device attached
[  278.557591][ T9030] vhci_hcd: connection closed
[  278.559230][ T9006] vhci_hcd: connection reset by peer
[  278.569520][ T9008] vhci_hcd: connection closed
[  278.569988][ T4949] vhci_hcd vhci_hcd.3: stop threads
[  278.580102][ T9028] vhci_hcd: connection closed
[  278.580972][ T4949] vhci_hcd vhci_hcd.3: release socket
[  278.592985][ T9023] vhci_hcd: connection closed
[  278.593461][ T4949] vhci_hcd vhci_hcd.3: disconnect device
[  279.339308][ T4949] vhci_hcd vhci_hcd.3: stop threads
[  279.344593][ T4949] vhci_hcd vhci_hcd.3: release socket
[  279.350278][ T4949] vhci_hcd vhci_hcd.3: disconnect device
[  279.378527][ T4949] vhci_hcd vhci_hcd.3: stop threads
[  280.217259][ T4949] vhci_hcd vhci_hcd.3: release socket
[  280.222967][ T4949] vhci_hcd vhci_hcd.3: disconnect device
[  280.242786][ T4949] vhci_hcd vhci_hcd.3: stop threads
[  280.250937][ T4949] vhci_hcd vhci_hcd.3: release socket
[  280.256647][ T4949] vhci_hcd vhci_hcd.3: disconnect device
[  280.263121][ T4949] vhci_hcd vhci_hcd.3: stop threads
[  280.269789][   T28] kauditd_printk_skb: 191 callbacks suppressed
[  280.269804][   T28] audit: type=1326 audit(2000000080.329:7384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.301250][ T4949] vhci_hcd vhci_hcd.3: release socket
[  280.307839][ T4949] vhci_hcd vhci_hcd.3: disconnect device
[  280.310849][ T3302] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  280.335463][   T28] audit: type=1326 audit(2000000080.329:7385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.374198][   T28] audit: type=1326 audit(2000000080.369:7386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.402205][   T28] audit: type=1326 audit(2000000080.369:7387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.443857][   T28] audit: type=1326 audit(2000000080.369:7388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.443884][   T28] audit: type=1326 audit(2000000080.369:7389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.443953][   T28] audit: type=1326 audit(2000000080.369:7390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.443987][   T28] audit: type=1326 audit(2000000080.369:7391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.444065][   T28] audit: type=1326 audit(2000000080.369:7392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  280.444095][   T28] audit: type=1326 audit(2000000080.369:7393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9040 comm="syz.0.1538" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f1a03eece59 code=0x7ffc0000
[  281.643632][ T9100] loop2: detected capacity change from 0 to 256
[  281.823630][ T9111] loop3: detected capacity change from 0 to 512
[  281.950761][ T9111] loop3: detected capacity change from 0 to 512
[  282.055596][ T9111] EXT4-fs error (device loop3): ext4_quota_enable:7221: comm syz.3.1558: Bad quota inum: 1, type: 2
[  282.066411][ T9111] loop3: lost filesystem error report for type 5 error -117
[  282.066759][ T9111] EXT4-fs warning (device loop3): ext4_enable_quotas:7269: Failed to enable quota tracking (type=2, err=-117, ino=1). Please run e2fsck to fix.
[  282.067141][ T9111] EXT4-fs (loop3): mount failed
[  282.353297][ T9139] netlink: 'syz.4.1564': attribute type 17 has an invalid length.
[  282.361261][ T9139] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1564'.
[  282.372067][ T9139] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  283.008454][ T7512] usb 7-1: enqueue for inactive port 0
[  283.015549][ T7512] usb 7-1: enqueue for inactive port 0
[  283.105280][ T7512] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  283.113894][ T9153] loop4: detected capacity change from 0 to 512
[  283.133860][ T9153] EXT4-fs: Ignoring removed nobh option
[  283.147021][ T9153] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  283.170750][ T9153] EXT4-fs (loop4): 1 truncate cleaned up
[  283.182627][ T9153] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.435234][ T9164] netlink: 'syz.4.1572': attribute type 7 has an invalid length.
[  283.484196][ T9164] netlink: 'syz.4.1572': attribute type 7 has an invalid length.
[  283.500531][ T4949] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  283.510327][ T4949] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  283.519910][ T4949] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  283.532685][ T4949] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  285.000702][ T9182] loop2: detected capacity change from 0 to 1024
[  285.021655][ T9182] EXT4-fs: Ignoring removed bh option
[  285.053409][ T9182] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  285.554268][ T9173] loop0: detected capacity change from 0 to 512
[  285.669364][   T28] kauditd_printk_skb: 367 callbacks suppressed
[  285.669391][   T28] audit: type=1400 audit(2000000085.729:7761): avc:  denied  { mounton } for  pid=9171 comm="syz.0.1579" path="/file0" dev="autofs" ino=23710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  285.821966][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  285.833203][ T9173] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.846115][ T9173] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.857775][ T9173] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.761968][ T9211] loop5: detected capacity change from 0 to 4096
[  286.794815][ T9211] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.953577][   T28] audit: type=1400 audit(2000000087.009:7762): avc:  denied  { write } for  pid=9210 comm="syz.5.1592" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  286.989433][   T28] audit: type=1400 audit(2000000087.049:7763): avc:  denied  { create } for  pid=9218 comm="syz.3.1594" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  287.011764][   T28] audit: type=1400 audit(2000000087.049:7764): avc:  denied  { map } for  pid=9218 comm="syz.3.1594" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=23030 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  287.089872][   T28] audit: type=1400 audit(2000000087.049:7765): avc:  denied  { read write } for  pid=9218 comm="syz.3.1594" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=23030 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  287.102060][ T6055] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.116003][   T28] audit: type=1326 audit(2000000087.049:7766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz.3.1594" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  287.124804][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.182176][   T28] audit: type=1326 audit(2000000087.049:7767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz.3.1594" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  287.207687][   T28] audit: type=1326 audit(2000000087.049:7768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz.3.1594" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  288.183644][   T28] audit: type=1326 audit(2000000087.049:7769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz.3.1594" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000
[  288.225604][ T2985] ==================================================================
[  288.233717][ T2985] BUG: KCSAN: data-race in dont_mount / lookup_fast
[  288.240327][ T2985] 
[  288.242650][ T2985] read-write to 0xffff8881005039c0 of 4 bytes by task 3692 on cpu 0:
[  288.250711][ T2985]  dont_mount+0x2a/0x40
[  288.254883][ T2985]  vfs_unlink+0x206/0x490
[  288.259221][ T2985]  filename_unlinkat+0x1e2/0x410
[  288.264173][ T2985]  __se_sys_unlink+0x2b/0xe0
[  288.268765][ T2985]  __x64_sys_unlink+0x1f/0x30
[  288.273461][ T2985]  x64_sys_call+0x2eb6/0x3020
[  288.278147][ T2985]  do_syscall_64+0x12c/0x3b0
[  288.282740][ T2985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.288627][ T2985] 
[  288.290940][ T2985] read to 0xffff8881005039c0 of 4 bytes by task 2985 on cpu 1:
[  288.298471][ T2985]  lookup_fast+0xf0/0x320
[  288.302801][ T2985]  path_lookupat+0x15c/0x500
[  288.307388][ T2985]  filename_lookup+0x190/0x390
[  288.312142][ T2985]  do_readlinkat+0x74/0x2f0
[  288.316640][ T2985]  __x64_sys_readlink+0x47/0x60
[  288.321498][ T2985]  x64_sys_call+0x2b51/0x3020
[  288.326176][ T2985]  do_syscall_64+0x12c/0x3b0
[  288.330766][ T2985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.336664][ T2985] 
[  288.338973][ T2985] value changed: 0x00300080 -> 0x00004080
[  288.344674][ T2985] 
[  288.346987][ T2985] Reported by Kernel Concurrency Sanitizer on:
[  288.353131][ T2985] CPU: 1 UID: 0 PID: 2985 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  288.363536][ T2985] Tainted: [W]=WARN
[  288.367324][ T2985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  288.377364][ T2985] ==================================================================
[  288.492211][   T28] audit: type=1326 audit(2000000087.049:7770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz.3.1594" exe="/root/ci2-upstream-kcsan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2eb4ece59 code=0x7ffc0000