last executing test programs:

6m37.293176707s ago: executing program 1 (id=8387):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000001100001200701aa67fb093bab500d8e047ba7f1113bd2307a17c916627490fd69f761bffe51a0c605ab6344d9ec0c1cbe0668efe4d4727d11d5249d3650921562338be6de711e890846cf631402e9fea747ba38397ac", @ANYRES64, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x74}, 0x94)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
socket$inet6(0xa, 0x5, 0x0)
setuid(0xee01)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @private2}, 0x1c)
socket$inet6(0xa, 0x5, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059", @ANYBLOB="ea23b2b12c61018f1b1798d4f1129ec04d1781b516b047f349dfb538437a1cd37e29c6c5ba7334dea90384f6b43b6bbad93546d398fa394d29afa9327bf2bf2710ce7e8600d8cd29089c2be7e3a95a9114d5e2974333a806878f016f895011fffe3a6bdf715c4081bf3e57f51fb6604ba9fe465e21bf9dc034f4ac8a8b2b6336a6d83d9d8a33bdeee6d5d1c60f", @ANYRES8, @ANYRES16, @ANYRES64=r2], 0x0, 0xfffffffc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
socket$inet(0x2, 0x2, 0x1)
ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000000)={'veth1_to_batadv\x00'})

6m36.96514399s ago: executing program 1 (id=8391):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x5, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x4, 0x311680)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000180)={'ip6_vti0\x00', <r1=>0x0, 0x29, 0xa, 0x3, 0x3, 0x2, @mcast2, @ipv4={'\x00', '\xff\xff', @loopback}, 0x700, 0x8, 0x8, 0x3}})
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x26048200}, 0xc, &(0x7f0000000240)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="ac0100001600000427bd7000fbdbdf2564010101000000000000000000000000640101020000000000000000000000004e2300094e2300030a00000011000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="7f000001000000000000000000000000000004d6ff000000fe8000000000000000000000000000bb000000000000000008000000000000000700000000000000050000000000000002000000000000000000000000000100ec0100000000000040000000000000009b0f000000000000070000000000000000800000000000000200000000000000f0ffffff02000000000000402dbd7000033500000a00038e2b0000000000000001000000ff00000008001e00fdffffff0a001000000000000000000089000800850008a6ab3463bfacd2c31a296738623dc70000407d0043cc99d1a042450a72898327df6aa3d3626d2e5710be9560047768042ecb932ca053b89b07902820f8e6595736d3bec465fd84549226378744c5c0586264db11e92a4fe8c85c1b7aed53d141041ea4a12a765d48ebd32c358ab484a2da9eade7c11e3e8daba19f8d875cb45928548d247a0d45bac1c7adb160bc05397a00000014000e0000000000000000000000000000000001"], 0x1ac}, 0x1, 0x0, 0x0, 0x889}, 0x20004054)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_clone3(&(0x7f0000000300)={0x23800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
write$tun(0xffffffffffffffff, &(0x7f00000003c0)={@val={0x0, 0x86dd}, @val={0x0, 0x4, 0xe, 0x7, 0x0, 0x8000}, @ipv4=@udp={{0x5, 0x4, 0x2, 0x1e, 0x92, 0x66, 0x0, 0x4, 0x11, 0x0, @broadcast, @local}, {0x4e24, 0x4e21, 0x7e, 0x0, @gue={{0x1, 0x0, 0x0, 0x6, 0x0, @void}, "4e2236dec428f0824526d4464a3893349d2da471656f29038215d47ae8e887170398c48105aaa94c58894ba6bacd062b3c308f9372ffd56f00988aede6510154db9cc566779fb4ee395823ab42cc4acb7ba2b993b327a9f589c90474d0ce58aa75a396fe62b7e204694192b2101c60693cc4"}}}}, 0xa0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000380), 0x1, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x86, 0x81, 0xfffff038}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x9}]}, 0x10)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f00000002c0))
bind$can_raw(r4, &(0x7f0000000000)={0x1d, r5}, 0x10)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r4, &(0x7f0000000080), 0x10)

6m36.611149625s ago: executing program 1 (id=8396):
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000003c0)=@IORING_OP_CONNECT={0x10, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
unshare(0x2a020400)
io_uring_enter(r1, 0x26c3, 0xdffffffb, 0x4c, 0x0, 0x0)

6m36.579389468s ago: executing program 1 (id=8397):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000019240)=@IORING_OP_SENDMSG={0x9, 0xc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(0xffffffffffffffff, 0x92, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000e40)='./file2\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="31832abd70000000000019000000180001801400020065727370616e30"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x7, &(0x7f0000000440))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000019480)={&(0x7f0000019200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000019440)={&(0x7f00000009c0)={0x140, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}}, {@pci={{0x27}, {0x11}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}]}, 0x140}, 0x1, 0x0, 0x0, 0x880}, 0x20000800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000019280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000194c0)=ANY=[@ANYRES8=0x0, @ANYRES16=r0, @ANYRES8, @ANYRES16], 0x64}}, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = gettid()
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x16, 0x0, @tid=r7})
timer_settime(r6, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$cgroup_ro(r4, &(0x7f0000000380)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
dup(0xffffffffffffffff)
chmod(&(0x7f0000000000)='./file0\x00', 0x60)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)

6m36.284776038s ago: executing program 1 (id=8404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000009e40)=ANY=[@ANYBLOB="380000001a000100000000000000000081808000000000000000000014000100fc00000000000000000000000000000008000f"], 0x38}}, 0x0)
shutdown(r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r5=>0x0})
connect$can_bcm(r4, &(0x7f00000000c0)={0x1d, r5}, 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0xfffffffffffffff2)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)

6m36.158470401s ago: executing program 1 (id=8405):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})

6m36.139341302s ago: executing program 32 (id=8405):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})

2m49.806795943s ago: executing program 5 (id=12240):
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b706000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000000580)={0x8004000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0xf}, &(0x7f0000000340)=""/197, 0xc5, &(0x7f0000000640)=""/216, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x9}, 0x58)
r1 = socket$kcm(0x10, 0x2, 0x10)
recvmmsg(r1, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000004c0)=""/4092, 0xffc}, {0x0}], 0x2}, 0xffffffff}, {{0x0, 0x0, 0x0}, 0x73a0}, {{&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000180)=""/125, 0x7d}], 0x1, &(0x7f00000014c0)=""/122, 0x7a}, 0x1}], 0x3, 0x42, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

2m49.662871238s ago: executing program 5 (id=12242):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000000000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=rd'])

2m49.575746906s ago: executing program 5 (id=12245):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@mpls_delroute={0x1c, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)

2m49.522033642s ago: executing program 5 (id=12247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='fib6_table_lookup\x00', r3}, 0x18)
r4 = shmget$private(0x0, 0x8000, 0x10, &(0x7f0000ff5000/0x8000)=nil)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{0x0}], 0x1}}], 0x48}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
shmctl$SHM_LOCK(r4, 0xb)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x9, &(0x7f00000002c0), 0x4, 0x50e, &(0x7f0000000e40)="$eJzs3c1vVF8ZAOD33nZoKYUBZaFGBRFFQ5h+AA1hI2w0hpCYEOPCBdR2aJrOME2nRFpJbJfuSSRxpX+COxcmrFy4c6c7N7gwQSUSauJizL0zbQf6Kf2YXzvPk9zee84Z5j1nhnPO3APTE0DXuhgRSxFxIiIeRUSxlZ+0jrjTPLLHvX/7fGLl7fOJJBqNB/9M8vIsL9r+TOZU6zn7fx4R34v4SbIxbn1hcWa8UinPtdJD89XZofrC4rXptJUzOjYyNnzr+s3RfWvrhepv33x3+t4Pf/+7r7z+09K3f5ZVa/AXp/Oy9nbsp2bTCzHYltcbEfcOIliH9Lb+/nD0ZL3tcxFxKe//xejJ300A4DhrNIrRKLanAYDjLrv/H4wkLbXWAgYjTUul5hre+RhIK7X6/NVi7emTycjXsM5GIX08XSkPt9YKz0YhydIj+fV6evSD9Ivy9Yg4FxEv+k7m5aWJWmWykx98AKCLnfpo/n/X15z/t/fucCoHAByc/k5XAAA4dOZ/AOg+5n8A6D7/x/zv24EAcEy4/weA7mP+B4Dus+P8v3w49QAADsUP7t/PjsZK8/dfr/6m7muT5fpMqfp0ojRRm5stTdVqU5VyaaLR2On5KrXa7MiNtWR9YfFhtfb0yfzD6er4VPlhuXCQjQEAduXchVd/ySb9pdsn8yPa9nIwV8Pxlna6AkDH9HS6AkDH+D4PdK9d3ONbBoBjbpMtej+w5X8RemnzVziqrnzR+j90q72s/1s7gKPt09b/v7Pv9QAOnzkculejkdjzHwC6jDV+YE///g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdajA/krSU7wW+lP1MS6WI0xFxNgrJ4+lKeTgizkTEn/sKfVl6pNOVBgD2KP170tr/60rx8mB7STEiTiT/6cuuT0TET3/14JfPxufn50ay/H+t5c+/bOUnjU41AgBYdWdjVj5Pj7bObTfy798+n1g9DrOKb+42NxfN4q60jmZJb/Tm5/4oRMTAv5NWuin7vNKzD/GXliPiC+vtf9YWYTBfA2nufPpx/Cz26QOIv/76fxw//SB+mpdl50L+Wnx+H+oC3ebV3eY42ep7WRdr9b80Lubnzft/fz5C7V02/mVjycqG8S9dG/96NsRP8j5/cS29fU3e3PjD9zdkNorNsuWIL/VuFj9Zi59sPv4WLu8ufPz1y1+9tFVZ49cRVzZt/+qO1NV8mB2ar84O1RcWr01Xx6fKU+Uno6NjI2PDt67fHB3K16ibP/+4WYx/3L56ZsvXZjliYIv4/du3P76xfbPX/Oa/j378tW3if+vrm7//57eJn82J39xl/PGBO1tu353Fn1xtf6G9ZMf3P67uFDhtnl7/bXFyl1UFAA5BfWFxZrxSKc/tcJF91tzpMS6O5kUsRezXE+aLEhHxWWhXl1ykse1jfvSJPbfTIxNw0NY7fadrAgAAAAAAAAAAAAAAbKW+sDjTd8Df1up0GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi+/hcAAP//G4rEcQ==")
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x29, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d08007b490d4f1e81f8d815000100ff05142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f0000001500)=0x10)
syz_read_part_table(0x1054, &(0x7f0000000000)="$eJzsz8EJwkAQBdC/2aCkC5uwEAUrsAivXmzGLrxYgd2IRDZB0AbUw3uHgT/DftjwU31yWSTZ1JbKY1qWadasurd4renasswxxzbGceg/C6drOdyGU6vNkOXrMt5re7+fu5Ptutudv/BFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh7zwAAAP//llkLfw==")

2m48.54180133s ago: executing program 5 (id=12260):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=rd'])

2m48.098412854s ago: executing program 5 (id=12274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000009e40)=ANY=[@ANYBLOB="380000001a000100000000000000000081808000000000000000000014000100fc00000000000000000000000000000008000f"], 0x38}}, 0x0)
shutdown(r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
socket$unix(0x1, 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0xfffffffffffffff2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r7}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r6}, 0x10)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KDSKBENT(r8, 0x4b47, &(0x7f0000000640)={0x0, 0x8, 0x1095})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f00000004c0)={'gre0\x00', &(0x7f00000003c0)={'erspan0\x00', 0x0, 0x8, 0x10, 0x7, 0x0, {{0x16, 0x4, 0x3, 0x8, 0x58, 0x67, 0x0, 0x1, 0x16, 0x0, @dev={0xac, 0x14, 0x14, 0x7}, @broadcast, {[@timestamp_addr={0x44, 0x44, 0xe, 0x1, 0x4, [{@local, 0x8}, {@rand_addr=0x64010101, 0x5}, {@empty, 0x10}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1ff}, {@loopback, 0x1}, {@empty}, {@broadcast, 0xe}, {@empty}]}]}}}}})
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r11}, 0x18)
r12 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000180)={'bond0\x00', <r13=>0x0})
sendmsg$nl_xfrm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000010001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r13], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

2m48.088589145s ago: executing program 33 (id=12274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000009e40)=ANY=[@ANYBLOB="380000001a000100000000000000000081808000000000000000000014000100fc00000000000000000000000000000008000f"], 0x38}}, 0x0)
shutdown(r2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
socket$unix(0x1, 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0xfffffffffffffff2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r7}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r6}, 0x10)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KDSKBENT(r8, 0x4b47, &(0x7f0000000640)={0x0, 0x8, 0x1095})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f00000004c0)={'gre0\x00', &(0x7f00000003c0)={'erspan0\x00', 0x0, 0x8, 0x10, 0x7, 0x0, {{0x16, 0x4, 0x3, 0x8, 0x58, 0x67, 0x0, 0x1, 0x16, 0x0, @dev={0xac, 0x14, 0x14, 0x7}, @broadcast, {[@timestamp_addr={0x44, 0x44, 0xe, 0x1, 0x4, [{@local, 0x8}, {@rand_addr=0x64010101, 0x5}, {@empty, 0x10}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1ff}, {@loopback, 0x1}, {@empty}, {@broadcast, 0xe}, {@empty}]}]}}}}})
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r11}, 0x18)
r12 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000180)={'bond0\x00', <r13=>0x0})
sendmsg$nl_xfrm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000010001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r13], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.682773792s ago: executing program 6 (id=15051):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000e40)='./file2\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r3, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
fcntl$lock(r3, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x90})
syz_clone3(&(0x7f00000007c0)={0x1000400, 0x0, 0x0, 0x0, {0x26}, &(0x7f0000000580)=""/255, 0xff, 0x0, 0x0}, 0x58)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x0)

2.671047713s ago: executing program 4 (id=15052):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095", @ANYRES64], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
write$cgroup_int(r1, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40088a01, &(0x7f0000002200)=0xc0100100)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xa, &(0x7f0000000440)=ANY=[@ANYRESDEC=r4, @ANYRES32, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)

2.061890863s ago: executing program 2 (id=15060):
io_setup(0x9, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10)
io_submit(0x0, 0x0, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, 0x0, 0x20400, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8, 0x3}}, './file0/file0\x00'})
renameat2(0xffffffffffffffff, &(0x7f0000000000)='./file0/file0\x00', 0xffffffffffffff9c, 0x0, 0x2)
socket$inet(0x2, 0x80001, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x5, 0x10}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000040))

2.028418017s ago: executing program 2 (id=15062):
r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0xc, &(0x7f0000000d00)=ANY=[@ANYBLOB="18000000000000000000000000001d001811", @ANYRESOCT, @ANYRES32=r0], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x31}, 0x94)
r1 = fsopen(&(0x7f0000000440)='iso9660\x00', 0x1)
ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000007c0)='\xd5@=\b\a:\x993\x00', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\b', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000380)='\xbd\x10\xe2\n\xc4\xa8\xa8?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^\xda\xc8', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000140)='\x00', 0x0)
close(r1)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
r2 = perf_event_open$cgroup(&(0x7f0000000700)={0x6, 0x80, 0x3, 0x6, 0x5, 0x1, 0x0, 0x5, 0x112, 0x9, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x10220, 0x2, 0x8, 0x4, 0xfff, 0x0, 0xd, 0x0, 0x3, 0x0, 0x3}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000080)=0xdd3)
close(r3)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1f00000000000000000000000020000004000000", @ANYRES32, @ANYBLOB="00000000000000000000000c76da11d6d327226cede0d9c5a8b89fc5f04de56d4b32a6aab5beac7793095fc15ab24fb14d9164e1d4cd9262b7f5ace46d1f774a6496402c94038930717bbcd93ed3", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0xe60c, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0x8, 0x4}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x400, 0x3, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x6}, &(0x7f0000000400)=0x7, 0x0, 0xf, 0x4, 0x8000000006, 0xfffffffffffffffa, 0x22, 0x5}}], 0x58, 0x8000}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

1.922205338s ago: executing program 0 (id=15063):
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x25, 0x5, 0x0)
socket$phonet(0x23, 0x2, 0x1)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073797a"], 0xc8}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x2, &(0x7f0000000840)={[{@hide}, {@map_normal, 0x0}, {}, {@showassoc}, {@map_off}, {@session={'session', 0x3d, 0xa}, 0x41}, {@session={'session', 0x3d, 0x23}}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@block={'block', 0x3d, 0x400}}, {@gid}, {@showassoc}, {@unhide}, {@gid}, {@session={'session', 0x3d, 0x16}}, {@map_normal}, {@check_strict}, {@dmode={'dmode', 0x3d, 0xc82}}, {@showassoc}]}, 0x2, 0x6a0, &(0x7f0000000a40)="$eJzs3V1rG+n5x/HfyLIte/+E5d8SQnCSO0kXHJoqI3njYFLoqqORPa2kETNysaGwpBt7CZGzbZJC45OtT/oA2zfQs570oC+i0ON9Fz0pLSztWaE9mDIPeoqeol0l2d18P2ZXo3uumfuauRVdjK25JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIMup2nbJUt1r7h+YyZxq4Dey5f9Go+vTvS3rRrpwY2a/khX/p0JBF9KmC9/srz4f/++aNtJnGyrEDwWdvnX+7bvfyOe6209J+PPQvDt88uz04b1O5+jxC8Quae7dv07KdZfWsjEZE7TrNr3Q9xqVXdd4oW92trftW3u10NS8uhsehm23YZzAzbX9wGw6N0xpZ2fLuMVDf7+5W63U3W7jne+UbXvb/GA1HWhJxdDZ8+p1r7mbxMSr45g75pMfpwFupWHM8YPO0dasI4mDSi8SVJ4VVLbL5VKpXC5t3965fce28yMNdsyyezQSsfAXLb5iFvPGDSxALq7/f7Wkugpqal8HMmN/HFUVyFdjwvpMt/6/c8ud2u9g/e9W+QvS97LVF5XU/8vps8uT6v+EXIxMssG4NdaE9vl+lpOMjJ7omU71UPfUUUdHeryAfRuZKwvZyyv42ZWrpjyF8uWpoUrSYrIWox1ta1u23teeagplVJOnulyFOlSottzkFeUokKuK2vIVyGhTjm7IqKQd7WhLRq6KOpSvfTW1q6oq+ncURcd6kJz3rSk5qhtUmhCwOhhUnrKnSfX/Jx+nr9Os/tvU/zdV+jpYTR8+nRYDfAlE2fX/oNzsza68vIwAAAAAAMCiWclv363kb/eXJEWqeXXXft1pAQAAAACABbIUrWpDVnz9L+mSLK7/AQAAAAD4urGSe+wsSevJh/qt/p1QL/JLgKVXkCIAAAAAAPiCkjv/L69IUTJpxRVZc13/AwAAAACAr4DfDMyxn+/OsRt1/6yfkxS2Vq0//3NVwbJ11jr4lnVSiddUTrKYkU8AtGsXrXPZRL3Jw4qk5Jnjblgb6eSY2SSYvXkHPzueNde/FTyXwMrS4A4mJGDFPW/ns2f6RFfTTa5m88zfP80pWZP2sl7z6m7R8et3S6pUzuXa7kH7548e/EIKesd5/KBzVPzgo879JJezuOnsJN7px0Pp5MafjH4uT5P5FpJ7LsYd8Zpq3S5/22ysW0m/dvf4l1Q5yQ12NG0A+n3+StfSMbu2nsaun/Zm3I+PvxAff6mYDNnQ0QfLVj+L0vNHPm4gJmRRSLK4nsZc37yu8t/S5d4o5KzCt5ekcnF0DIayKA9mMftcWP8aORcDWSQP3TUD52IrzuIv8Y4mZLE1XxYjIwIAr8uxLil5F7qkZBLzXhUqZHW3Wx66b2qfq+7Mru7vDVf3p7+PomSDJSmf/W1iai8Fxe/om1ZSh1bSQ8pfHPOObmd1paAJ7+j2F6hucV9/6n8HUpb2SBb/iaLobinp93fPVdU/DHU30m9YLy/Fp/DW05OfJhPgxz48+vDoUbm8tW2/a9u3y1pODiN7WBK1BwAwYvZ37MyMsN7V1TTi6v1/vJMuDVW8/+99pKCoD/SROrqvm92vELgyfq/rAx9DuJletWrgqtWcf/tu8r10w7El3Zx4VZfU0oHYci92Wd1Nhit1P3brJY8CAACv1rUZdXh8/S8M1f+b2kwjNi+Ove4eruXZ1XHvkn5SbGl28u8t+mwAAPBmcIPPrPX2r60g8Frvl3Z2SpX2nmsC3/mhCbzqrmu8ZtsNnL1Kc9c1rcBv+45fN61Aq17VDU2432r5QdvU/MC0/NA7SL753WRf/R66jUqz7Tlhq+5WQtc4frNdcdqm6oWOae1/v+6Fe26QbBy2XMereU6l7flNE/r7geMWjQlddyDQq7rNtlfz4sWmaQVeoxIcmh/59f2Ga6pu6AReq+2nO+z25TVrftBIdlvMR+M+LwAAwBvnybPTh/c6naPHzy+sxZfmacuZJsSMLqzoybP4qjxuyWermCMIAIAvmX4Bn2OjwktMCAAAAAAAAAAAAAAAAAAAAAAAjJh9S9+cC8vjbhaUei0/O5e16Jfq32I4sh9Li05snoXcvFt1b4k4ffjplOC1Xkv39A/GnL2yA/z7/0lvJS1KW/KL72ttyuC+jIXvHqdndGJMvHLsqtXeWOQX/88hXnj0xwmroiiKpm++OnwOV4YOMDet07ykxytzD8HKyEsUwNfV/wIAAP//qMc0fQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x1c)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r1], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.819595178s ago: executing program 0 (id=15064):
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000011c0), 0x2401, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000080000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffe97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=<r2=>r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000008c0)='mm_page_free\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES32=r2, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x8, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x4, 0x7}, 0x13748, 0x10000, 0x0, 0x6, 0xe, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000007c0)={[{@nouid32}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000001480)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x143041, 0x0)
pwritev2(r3, &(0x7f0000000380)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xe7b, 0x0, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
syz_open_dev$sg(&(0x7f0000000040), 0x1200000, 0x260900)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0904000000000000000002000000300004802c0001800a00010072616e67650000001c0002800800014000000008080002400000000304000480040003800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a7a93d87fa1474ddfb909ae2a128378e604185caa107d1e8c14c8eb2e956803e40deda4890f741fa41cb7a41177186f1d4117d31dbda803554747cbae8b0681a3f4729fda45391647860d0af7a3902e0ab99a6de6907cb79b74745821573408daee731c347082471785c470fd95ccaddde26a51f4545ca07db047dcd3145c908f501b9ce7bf61cff72afa9de0ba7fbf"], 0x84}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b", 0xe, 0xfffffffffffffffd)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000003140100c68f7bec9aff06860900020073796232000000000800410073697700140033006272696467653000"], 0x38}, 0x1, 0x0, 0x0, 0x44805}, 0x50)

1.741587336s ago: executing program 4 (id=15065):
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x4c, 0x0, 0x8, 0x201, 0x0, 0x0, {0x5, 0x0, 0x4}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x480d0}, 0x20054)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x1, 0x66c, 0x0, 'queue1\x00'})
write$sndseq(r2, &(0x7f00000004c0)=[{0x82, 0x77, 0x0, 0x0, @tick, {0x4}, {0x0, 0x6e}, @raw32={[0x0, 0x1]}}, {0x5, 0x2d, 0xc, 0xfe, @tick=0x8e, {0xd, 0xd}, {0xff, 0x4f}, @addr={0x36, 0xc1}}, {0x8, 0x2, 0x8, 0x6, @tick=0x400, {0x4, 0x4}, {0x5, 0x9}, @connect={{0x71, 0x6}, {0x1, 0x1}}}], 0x54)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}, {@data_journal}]}, 0x1, 0x44a, &(0x7f0000000d80)="$eJzs3M9vFFUcAPDvzLb8xlaCP/ihVtFI/NHSgsjBi0aNB01M9IDH2haCLNTQmgghisbg0ZB4V48m/gWe9GLUk4lXvRpDQkwvoKc1szvT7i67pVu2u+h+PsnAezNv877fnXm7b+axBDCwxrI/kogdEfFbRIzUqo0Nxmp/3Vi6OPP30sWZJCqVN/5Kqu2uL12cKZoWr9teVIYi0k+S2Nei34XzF05Pl8tz5/L6xOKZdycWzl94+tSZ6ZNzJ+fOTh07duTw5LNHp57pSp5ZXtf3fjC/f88rb115beb4lbd/+iYp8m/Ko0vGVjv4WKXS5e76a2ddORnqYyB0pFQbpjFcHf8jUYqVkzcSL33c1+CADVWpVCr3tj98qQL8jyXR7wiA/ii+6LP732Lr0dTjjnDt+doNUJb3jXyrHRmKNG8z3HR/201jEXH80j9fZFtszHMIAIAG32Xzn6dazf/SqH8udFe+hjIaEXdHxK6IOBoRuyPinohq2/si4v4O+29eJLl5/pNeXVdia5TN/57L17Ya53/F7C9GS3ltZzX/4eTEqfLcofw9ORjDm7P65Cp9fP/ir5+1O1Y//8u2rP9iLpjHcXVoc+NrZqcXp28n53rXPorYO9Qq/2R5JSCJiD0RsXedfZx64uv97Y7dOv9VdGGdqfJVxOO1838pmvIvJKuvT05sifLcoYniqrjZz79cfr1d/7eVfxdk539by+t/Of/RpH69dqHzPi7//mnbe5r1Xv+bkjcb9r0/vbh4bjJiU/JqLej6/VNN7aZW2mf5HzyQ5//yHxF1439XrLwT+yIiu4gfiIgHI+KhPPaHI+KRiDiwSv4/vvDoO3XVtLP8N1aW/2xH53+lsCma97QulE7/8G1Dp6Od5J+d/yPV0sF8z1o+/9YS1/quZgAAAPjvSSNiRyTp+HI5TcfHa/+Gf3dsS8vzC4tPnph/7+xs7TcCozGcFk+6Ruqeh07mt/VFfaqpfjh/bvx5aWu1Pj4zX57td/Iw4La3Gf+ZP0v9jg7YcH6vBYPL+IfBZfzD4GoY/1v6FwfQey2+/7f2Iw6g91rN/z/sQxxA7zWNf8t+MEA8/4PBZfzD4FrX+P+y+3EAPbWwNW79I/muFor/zKGnnSp0vRDpHRGGwgYV+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CX/BgAA//+GKuJ2")
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r5 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0519, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x3}, 0x6025, 0x4005, 0xb, 0x3, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r5, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x33f8, 0x98527b7d7c3d2c93, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0x2)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(r6, 0x5609, &(0x7f0000000100)={0x9, 0x1ff, 0x4})
ioctl$VT_DISALLOCATE(r6, 0x5608)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfe37, 0x0)
r7 = creat(&(0x7f0000000000)='./file1\x00', 0x14c)
fallocate(r7, 0x0, 0x9, 0x2000403)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r7}, 0xc)
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000100)='./file1\x00')

1.673509563s ago: executing program 0 (id=15066):
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0xc10, &(0x7f0000000000), 0x1, 0x62f, &(0x7f0000000d80)="$eJzs3c9rHNcdAPDv7EqyZKuVXUqpRUsFPdhQLEuuqdtearuH+mCoIT6EkIOFJTnC6x9YMsSOwTbkkEACIeRqgi/5B3IPvucWAkluOQecEBwSSIw2zOysvJJm9dO7K3k+H9jdN29m973vPj/Pmxm9nQBKayx9qkQcjFi8kESMtKwbjsbKsXy7J9/fuZg+kqjXX/ouiSTPa26/mL/uS5+SiMGI+Ox0xO+qq8udv3X78lSt3nA34ujCletH52/dPjJ3ZerSzKWZq5PH/nn8xMS/Jo9PPpc49+WvZ87+/0/vvvnaP2Y/rx1J4mSc739jOlbEsQX1pCBzLMZiMQ+xNb8vIk6kiYLvZbfZUAh7Ol8Ptqaa/3vsj4g/xEhUs6WGkZh7p6eVAzqqXo2oAyWV6P9QUs1xQPPYfmPHwec7PCrpnsenGgdAq+Pva5wbicHs2Gjvk6TlyKhxbmP/cyg/LePpndEH6SOWnYf4aal1+p5DOe3cux8RfyyKP8nqtj+LNI2/EpWW96V1moiIgTz93y0U3Uy0njvZ5nmYzVdiE/G3tkP6XZzMX9P801ssf2zFcrfjB6CcHp3Kd+TZ3vjZ/i8dezTHP1Ew/hku2HdtRa/3f+3Hf839/WB2jryyYhyWjlnOFX9k/8qMr98+83678lvHf0/vJFk9mmPBbnh8P2J0RfxvZQO9ZKn9k4L2Tze5cHJjZfzvi2/PtFu3PP7RB92Ov/4w4lDh8c+zUWmaWuP65NHZudrMROO5sIxPPn31o3bl9zr+tP33tom/pf0rK9+XfifXN1jGx+ceXhlos2543fgr3wwkjePN5me8PrWwcGMyYiA5m2/Skn9s7bo0t2l+Rhr/4b8W9/9l//7vL/+codYDmHVcf/nyk3brttL+LReTF+sbrEM7afzT67f/qv6f5r23wTJ+fOXmn9utK4g/Io9/aDuBAQAAAAAAQAlVsmuwSWV8KV2pjI835sv+PvZWatfmF/42e+3m1emIw9nfQ/ZXmle6RxrLSbo8mf89bHP52Irlv0fEgYj4oDqULY9fvFab7nXwAAAAAAAAAAAAAAAAAAAAsEPsy+f/N+9T/UO1Mf8fKIlO3mAO2Nn0fyivrP+vusUTUAb2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMAL6cBfHn2VRMS9fw9lj9RAvq7a05oBndZfkFe/24OKAF1nHw/ltXTpf83p//V6VyoDdFXR+H+Vn/MfB+x8dYAeSIoys8FBfe3O/6jwnQAAAAAAAAAAAABABxw62H7+/4bmBgC7lrv+QnltY/6/nw6AXc5P/0N5OcYH1pvFP9huxXbm/xt8AAAAAAAAAAAAAMCmDGePpDKezwUejkplfDziNxGxP/qT2bnazERE/DYivqz270mXJ3tdaQAAAAAAAAAAAAAAAAAAAHjBzN+6fXmqVpu50Zr4ZVXOi51o3ohsnY0HYvtl/Sc2+a5Iuv+1DEVEzxulY4m+lpwk4l7a8juiYjfmY2dUI0v0+D8mAAAAAAAAAAAAAAAAAAAooZa5x8VGP+xyjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg+57d/79ziV7HCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsTr8GAAD//2v8Q10=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f7})

1.658194324s ago: executing program 3 (id=15067):
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000140)='./file0\x00', 0x1004491, &(0x7f0000000000)=ANY=[], 0xfe, 0x84d, &(0x7f0000000d00)="$eJzs3U9sXFe5APDvuuPEcdS86r2nvihK05ukT0pE6o6d1sXqokzH185t7RlrZowSoaqNWqdEcdqqVVUaIUI2LSD+iBXLUpZVN10BQgKJBbBCogs2LCpV6gZUEEgIhBBGc2cmHsceO07cBMrvN8qc63PPPfc7d2bu8Z34nBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQCTV6XJ5PIm5vLZ4Oh2sOt2oz2+yvlffT9Ykm+w3Imn/i5GR2N/J2v+/q6vvbj8diYOdnw7GSDsZiUt7777rkf8pDfW23ySgG3V48Krh/h+SiC+3g7pwdnl56aVt7GBXt4k3EeNO+9qPugsj173JX1faz7NZLW/W8/nKbJbmzXo6NTlZfuDUTDOdyeey5plmK5tPq42s0qo30mPV4+n41NTJNBs7U1+szU5X5rJe5sP3T5TLk+njYwtZpdGs1x54fKxZPZXPzeW12aLMRPnVaJd5uP1GfCJvpa2sMp+m584vL53cKtR2ofE1ObvXHPyD99314Ssf/On8UvsNOaiSpPuqTYyPT0yMTz409dDD5XJpojyxNqN8jbhaIoYiolwufSxvWm6vvRvklQZ9ziNW/uvmT9ywA4ZGugtzkUctFuN0pJHGUPFcPL65J9IYjmpMRyPqMd/O+/Xw6vruo6vX////A7//5Wb77e//e738/qvrOmfbI3Gok3FoUP+/LoodeJQG1Vp7pxNNf97L8VpcigtxNpZjOZbipWu32nXtFhs8rqfMTT92d9Khna11NrKoRR7NSCKP+agUOWmRU480pmIyJqMcT8WpmIlmpDETecxFFs04E81oRVa8o6rRiCwq0Yp6NCKNY1GN45HGeEzFVJyMNLIYizNRj8WoxWxMR6Wo5dxKx+Vr4rr7S0//8LlfffhmeznOxZ5Y/9L1PYa7q/e+H/HHTVq7rrvfRv/fLjHUC4NPkJFtvqo3c7qGHbVSXP+XbncYAAAAwMcoKb59TyJiOO4plmbyuexzvdXDtzc6AAAAYCcUf2l3sJ0Ul/r3RNK+/i9vUPK9iN23PDwAAABgByTFGLskIkbj3s7SuThfjGXb6EsAAAAA4N9Q8f//h9rJaMTlIsP1PwAAAHzCfGXQHPsf7Crm2B2N5sLu5Md/iEZjOLmycPq+5GKlXa5y8Y7Odt3ks1drbM0cSPZ1KymSydKlvUlElKrZwaQ3++Xfu2MJPiqeD6xOQDhorv9kiwBi8wCKn+LrcbhT5vCznfTZ3prOXkZn8rlsrFqfe2Q86X450nrl+fNfiKL5X63N70vi3PnlpbFnXlguarh4pf185WJ3evikt1V0507YJJaV3miKezZu8XAxEKO739HOfsv97e/OJju0efuT/n2+Hkc6ZY6MdtLRte0fae9zfOyR8ahU9g21stOtV1b6Wt+NYryIomj57l5rk228Cq/H0U6Zo8eOdpINophYE8Xz66OYWI3iynUei+uO4s3Dl0//+Wf1JDu5VRQnbzIKgNvlXDHrz2ovtKfohf7WmVX9e9/vrOvvd3tTqW/rLHdu9beM3vZ9fV0p1vXu6Y307q/HsU6ZY53fJ0oHNuhXyhuc0V88/+LPu2f0B9/+znefPPSLd6/p17cRxdtxvFOmm8R//3RAH9tu8zeu6VXfam/x1sXSgP025yaSV5MYTjo3H4pL95+/ePa5peeWnp+YODlZfrBcfmgihotfFbrJRpGuO6gA/KfZ6h47737xatFBd+FJHtziqjop9f6kYCyeiRdiOZ6NE8Vog4i4d+NaR/v+DOHEFletq2XH48QW15arZSeuLbv7aBIDyp7sO2L/9+0i+cvH9IIAwC1wZIt+OIm7OtP+vHpnd4urJVaKL3/vSJIT/dfdn4+IA4P63HZffrxz49zj0fvyc2Bf3u+33fTTt+SoAMAnW9b4KBltvZE0GvnCU+NTU+OV1qksbdSrT6SNfHo2S/NaK2tUT1Vqs1m60Ki36tVevz2dNdPm4sJCvdFKZ+qNdKHezE8Xd35Pu7d+b2bzlVorrzYX5rJKM0ur9VqrUm2l03mzmi4sPjaXN09ljWLj5kJWzWfyaqWV12tps77YqGZjadrMsr6C+XRWa+UzeTac5rV0oZHPVxpXImJucT5Lp7NmtZEvtOqdCnv7ymsz+xrzRbVjse4/FH53O445ANxuL7926cLZ5eWll25s4TfXU/h2txEAWEsvDQAAAAAAAAAAAAAA//rWD9dr525rIOBw3PDwwZd3R3thz41u3l54stOQ3rzCNzWccf1Caacr3HzhU+/sXCvW1zPcy7lzq3Gfe9a8pru6x/YWHYQL/9i5Cp9+9NELl65ERJGTlPoP72OX9596P4te6zapZ+NPykZDXd/YF7HrB9/q5HxmQOGktMNH7L1uA3uf6kGFh9bmrCSbfPBvyekHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALblnwEAAP//RvVCFg==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b1"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xffffffffffffffff)

1.650404295s ago: executing program 4 (id=15068):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket(0x10, 0x2, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000400"/15], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560aff820fffff5bab00070000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000a0c100000000000224e0000", 0x58}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x24, 0x1402, 0x1, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000841}, 0x20000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400))
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000340)=[{0x6, 0x2}, {0x1, 0x8, 0x8, 0xfffffffc}]}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r6, 0x2007ffc)
sendfile(r6, r6, 0x0, 0x800000009)

1.49867106s ago: executing program 0 (id=15069):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r0, &(0x7f00000005c0)="f5", 0x1, 0x20000880, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r2}, 0x10)
syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x226f, 0x13500, 0x0, 0x22c}, &(0x7f0000000240), &(0x7f0000000300))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000b28000)=0x20000000000000ff)
fcntl$setsig(r4, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r5}], 0x2c, 0xffffffffffbffff8)
dup2(r4, r5)
fcntl$setown(r4, 0x8, r3)
tkill(r3, 0x13)

1.49790035s ago: executing program 3 (id=15070):
syz_open_dev$evdev(&(0x7f0000001900), 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0xfe, 0x0, 0x4, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x400, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='sched\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x804000, &(0x7f0000000180)=ANY=[@ANYBLOB="747299b5fca60b", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00'])
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000afc9e6a40000fffc00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x6a040000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000140)=[@in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e23, @private=0xa010100}], 0x40)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000340), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="000000000400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000000), &(0x7f00000005c0)=r6}, 0x20)
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r7, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000000c0)={0x0, 0x8, 0x4, 0x4, @vifc_lcl_addr=@loopback, @local}, 0x10)
setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
setsockopt$MRT6_FLUSH(r3, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x4898, 0x0)

1.219747668s ago: executing program 6 (id=15071):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
pread64(r3, &(0x7f0000001840)=""/4096, 0x1003, 0x1)

1.170078793s ago: executing program 6 (id=15072):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000001cc0)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES64, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea4bd00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c7c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120558a69c70854bdc5b5a2a2d4218766045c753e3b29fb43510615fb279287eb83255f8b8b4c1273d50ba7f1f5c043579e49b2e4aa9c3e7f10a6d306a58f70dbce08b052da65cffc3325024802a85e0ef8c25d605349288bba816c4ef46824d88ecb3d40d0b270a1835b32c38c3fff18f0c86419d797b0af14bde3af90ae391b62fca804375b84429ac81cbe78703e28217c0efde62048622f268cb07f69af623fa28eb0fc284c1015b846dcdb7af09a07020a8a337e97f64cc3c2ad6924583540a4034140e1bff1effc898006b1c6cb259b28cc38b0788c4358686e65f3bb254a847c3f58a3e85fee43d5c6fe0c6581f220a2cb7123a73594a375de5293cd6e0000000000000000", @ANYRES64], 0x4b, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x101042, 0x0)
iopl(0x3)
gettid()
timer_create(0x0, &(0x7f0000000400)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000440)="4066ba4a86c66f3ab3b40bc05f7e1f0d4c38bdbc1b0397dc1d7bfb956447697a0f0b8bcbfa0a55026215581e47652b884d48", &(0x7f00000007c0)="a59990bf7d861423777d293471b8429540c80af4e0d6eff85de22390b7646e9688d268"}}, &(0x7f0000bbdffc))
timerfd_create(0x0, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r0, 0x0, 0x11, 0x801afd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a"], 0x44}}, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x10, 0xffffffffffffffff, 0x4ec000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c00028005000100060000000800"], 0x44}}, 0x0)

1.10659862s ago: executing program 3 (id=15073):
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$phonet(0x23, 0x2, 0x1)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x2, &(0x7f0000000840)={[{@hide}, {@map_normal, 0x0}, {}, {@showassoc}, {@map_off}, {@session={'session', 0x3d, 0xa}, 0x41}, {@session={'session', 0x3d, 0x23}}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@block={'block', 0x3d, 0x400}}, {@gid}, {@showassoc}, {@unhide}, {@gid}, {@session={'session', 0x3d, 0x16}}, {@map_normal}, {@check_strict}, {@dmode={'dmode', 0x3d, 0xc82}}, {@showassoc}]}, 0x2, 0x6a0, &(0x7f0000000a40)="$eJzs3V1rG+n5x/HfyLIte/+E5d8SQnCSO0kXHJoqI3njYFLoqqORPa2kETNysaGwpBt7CZGzbZJC45OtT/oA2zfQs570oC+i0ON9Fz0pLSztWaE9mDIPeoqeol0l2d18P2ZXo3uumfuauRVdjK25JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIMup2nbJUt1r7h+YyZxq4Dey5f9Go+vTvS3rRrpwY2a/khX/p0JBF9KmC9/srz4f/++aNtJnGyrEDwWdvnX+7bvfyOe6209J+PPQvDt88uz04b1O5+jxC8Quae7dv07KdZfWsjEZE7TrNr3Q9xqVXdd4oW92trftW3u10NS8uhsehm23YZzAzbX9wGw6N0xpZ2fLuMVDf7+5W63U3W7jne+UbXvb/GA1HWhJxdDZ8+p1r7mbxMSr45g75pMfpwFupWHM8YPO0dasI4mDSi8SVJ4VVLbL5VKpXC5t3965fce28yMNdsyyezQSsfAXLb5iFvPGDSxALq7/f7Wkugpqal8HMmN/HFUVyFdjwvpMt/6/c8ud2u9g/e9W+QvS97LVF5XU/8vps8uT6v+EXIxMssG4NdaE9vl+lpOMjJ7omU71UPfUUUdHeryAfRuZKwvZyyv42ZWrpjyF8uWpoUrSYrIWox1ta1u23teeagplVJOnulyFOlSottzkFeUokKuK2vIVyGhTjm7IqKQd7WhLRq6KOpSvfTW1q6oq+ncURcd6kJz3rSk5qhtUmhCwOhhUnrKnSfX/Jx+nr9Os/tvU/zdV+jpYTR8+nRYDfAlE2fX/oNzsza68vIwAAAAAAMCiWclv363kb/eXJEWqeXXXft1pAQAAAACABbIUrWpDVnz9L+mSLK7/AQAAAAD4urGSe+wsSevJh/qt/p1QL/JLgKVXkCIAAAAAAPiCkjv/L69IUTJpxRVZc13/AwAAAACAr4DfDMyxn+/OsRt1/6yfkxS2Vq0//3NVwbJ11jr4lnVSiddUTrKYkU8AtGsXrXPZRL3Jw4qk5Jnjblgb6eSY2SSYvXkHPzueNde/FTyXwMrS4A4mJGDFPW/ns2f6RFfTTa5m88zfP80pWZP2sl7z6m7R8et3S6pUzuXa7kH7548e/EIKesd5/KBzVPzgo879JJezuOnsJN7px0Pp5MafjH4uT5P5FpJ7LsYd8Zpq3S5/22ysW0m/dvf4l1Q5yQ12NG0A+n3+StfSMbu2nsaun/Zm3I+PvxAff6mYDNnQ0QfLVj+L0vNHPm4gJmRRSLK4nsZc37yu8t/S5d4o5KzCt5ekcnF0DIayKA9mMftcWP8aORcDWSQP3TUD52IrzuIv8Y4mZLE1XxYjIwIAr8uxLil5F7qkZBLzXhUqZHW3Wx66b2qfq+7Mru7vDVf3p7+PomSDJSmf/W1iai8Fxe/om1ZSh1bSQ8pfHPOObmd1paAJ7+j2F6hucV9/6n8HUpb2SBb/iaLobinp93fPVdU/DHU30m9YLy/Fp/DW05OfJhPgxz48+vDoUbm8tW2/a9u3y1pODiN7WBK1BwAwYvZ37MyMsN7V1TTi6v1/vJMuDVW8/+99pKCoD/SROrqvm92vELgyfq/rAx9DuJletWrgqtWcf/tu8r10w7El3Zx4VZfU0oHYci92Wd1Nhit1P3brJY8CAACv1rUZdXh8/S8M1f+b2kwjNi+Ove4eruXZ1XHvkn5SbGl28u8t+mwAAPBmcIPPrPX2r60g8Frvl3Z2SpX2nmsC3/mhCbzqrmu8ZtsNnL1Kc9c1rcBv+45fN61Aq17VDU2432r5QdvU/MC0/NA7SL753WRf/R66jUqz7Tlhq+5WQtc4frNdcdqm6oWOae1/v+6Fe26QbBy2XMereU6l7flNE/r7geMWjQlddyDQq7rNtlfz4sWmaQVeoxIcmh/59f2Ga6pu6AReq+2nO+z25TVrftBIdlvMR+M+LwAAwBvnybPTh/c6naPHzy+sxZfmacuZJsSMLqzoybP4qjxuyWermCMIAIAvmX4Bn2OjwktMCAAAAAAAAAAAAAAAAAAAAAAAjJh9S9+cC8vjbhaUei0/O5e16Jfq32I4sh9Li05snoXcvFt1b4k4ffjplOC1Xkv39A/GnL2yA/z7/0lvJS1KW/KL72ttyuC+jIXvHqdndGJMvHLsqtXeWOQX/88hXnj0xwmroiiKpm++OnwOV4YOMDet07ykxytzD8HKyEsUwNfV/wIAAP//qMc0fQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x1c)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r0, 0x20, &(0x7f0000000100)={0x0, 0x0, <r1=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=r1, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.092789641s ago: executing program 4 (id=15074):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
prctl$PR_GET_SECCOMP(0x15)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={<r1=>0x0}, &(0x7f0000000080)=0x8)
socket(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRES16=r1], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000001600)={[{@debug}, {@min_batch_time={'min_batch_time', 0x3d, 0x4ab}}, {@data_err_ignore}, {@nobarrier}, {@inlinecrypt}, {@orlov}, {@nogrpid}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f0000000c40)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
setpgid(0x0, 0x0)
wait4(0x0, 0x0, 0x2, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
fallocate(r4, 0x0, 0x3, 0x800000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x101042, 0x1b6)
pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
open_tree(0xffffffffffffffff, &(0x7f0000000580)='./file0\x00', 0x8801)

1.005562689s ago: executing program 3 (id=15075):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095", @ANYRES64], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
write$cgroup_int(r1, &(0x7f0000000040)=0xfe8e, 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40088a01, &(0x7f0000002200)=0xc0100100)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xa, &(0x7f0000000440)=ANY=[@ANYRESDEC=r4, @ANYRES32, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)

664.456463ms ago: executing program 4 (id=15076):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
pread64(r3, &(0x7f0000001840)=""/4096, 0x1003, 0x1)

662.088194ms ago: executing program 6 (id=15077):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000003140100c68f7bec9aff06860900020073796232000000000800410073697700140033006272696467653000"], 0x38}, 0x1, 0x0, 0x0, 0x44805}, 0x50)

656.096525ms ago: executing program 4 (id=15078):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket(0x10, 0x2, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000400"/15], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x3, 0x7)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560aff820fffff5bab00070000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000a0c100000000000224e0000", 0x58}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x24, 0x1402, 0x1, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000841}, 0x20000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000000400000000"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000340)=[{0x6, 0x2}, {0x1, 0x8, 0x8, 0xfffffffc}]}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r7 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r7, 0x2007ffc)
sendfile(r7, r7, 0x0, 0x800000009)

644.029596ms ago: executing program 0 (id=15079):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q6KCqFVibHxpaUHl4EWjiQeMJnrAm7UthFCooTURQqQagxcTQ6Jn9WjiX+DNi1FPJl71bkiIcgE91czsTNldum1XtruF/XySYZ9n5pk+z7czz84z80wJoGcNZ/8kETsi4reIGKxm6wsMVz9uXLsw9fe1C1NJLC298WeSl7t+7cJUWbTcb3uRGUkj0o+TopJ68+fOn5qcnZ05W+THFk6/OzZ/7vzTJ09Pnpg5MXNm4siRw4fGn3t24pm2xJnFdX3fB3P7977y1uVXp45dfuenb7P27ii218bRYEvD57oNZ4H/tZRbXplWPx5rOYLNbWdNOunrYkNoSSUissPVn/f/wajEzYM3GC9/1NXGARsquzatcmFbXALuYkl0uwVAd5QX+uz+t1w6NPTYFK6+UL0ByuK+USzVLX3lrXp+b7Rzg+ofjohji/98mS2x+nMIAIC2+HTqi6Px1ErjvzTurSm3q5hDGYqI/0fE7oi4JyL21JS5LyLuX7vKtDbTODV06/gnvdJyUC3Ixn/PF3Nb9eO/5WYOVYrczjz+/uT4ydmZg8XvZCT6t2T58WrZYgpssa6O71/69bNm9deO/7Ilq78cCxbtuNLX8IBuenJhMh+UtsHVDyP29a0Uf7I8E5AFtTci9rX2o3eViZNPfLO/WaG1419FG+aZlr6OeLx6/BejIf5Ssvr85Nj/Ynbm4Fh5Vtzq518uvd6s/tuKvw2y47+t/vxvLDKU1M7Xzrdex6XfP2l6T/Nfz/+B5M1834Fi3fuTCwtnxyMGkqN5vm79xM19y3xZPot/5MDK/X93sU8W/wMRkZ3ED0bEQxHxcNH2RyLi0Yg4sEr8P77YfFt9/Ft3dOP4Tzd8/23Ntyyf/w3Hv/VE5dQP361c+1dvr+/4H85TI8Wa/PtvDett4G3++gAAAOCOkObvwCfp6HI6TUdHq+/w74lt6ezc/MKTx+feOzNdfVd+KPrT8knXYM3z0PGkfOZZzU8Uz4rL7YeK58afV7bm+dGpudnpLscOvW57k/6f+aPS7dYBG26lebSJgS40BOi4xv6f1mcvvtbJxgAd1fQ9mm2dbQfQeWu8R5d2qh1A5/n/WqB3rdT/LzbkzQXA3cn1H3qX/g+9S/+H3qX/Q09a64/kK7f5t/8Sd1wiWV/hSLvf1M2R6I+ItvzAgU0RTpHo9jcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAe/wbAAD///mA6oc=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000000), &(0x7f00000000c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)

616.899678ms ago: executing program 6 (id=15080):
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000011c0), 0x2401, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000840)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d0664553688ba6e000026743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES32=r2, @ANYRES16=r0], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
write$binfmt_script(r2, &(0x7f00000012c0)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r3 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x1, @buffer={0x300, 0x49, &(0x7f0000000440)=""/73}, &(0x7f0000000380)="259374c96ee3", 0x0, 0xffffffff, 0x30, 0x0, 0x0})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r4 = getpid()
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
write$P9_RWRITE(r0, &(0x7f0000000340)={0xb, 0x77, 0x2, 0x5}, 0xb)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x800, 0x0)
getsockopt$IP_SET_OP_VERSION(r5, 0x1, 0x53, 0x0, 0x0)
lseek(r5, 0x0, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000020000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c56f0979bd10b97163c1d6d0e196bf02f46e8953ab1abda45cbe8d0d26b5069f8a98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d35c32aac1c7d5b5be399f6609876b5887437a172fbc02a74067529194e533583412dff048f0000000000000000b2728a04816cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13caec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad30000000000000003626165866c154e2514890000b515a1000000000000000eb2e9c15b6c8f6198282d0086fa0000c2ccf3f6d69cfcf1e15ea7a9e57aee78e12ace55736fa42811654e19a7e9b531636794a718b4766d744263b6681da2b2204d848619a3eb62e77460c048df8e72bfe31438163ec4270439b350274e5aa941bfc32ce08e3790dfb0c59bbe45cd27264669c187eed6d67b3be191137814bcb226b2078a1bc45502705d538d8723113445b08b0ac8dc2dfa17fd79ed5fd33b14b0adabf72df024dcde1ef330b927ce1a80474ce4f99a292c71456ec1abbfbb61dc9f0f71395a1751d35fa1"], &(0x7f0000000340)='GPL\x00'}, 0x48)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x94b6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000f5ffffffffffffff00"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="1806000000000000000000000000000018120000", @ANYRESDEC=r5, @ANYBLOB="0000000000000000b703000001000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7, <r9=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000003c0)=r8}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r9}, &(0x7f0000000340), &(0x7f0000000580)=r8}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0xffff0000, 0xb00, 0x0, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8510, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5f, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
lseek(r0, 0x81, 0x3)
bind$inet(r10, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
sendmmsg$inet(r10, &(0x7f0000003cc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="14000000000000000000000007"], 0x18}}], 0x1, 0x44008004)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000)=r6, 0x4)

615.217449ms ago: executing program 2 (id=15081):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
syz_emit_ethernet(0x4a, &(0x7f00000043c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x2b00, 0x6, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

599.51002ms ago: executing program 0 (id=15082):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000e40)='./file2\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x90})
syz_clone3(&(0x7f00000007c0)={0x1000400, 0x0, 0x0, 0x0, {0x26}, &(0x7f0000000580)=""/255, 0xff, 0x0, 0x0}, 0x58)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x0)

562.227484ms ago: executing program 2 (id=15083):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2000000, &(0x7f0000000080), 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) (fail_nth: 1)

150.982045ms ago: executing program 2 (id=15084):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000008000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000d56d03b077c9c1d60000000000f700000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000007000000050000000100000f05000000110000000700000005000000005f00005f6100fd1b182523716b8c566c84cc86b995fe027a5616d7d6a06107e8b0d8c71511b1f9907dedd3c5041056bc2d8b44848ef2a605914d8526ce5c862d8905a0fa7ec902ddb760d8351fd5e3ee308ca6d9b896e0ef49e910eea040d209d4fd9598ba745128f50583d9bdb72a17067ab0d03a003e02201dea838447dc4fecbcd66cc1f57a912254cc3b3a7617d1307fec98bd8be0e28477fd122a3ea0426a475382e25811ab76de6065ab71be52e0efe39ef05d5c57"], 0x0, 0x37, 0x0, 0x9}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0xf)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')
r5 = socket(0x10, 0x3, 0x0)
connect$netlink(r5, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000580)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x52}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r6=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x82}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x26)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
lsm_get_self_attr(0x69, &(0x7f0000001940)={0x0, 0x0, 0x1020, 0x1000, ""/4096}, &(0x7f0000000480)=0x1020, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2000000, &(0x7f0000000080), 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)

130.799467ms ago: executing program 3 (id=15085):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000500)=ANY=[], 0x119)

71.763143ms ago: executing program 3 (id=15086):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, 0x0, &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
pread64(r3, &(0x7f0000001840)=""/4096, 0x1003, 0x1)

41.315896ms ago: executing program 6 (id=15087):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f00000004c0)={'syztnl0\x00', <r1=>0x0, 0x2f, 0x5, 0x9, 0xffff, 0xc, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x10, 0x7, 0xcb}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
io_setup(0x8f0, &(0x7f0000002400))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0b00000007000000080000000400000005"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r4}, 0x10)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0xff, 0x4e, 0x54, 0x0, 0xcb2, 0x89008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, @perf_bp={0x0, 0x1}, 0x403a, 0x81, 0x800, 0x6, 0x8, 0x4002, 0x77c, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r5, &(0x7f0000000780)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120)
write$UHID_DESTROY(r5, &(0x7f0000000080), 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r6, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x30, r7, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1e26, 0x7f}}}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0xf}]}, 0x30}, 0x1, 0x0, 0x0, 0xc8c4c62705c4f84c}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r8}, 0x10)
io_setup(0x3, &(0x7f0000000340))
move_mount(0xffffffffffffffff, &(0x7f0000000040)='.\x00', 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x0)

0s ago: executing program 2 (id=15088):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
pread64(r3, &(0x7f0000001840)=""/4096, 0x1003, 0x1)

kernel console output (not intermixed with test programs):

  T29] kauditd_printk_skb: 400 callbacks suppressed
[ 1102.380601][   T29] audit: type=1400 audit(1763134249.145:140591): avc:  denied  { ioctl } for  pid=15186 comm="syz.0.14579" path="socket:[162879]" dev="sockfs" ino=162879 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1102.414133][   T29] audit: type=1400 audit(1763134249.175:140592): avc:  denied  { unmount } for  pid=9067 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1102.424350][T15192] loop4: detected capacity change from 0 to 4096
[ 1102.453319][   T29] audit: type=1326 audit(1763134249.215:140593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.477204][   T29] audit: type=1326 audit(1763134249.215:140594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.477235][   T29] audit: type=1326 audit(1763134249.215:140595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.477298][   T29] audit: type=1326 audit(1763134249.215:140596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.477376][   T29] audit: type=1326 audit(1763134249.215:140597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.477397][   T29] audit: type=1326 audit(1763134249.215:140598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.596988][   T29] audit: type=1326 audit(1763134249.215:140599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.620810][   T29] audit: type=1326 audit(1763134249.215:140600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15200 comm="syz.3.14583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1102.658895][T15202] loop6: detected capacity change from 0 to 128
[ 1102.805556][T15225] 9pnet_fd: Insufficient options for proto=fd
[ 1102.823505][T15229] loop3: detected capacity change from 0 to 164
[ 1102.831373][T15229] Unable to read rock-ridge attributes
[ 1102.856131][T15231] loop4: detected capacity change from 0 to 128
[ 1102.857458][T24366] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1102.870948][T24366] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1102.897805][T15236] netlink: 256 bytes leftover after parsing attributes in process `syz.3.14597'.
[ 1102.938845][T15239] bond2: entered promiscuous mode
[ 1102.943977][T15239] bond2: entered allmulticast mode
[ 1102.949597][T15239] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1102.960772][T15239] bond2 (unregistering): Released all slaves
[ 1102.970314][T15247] loop3: detected capacity change from 0 to 164
[ 1102.977531][T15247] Unable to read rock-ridge attributes
[ 1103.280989][T15273] FAULT_INJECTION: forcing a failure.
[ 1103.280989][T15273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1103.293804][T15275] loop2: detected capacity change from 0 to 2048
[ 1103.294184][T15273] CPU: 1 UID: 0 PID: 15273 Comm: syz.6.14611 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1103.294226][T15273] Tainted: [W]=WARN
[ 1103.294232][T15273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1103.294300][T15273] Call Trace:
[ 1103.294307][T15273]  <TASK>
[ 1103.294314][T15273]  __dump_stack+0x1d/0x30
[ 1103.294336][T15273]  dump_stack_lvl+0xe8/0x140
[ 1103.294378][T15273]  dump_stack+0x15/0x1b
[ 1103.294394][T15273]  should_fail_ex+0x265/0x280
[ 1103.294431][T15273]  should_fail+0xb/0x20
[ 1103.294463][T15273]  should_fail_usercopy+0x1a/0x20
[ 1103.294485][T15273]  _copy_from_iter+0xd2/0xe80
[ 1103.294588][T15273]  ? __build_skb_around+0x1ab/0x200
[ 1103.294649][T15273]  skb_copy_datagram_from_iter+0xb1/0x490
[ 1103.294686][T15273]  tun_get_user+0xafb/0x26e0
[ 1103.294742][T15273]  ? ref_tracker_alloc+0x1f2/0x2f0
[ 1103.294803][T15273]  ? selinux_file_permission+0x1e4/0x320
[ 1103.294833][T15273]  tun_chr_write_iter+0x15e/0x210
[ 1103.294885][T15273]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1103.294911][T15273]  vfs_write+0x52a/0x960
[ 1103.294947][T15273]  ksys_write+0xda/0x1a0
[ 1103.294972][T15273]  __x64_sys_write+0x40/0x50
[ 1103.295001][T15273]  x64_sys_call+0x2802/0x3000
[ 1103.295023][T15273]  do_syscall_64+0xd2/0x200
[ 1103.295044][T15273]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[ 1103.295090][T15273]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[ 1103.295122][T15273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1103.295143][T15273] RIP: 0033:0x7fdb0e82f6c9
[ 1103.295158][T15273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1103.295177][T15273] RSP: 002b:00007fdb0d297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1103.295228][T15273] RAX: ffffffffffffffda RBX: 00007fdb0ea85fa0 RCX: 00007fdb0e82f6c9
[ 1103.295241][T15273] RDX: 0000000000000026 RSI: 0000200000000140 RDI: 0000000000000003
[ 1103.295253][T15273] RBP: 00007fdb0d297090 R08: 0000000000000000 R09: 0000000000000000
[ 1103.295265][T15273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1103.295278][T15273] R13: 00007fdb0ea86038 R14: 00007fdb0ea85fa0 R15: 00007ffdd11842d8
[ 1103.295296][T15273]  </TASK>
[ 1103.589185][T15279] lo speed is unknown, defaulting to 1000
[ 1103.626612][T15279] wg1 speed is unknown, defaulting to 1000
[ 1103.638458][T15285] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14613'.
[ 1103.676958][T15289] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15289 comm=syz.4.14616
[ 1103.786782][T15285] pim6reg: entered allmulticast mode
[ 1103.806378][T15279] pim6reg: left allmulticast mode
[ 1103.899302][T15289] loop4: detected capacity change from 0 to 1024
[ 1103.997542][T15294] lo speed is unknown, defaulting to 1000
[ 1104.016032][T15289] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.14616: Allocating blocks 449-513 which overlap fs metadata
[ 1104.093629][T15288] EXT4-fs (loop4): pa ffff88810060f8c0: logic 48, phys. 177, len 21
[ 1104.101787][T15288] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1104.167065][T15294] wg1 speed is unknown, defaulting to 1000
[ 1104.273549][T15308] syzkaller0: entered promiscuous mode
[ 1104.279045][T15308] syzkaller0: entered allmulticast mode
[ 1104.426817][T15319] loop4: detected capacity change from 0 to 4096
[ 1104.441353][T15325] loop6: detected capacity change from 0 to 2048
[ 1104.755120][T15344] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15344 comm=syz.4.14635
[ 1104.887237][T15352] loop3: detected capacity change from 0 to 764
[ 1104.906914][T15352] Symlink component flag not implemented
[ 1104.912645][T15352] Symlink component flag not implemented
[ 1104.983769][T15344] loop4: detected capacity change from 0 to 1024
[ 1105.031970][T15344] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.14635: Allocating blocks 449-513 which overlap fs metadata
[ 1105.052882][T15343] EXT4-fs (loop4): pa ffff888107161c40: logic 48, phys. 177, len 21
[ 1105.061042][T15343] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1105.178665][T15367] loop3: detected capacity change from 0 to 4096
[ 1105.313468][T15372] loop3: detected capacity change from 0 to 512
[ 1105.332928][T15372] ext4 filesystem being mounted at /475/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1105.400331][T24374] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1105.415280][T24374] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1105.455673][T15384] netlink: 256 bytes leftover after parsing attributes in process `syz.6.14650'.
[ 1105.510502][T15388] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14651'.
[ 1105.595655][T15399] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15399 comm=syz.2.14655
[ 1105.626971][T15401] lo speed is unknown, defaulting to 1000
[ 1105.664108][T15404] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14656'.
[ 1105.675760][T15403] loop4: detected capacity change from 0 to 2048
[ 1105.677924][T15401] wg1 speed is unknown, defaulting to 1000
[ 1105.695020][T15399] siw: device registration error -23
[ 1105.792692][T15408] pim6reg: entered allmulticast mode
[ 1105.848209][T15401] pim6reg: left allmulticast mode
[ 1105.974751][T24374] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[ 1105.995458][T24374] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1106.094043][T15422] loop6: detected capacity change from 0 to 164
[ 1106.111654][T15399] loop2: detected capacity change from 0 to 1024
[ 1106.126524][T15422] Unable to read rock-ridge attributes
[ 1106.290787][T15399] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.14655: Allocating blocks 449-513 which overlap fs metadata
[ 1106.307432][T15436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14667'.
[ 1106.379506][T15398] EXT4-fs (loop2): pa ffff88810060fa80: logic 48, phys. 177, len 21
[ 1106.387672][T15398] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1106.481094][T15439] loop6: detected capacity change from 0 to 512
[ 1106.540651][T15439] ext4 filesystem being mounted at /464/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1106.554559][ T9067] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1106.565538][ T9067] CPU: 1 UID: 0 PID: 9067 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1106.565754][ T9067] Tainted: [W]=WARN
[ 1106.565761][ T9067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1106.565773][ T9067] Call Trace:
[ 1106.565781][ T9067]  <TASK>
[ 1106.565790][ T9067]  __dump_stack+0x1d/0x30
[ 1106.565814][ T9067]  dump_stack_lvl+0xe8/0x140
[ 1106.565894][ T9067]  dump_stack+0x15/0x1b
[ 1106.565912][ T9067]  dump_header+0x81/0x220
[ 1106.565958][ T9067]  oom_kill_process+0x342/0x400
[ 1106.566097][ T9067]  out_of_memory+0x979/0xb80
[ 1106.566132][ T9067]  try_charge_memcg+0x610/0xa10
[ 1106.566164][ T9067]  charge_memcg+0x51/0xc0
[ 1106.566184][ T9067]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[ 1106.566216][ T9067]  __read_swap_cache_async+0x17b/0x2d0
[ 1106.566237][ T9067]  swap_cluster_readahead+0x362/0x3c0
[ 1106.566262][ T9067]  swapin_readahead+0xde/0x6f0
[ 1106.566280][ T9067]  ? next_uptodate_folio+0x81c/0x890
[ 1106.566365][ T9067]  ? percpu_counter_add_batch+0xb6/0x130
[ 1106.566392][ T9067]  ? __rcu_read_unlock+0x4f/0x70
[ 1106.566418][ T9067]  ? swap_cache_get_folio+0x277/0x280
[ 1106.566470][ T9067]  do_swap_page+0x2ae/0x2370
[ 1106.566492][ T9067]  ? filemap_fault+0x842/0xb60
[ 1106.566539][ T9067]  ? css_rstat_updated+0xb7/0x240
[ 1106.566583][ T9067]  ? __pfx_default_wake_function+0x10/0x10
[ 1106.566610][ T9067]  handle_mm_fault+0x9a5/0x2be0
[ 1106.566705][ T9067]  ? vma_start_read+0x141/0x1f0
[ 1106.566788][ T9067]  do_user_addr_fault+0x630/0x1080
[ 1106.566878][ T9067]  exc_page_fault+0x62/0xa0
[ 1106.566908][ T9067]  asm_exc_page_fault+0x26/0x30
[ 1106.566931][ T9067] RIP: 0033:0x7f29b34f5f37
[ 1106.567012][ T9067] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 68 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d 79 f7 ea 00 48 01 d1 39 7c 24
[ 1106.567031][ T9067] RSP: 002b:00007ffcddd31fb0 EFLAGS: 00010206
[ 1106.567045][ T9067] RAX: 0000001b33224000 RBX: 000000000000048f RCX: 000000000010e050
[ 1106.567118][ T9067] RDX: 000000000569dc09 RSI: 00007ffcddd32040 RDI: 000000000000001a
[ 1106.567129][ T9067] RBP: 00007ffcddd31fec R08: 0000000014a6a271 R09: 7fffffffffffffff
[ 1106.567140][ T9067] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[ 1106.567151][ T9067] R13: 00000000000927c0 R14: 000000000010ddb5 R15: 00007ffcddd32040
[ 1106.567168][ T9067]  </TASK>
[ 1106.567174][ T9067] memory: usage 307200kB, limit 307200kB, failcnt 4929
[ 1106.778715][T15443] lo speed is unknown, defaulting to 1000
[ 1106.784529][ T9067] memory+swap: usage 308212kB, limit 9007199254740988kB, failcnt 0
[ 1106.784552][ T9067] kmem: usage 306960kB, limit 9007199254740988kB, failcnt 0
[ 1106.823300][ T9067] Memory cgroup stats for /syz3:
[ 1106.824352][ T9067] cache 8192
[ 1106.832488][ T9067] rss 0
[ 1106.835236][ T9067] shmem 0
[ 1106.838157][ T9067] mapped_file 0
[ 1106.841629][ T9067] dirty 0
[ 1106.844582][ T9067] writeback 0
[ 1106.847889][ T9067] workingset_refault_anon 1733
[ 1106.852706][ T9067] workingset_refault_file 9809
[ 1106.857540][ T9067] swap 1036288
[ 1106.860927][ T9067] swapcached 49152
[ 1106.864656][ T9067] pgpgin 2029729
[ 1106.868188][ T9067] pgpgout 2029669
[ 1106.871893][ T9067] pgfault 2191895
[ 1106.875523][ T9067] pgmajfault 734
[ 1106.879080][ T9067] inactive_anon 49152
[ 1106.883197][ T9067] active_anon 0
[ 1106.886637][ T9067] inactive_file 192512
[ 1106.890722][ T9067] active_file 4096
[ 1106.894590][ T9067] unevictable 0
[ 1106.898031][ T9067] hierarchical_memory_limit 314572800
[ 1106.903419][ T9067] hierarchical_memsw_limit 9223372036854771712
[ 1106.909556][ T9067] total_cache 8192
[ 1106.913409][ T9067] total_rss 0
[ 1106.916685][ T9067] total_shmem 0
[ 1106.920279][ T9067] total_mapped_file 0
[ 1106.924243][ T9067] total_dirty 0
[ 1106.927732][ T9067] total_writeback 0
[ 1106.931577][ T9067] total_workingset_refault_anon 1733
[ 1106.936855][ T9067] total_workingset_refault_file 9809
[ 1106.942156][ T9067] total_swap 1036288
[ 1106.946039][ T9067] total_swapcached 49152
[ 1106.950342][ T9067] total_pgpgin 2029729
[ 1106.954400][ T9067] total_pgpgout 2029669
[ 1106.958548][ T9067] total_pgfault 2191895
[ 1106.962766][ T9067] total_pgmajfault 734
[ 1106.966855][ T9067] total_inactive_anon 49152
[ 1106.971362][ T9067] total_active_anon 0
[ 1106.975448][ T9067] total_inactive_file 192512
[ 1106.980119][ T9067] total_active_file 4096
[ 1106.984414][ T9067] total_unevictable 0
[ 1106.984928][T15443] wg1 speed is unknown, defaulting to 1000
[ 1106.988450][ T9067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.14645,pid=15371,uid=0
[ 1107.009101][ T9067] Memory cgroup out of memory: Killed process 15371 (syz.3.14645) total-vm:95872kB, anon-rss:1136kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[ 1107.058481][T15445] loop2: detected capacity change from 0 to 2048
[ 1107.441439][ T8358] EXT4-fs unmount: 43 callbacks suppressed
[ 1107.441458][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1107.515501][T15459] loop4: detected capacity change from 0 to 764
[ 1107.533411][   T29] kauditd_printk_skb: 814 callbacks suppressed
[ 1107.533427][   T29] audit: type=1326 audit(1763134254.295:141411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15460 comm="syz.0.14675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1107.599990][T15459] Symlink component flag not implemented
[ 1107.605651][T15459] Symlink component flag not implemented
[ 1107.642333][   T29] audit: type=1326 audit(1763134254.295:141412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15460 comm="syz.0.14675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1107.666186][   T29] audit: type=1326 audit(1763134254.295:141413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15460 comm="syz.0.14675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1107.690563][   T29] audit: type=1326 audit(1763134254.295:141414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15460 comm="syz.0.14675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1107.714412][   T29] audit: type=1326 audit(1763134254.295:141415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15460 comm="syz.0.14675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1107.767764][   T29] audit: type=1400 audit(1763134254.435:141416): avc:  denied  { allowed } for  pid=15462 comm="syz.0.14676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1107.787757][   T29] audit: type=1400 audit(1763134254.505:141417): avc:  denied  { map } for  pid=15462 comm="syz.0.14676" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=163372 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1107.812496][   T29] audit: type=1400 audit(1763134254.505:141418): avc:  denied  { read write } for  pid=15462 comm="syz.0.14676" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=163372 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1107.843274][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1107.878210][   T29] audit: type=1400 audit(1763134254.635:141419): avc:  denied  { write } for  pid=15469 comm="syz.4.14680" name="ptype" dev="proc" ino=4026533165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 1107.901985][ T9067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1107.949367][T15475] loop6: detected capacity change from 0 to 512
[ 1107.975528][   T29] audit: type=1400 audit(1763134254.675:141420): avc:  denied  { ioctl } for  pid=15471 comm="syz.6.14678" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=163874 ioctlcmd=0x2402 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1108.020499][T15475] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1108.061035][T15475] ext4 filesystem being mounted at /466/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1108.086407][ T8124] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1108.138629][T15490] lo speed is unknown, defaulting to 1000
[ 1108.149579][T15494] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14687'.
[ 1108.171332][T15490] wg1 speed is unknown, defaulting to 1000
[ 1108.226678][T15501] vxcan0: tx address claim with dlc 0
[ 1108.237052][T15496] lo speed is unknown, defaulting to 1000
[ 1108.250585][T15505] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14691'.
[ 1108.276458][T15499] loop3: detected capacity change from 0 to 4096
[ 1108.316329][T15499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1108.341881][T15509] pim6reg: entered allmulticast mode
[ 1108.366642][T15509] pim6reg: left allmulticast mode
[ 1108.383243][T15496] wg1 speed is unknown, defaulting to 1000
[ 1108.463899][T15512] netlink: 'syz.0.14695': attribute type 39 has an invalid length.
[ 1108.543577][T15515] loop4: detected capacity change from 0 to 512
[ 1108.557378][T15515] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1108.568936][T15515] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1108.579199][T15515] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.14696: Corrupt directory, running e2fsck is recommended
[ 1108.646731][ T9067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1108.706324][T15515] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[ 1108.745218][T15515] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.14696: corrupted in-inode xattr: invalid ea_ino
[ 1108.779352][T15515] EXT4-fs (loop4): Remounting filesystem read-only
[ 1108.817604][T15515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1108.880260][T15515] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1108.891782][T15515] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1108.901968][T15515] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.14696: Corrupt directory, running e2fsck is recommended
[ 1108.974502][T15531] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1108.986888][T15531] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1108.997262][T15531] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.14696: Corrupt directory, running e2fsck is recommended
[ 1109.033275][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1109.044934][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1109.110376][T15539] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15539 comm=syz.6.14704
[ 1109.140482][T15543] loop4: detected capacity change from 0 to 512
[ 1109.155774][T15543] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.14705: error while reading EA inode 32 err=-116
[ 1109.185062][T15543] EXT4-fs (loop4): Remounting filesystem read-only
[ 1109.198241][T15543] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[ 1109.208868][T15543] EXT4-fs (loop4): 1 orphan inode deleted
[ 1109.215096][T15543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1109.258528][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1109.344957][T15547] loop4: detected capacity change from 0 to 764
[ 1109.365524][T15549] loop2: detected capacity change from 0 to 164
[ 1109.375595][T15547] Symlink component flag not implemented
[ 1109.381364][T15547] Symlink component flag not implemented
[ 1109.388005][T15549] Unable to read rock-ridge attributes
[ 1109.389560][T15545] loop6: detected capacity change from 0 to 1024
[ 1109.442448][T15545] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1109.529016][T15539] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4193: comm syz.6.14704: Allocating blocks 449-513 which overlap fs metadata
[ 1109.549428][T15538] EXT4-fs (loop6): pa ffff88810060f9a0: logic 48, phys. 177, len 21
[ 1109.557494][T15538] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1109.616684][T15562] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15562 comm=syz.2.14711
[ 1109.650575][T15562] siw: device registration error -23
[ 1109.682515][T15567] loop4: detected capacity change from 0 to 512
[ 1109.740300][T15567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1109.753668][T15567] ext4 filesystem being mounted at /497/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1109.765614][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1109.856869][T15580] bond1: entered promiscuous mode
[ 1109.862084][T15580] bond1: entered allmulticast mode
[ 1109.889246][T15584] loop3: detected capacity change from 0 to 764
[ 1109.900948][T15562] loop2: detected capacity change from 0 to 1024
[ 1109.924262][T15584] Symlink component flag not implemented
[ 1109.929960][T15584] Symlink component flag not implemented
[ 1109.940210][T15580] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1109.951467][T15562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1109.972612][T15586] loop6: detected capacity change from 0 to 164
[ 1109.994819][T15580] bond1 (unregistering): Released all slaves
[ 1110.011042][T15586] Unable to read rock-ridge attributes
[ 1110.150729][ T8124] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.325587][T15612] lo speed is unknown, defaulting to 1000
[ 1110.517146][T15612] wg1 speed is unknown, defaulting to 1000
[ 1110.552291][T15630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1110.577364][T15630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1110.614625][T15630] loop6: detected capacity change from 0 to 1024
[ 1110.652894][T15630] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1110.669889][T15630] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.681827][T15640] FAULT_INJECTION: forcing a failure.
[ 1110.681827][T15640] name failslab, interval 1, probability 0, space 0, times 0
[ 1110.694574][T15640] CPU: 1 UID: 0 PID: 15640 Comm: syz.2.14740 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1110.694667][T15640] Tainted: [W]=WARN
[ 1110.694674][T15640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1110.694752][T15640] Call Trace:
[ 1110.694760][T15640]  <TASK>
[ 1110.694769][T15640]  __dump_stack+0x1d/0x30
[ 1110.694793][T15640]  dump_stack_lvl+0xe8/0x140
[ 1110.694854][T15640]  dump_stack+0x15/0x1b
[ 1110.694873][T15640]  should_fail_ex+0x265/0x280
[ 1110.694895][T15640]  should_failslab+0x8c/0xb0
[ 1110.694926][T15640]  kmem_cache_alloc_lru_noprof+0x55/0x490
[ 1110.695020][T15640]  ? __d_alloc+0x3d/0x340
[ 1110.695053][T15640]  __d_alloc+0x3d/0x340
[ 1110.695086][T15640]  d_alloc+0x2e/0x100
[ 1110.695132][T15640]  lookup_one_qstr_excl+0x99/0x250
[ 1110.695163][T15640]  filename_create+0x149/0x230
[ 1110.695209][T15640]  do_mkdirat+0x52/0x3f0
[ 1110.695255][T15640]  __x64_sys_mkdir+0x42/0x50
[ 1110.695276][T15640]  x64_sys_call+0x2db9/0x3000
[ 1110.695359][T15640]  do_syscall_64+0xd2/0x200
[ 1110.695384][T15640]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[ 1110.695410][T15640]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[ 1110.695438][T15640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1110.695529][T15640] RIP: 0033:0x7fd3a4cbf6c9
[ 1110.695542][T15640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1110.695558][T15640] RSP: 002b:00007fd3a371f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 1110.695575][T15640] RAX: ffffffffffffffda RBX: 00007fd3a4f15fa0 RCX: 00007fd3a4cbf6c9
[ 1110.695614][T15640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[ 1110.695625][T15640] RBP: 00007fd3a371f090 R08: 0000000000000000 R09: 0000000000000000
[ 1110.695636][T15640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1110.695649][T15640] R13: 00007fd3a4f16038 R14: 00007fd3a4f15fa0 R15: 00007fff173e5ef8
[ 1110.695665][T15640]  </TASK>
[ 1110.963091][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1111.027560][T15653] loop2: detected capacity change from 0 to 1024
[ 1111.042655][T15657] netlink: 256 bytes leftover after parsing attributes in process `syz.3.14746'.
[ 1111.052966][T15653] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1111.081800][T15659] lo speed is unknown, defaulting to 1000
[ 1111.112118][T15653] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1111.117420][T15659] wg1 speed is unknown, defaulting to 1000
[ 1111.233978][ T8124] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1111.240259][T15672] loop4: detected capacity change from 0 to 2048
[ 1111.262755][T15672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1111.303064][T15676] loop2: detected capacity change from 0 to 2048
[ 1111.364596][T15676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1111.684498][T15687] loop3: detected capacity change from 0 to 512
[ 1111.735898][T15687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1111.848768][T15687] ext4 filesystem being mounted at /497/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1113.466468][ T9067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1113.665400][T15699] loop6: detected capacity change from 0 to 764
[ 1113.698299][   T29] kauditd_printk_skb: 482 callbacks suppressed
[ 1113.698312][   T29] audit: type=1400 audit(1763134260.455:141903): avc:  denied  { ioctl } for  pid=15698 comm="syz.6.14758" path="socket:[164265]" dev="sockfs" ino=164265 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1113.746185][T15699] Symlink component flag not implemented
[ 1113.751904][T15699] Symlink component flag not implemented
[ 1113.804207][T15703] loop3: detected capacity change from 0 to 764
[ 1113.829183][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1113.876761][T15703] Symlink component flag not implemented
[ 1113.882464][T15703] Symlink component flag not implemented
[ 1113.882743][   T29] audit: type=1326 audit(1763134260.635:141904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15690 comm="syz.0.14755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1113.911908][   T29] audit: type=1326 audit(1763134260.635:141905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15690 comm="syz.0.14755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1113.972531][T15712] loop6: detected capacity change from 0 to 512
[ 1113.981992][T15712] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1113.998635][   T29] audit: type=1326 audit(1763134260.705:141906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15690 comm="syz.0.14755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1114.022577][   T29] audit: type=1326 audit(1763134260.705:141907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15690 comm="syz.0.14755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1114.046484][   T29] audit: type=1326 audit(1763134260.705:141908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15690 comm="syz.0.14755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cbd6df6c9 code=0x7ffc0000
[ 1114.070350][   T29] audit: type=1326 audit(1763134260.705:141909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15709 comm="syz.3.14762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1114.094177][   T29] audit: type=1326 audit(1763134260.705:141910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15709 comm="syz.3.14762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1114.117990][   T29] audit: type=1326 audit(1763134260.705:141911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15709 comm="syz.3.14762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1114.141822][   T29] audit: type=1326 audit(1763134260.705:141912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15709 comm="syz.3.14762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1114.170394][T15712] EXT4-fs (loop6): 1 truncate cleaned up
[ 1114.180630][T15712] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1114.338388][ T8124] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1114.355690][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1114.393881][T15730] loop4: detected capacity change from 0 to 512
[ 1114.399655][T15732] loop2: detected capacity change from 0 to 764
[ 1114.402461][T15730] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.14770: error while reading EA inode 32 err=-116
[ 1114.425909][T15732] Symlink component flag not implemented
[ 1114.430038][T15730] EXT4-fs (loop4): Remounting filesystem read-only
[ 1114.431604][T15732] Symlink component flag not implemented
[ 1114.438259][T15730] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[ 1114.456805][T15730] EXT4-fs (loop4): 1 orphan inode deleted
[ 1114.463638][T15730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1114.491366][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1114.505750][T15739] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1114.507719][T15741] netlink: 256 bytes leftover after parsing attributes in process `syz.3.14775'.
[ 1114.581482][T15747] lo speed is unknown, defaulting to 1000
[ 1114.621066][T15747] wg1 speed is unknown, defaulting to 1000
[ 1114.651768][T15752] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1114.692380][T15758] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15758 comm=syz.4.14780
[ 1114.715425][T24366] IPVS: starting estimator thread 0...
[ 1114.725818][T15760] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14779'.
[ 1114.744948][T15764] loop3: detected capacity change from 0 to 128
[ 1114.809829][T15761] IPVS: using max 2976 ests per chain, 148800 per kthread
[ 1114.869163][T15764] bio_check_eod: 204 callbacks suppressed
[ 1114.869209][T15764] syz.3.14782: attempt to access beyond end of device
[ 1114.869209][T15764] loop3: rw=2049, sector=185, nr_sectors = 16 limit=128
[ 1114.899287][T15772] loop4: detected capacity change from 0 to 1024
[ 1114.917470][T15766] bond2: entered promiscuous mode
[ 1114.922612][T15766] bond2: entered allmulticast mode
[ 1114.923352][T15764] syz.3.14782: attempt to access beyond end of device
[ 1114.923352][T15764] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1114.930378][T15766] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1114.949352][T15764] syz.3.14782: attempt to access beyond end of device
[ 1114.949352][T15764] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[ 1114.961155][T15775] netlink: 'syz.0.14785': attribute type 24 has an invalid length.
[ 1114.963206][T15764] syz.3.14782: attempt to access beyond end of device
[ 1114.963206][T15764] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[ 1114.987151][T15766] bond2 (unregistering): Released all slaves
[ 1114.994030][T15772] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1115.027796][T15764] syz.3.14782: attempt to access beyond end of device
[ 1115.027796][T15764] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[ 1115.038148][T15758] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.14780: Allocating blocks 449-513 which overlap fs metadata
[ 1115.045974][T15764] syz.3.14782: attempt to access beyond end of device
[ 1115.045974][T15764] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[ 1115.064228][T15757] EXT4-fs (loop4): pa ffff888107161d20: logic 48, phys. 177, len 21
[ 1115.072278][T15764] syz.3.14782: attempt to access beyond end of device
[ 1115.072278][T15764] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1115.077031][T15757] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1115.090639][T15764] syz.3.14782: attempt to access beyond end of device
[ 1115.090639][T15764] loop3: rw=2049, sector=305, nr_sectors = 8 limit=128
[ 1115.114267][T15764] syz.3.14782: attempt to access beyond end of device
[ 1115.114267][T15764] loop3: rw=2049, sector=321, nr_sectors = 8 limit=128
[ 1115.128019][T15764] syz.3.14782: attempt to access beyond end of device
[ 1115.128019][T15764] loop3: rw=2049, sector=337, nr_sectors = 8 limit=128
[ 1115.257406][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1115.282111][T15785] loop3: detected capacity change from 0 to 764
[ 1115.303024][T15785] Symlink component flag not implemented
[ 1115.308677][T15785] Symlink component flag not implemented
[ 1115.354581][T15789] lo speed is unknown, defaulting to 1000
[ 1115.390117][T15789] wg1 speed is unknown, defaulting to 1000
[ 1115.454448][T15797] loop2: detected capacity change from 0 to 1024
[ 1115.471490][T24372] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[ 1115.479130][T15797] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[ 1115.485033][T24372] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1115.506571][T15799] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15799 comm=syz.3.14795
[ 1115.550550][T15799] siw: device registration error -23
[ 1115.554227][T15808] loop4: detected capacity change from 0 to 128
[ 1115.731426][T15813] bond2: entered promiscuous mode
[ 1115.736519][T15813] bond2: entered allmulticast mode
[ 1115.757685][T15816] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15816 comm=syz.6.14801
[ 1115.765470][T15813] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1115.847458][T15818] loop3: detected capacity change from 0 to 1024
[ 1115.862387][T15813] bond2 (unregistering): Released all slaves
[ 1116.022438][T15818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1116.220398][T15799] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.14795: Allocating blocks 449-513 which overlap fs metadata
[ 1116.242166][T15816] loop6: detected capacity change from 0 to 1024
[ 1116.243697][T15798] EXT4-fs (loop3): pa ffff888107161c40: logic 48, phys. 177, len 21
[ 1116.256650][T15798] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1116.318041][T15816] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1116.337886][ T9067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1116.349624][T15826] loop4: detected capacity change from 0 to 764
[ 1116.360966][T15826] Symlink component flag not implemented
[ 1116.366641][T15826] Symlink component flag not implemented
[ 1116.372911][T15816] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4193: comm syz.6.14801: Allocating blocks 449-513 which overlap fs metadata
[ 1116.398190][T15815] EXT4-fs (loop6): pa ffff88810060f850: logic 48, phys. 177, len 21
[ 1116.406437][T15815] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1116.431950][T15838] loop3: detected capacity change from 0 to 164
[ 1116.439164][T15838] Unable to read rock-ridge attributes
[ 1116.450846][T15833] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1116.480319][T14990] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[ 1116.499916][T14990] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1116.591598][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1116.713705][T15853] loop4: detected capacity change from 0 to 764
[ 1116.729719][T15853] Symlink component flag not implemented
[ 1116.735422][T15853] Symlink component flag not implemented
[ 1116.757089][T15855] loop6: detected capacity change from 0 to 2048
[ 1116.771919][T15855] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1116.794568][T15862] loop3: detected capacity change from 0 to 512
[ 1116.797127][T15863] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15863 comm=syz.4.14815
[ 1116.816635][T15863] siw: device registration error -23
[ 1116.823887][T15862] EXT4-fs (loop3): revision level too high, forcing read-only mode
[ 1116.835238][T15862] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1116.853590][T15862] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.14816: corrupted inode contents
[ 1116.877965][T15862] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #16: comm syz.3.14816: mark_inode_dirty error
[ 1116.903748][T15862] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.14816: corrupted inode contents
[ 1116.931715][T15862] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.14816: mark_inode_dirty error
[ 1116.955449][T15862] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.14816: corrupted inode contents
[ 1116.986317][T15862] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[ 1116.999946][T15862] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.14816: corrupted inode contents
[ 1117.015829][T15862] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.14816: mark_inode_dirty error
[ 1117.029446][T15862] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[ 1117.044749][T15863] loop4: detected capacity change from 0 to 1024
[ 1117.051914][T15862] EXT4-fs (loop3): 1 truncate cleaned up
[ 1117.057981][T27463] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:65: Failed to release dquot type 1
[ 1117.070336][T15862] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1117.083724][T15862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1117.094622][T15863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1117.129634][T15863] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.14815: Allocating blocks 449-513 which overlap fs metadata
[ 1117.134499][T15871] loop3: detected capacity change from 0 to 764
[ 1117.151702][T15861] EXT4-fs (loop4): pa ffff888107161c40: logic 48, phys. 177, len 21
[ 1117.159770][T15861] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1117.174467][T15871] Symlink component flag not implemented
[ 1117.180158][T15871] Symlink component flag not implemented
[ 1117.235327][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1117.267989][T24366] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[ 1117.278081][T15875] loop3: detected capacity change from 0 to 512
[ 1117.285176][T24366] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1117.300009][T15875] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1117.311631][T15875] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1117.321725][T15875] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.14820: Corrupt directory, running e2fsck is recommended
[ 1117.342573][T15873] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14819'.
[ 1117.388786][T15875] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[ 1117.397528][T15875] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.14820: corrupted in-inode xattr: invalid ea_ino
[ 1117.419076][T15875] EXT4-fs (loop3): Remounting filesystem read-only
[ 1117.426669][T15875] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1117.455608][T15875] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1117.467276][T15875] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1117.477410][T15875] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.14820: Corrupt directory, running e2fsck is recommended
[ 1117.529187][T15875] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1117.541758][T15875] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1117.551849][T15875] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.14820: Corrupt directory, running e2fsck is recommended
[ 1117.643833][T15900] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15900 comm=syz.4.14829
[ 1117.663322][ T9067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1117.674417][T15900] siw: device registration error -23
[ 1117.682715][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1117.726933][T15907] loop6: detected capacity change from 0 to 764
[ 1117.754021][T15907] Symlink component flag not implemented
[ 1117.759677][T15907] Symlink component flag not implemented
[ 1117.784191][T15911] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1117.849383][T15913] lo speed is unknown, defaulting to 1000
[ 1117.875415][T15915] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14833'.
[ 1117.950895][T15900] loop4: detected capacity change from 0 to 1024
[ 1117.951794][T15913] wg1 speed is unknown, defaulting to 1000
[ 1117.996737][T15900] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1118.037735][T15900] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.14829: Allocating blocks 449-513 which overlap fs metadata
[ 1118.053948][T15899] EXT4-fs (loop4): pa ffff888107161af0: logic 48, phys. 177, len 21
[ 1118.062026][T15899] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1118.090019][T15921] FAULT_INJECTION: forcing a failure.
[ 1118.090019][T15921] name failslab, interval 1, probability 0, space 0, times 0
[ 1118.102770][T15921] CPU: 0 UID: 0 PID: 15921 Comm: syz.6.14834 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1118.102802][T15921] Tainted: [W]=WARN
[ 1118.102888][T15921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1118.102900][T15921] Call Trace:
[ 1118.102907][T15921]  <TASK>
[ 1118.102914][T15921]  __dump_stack+0x1d/0x30
[ 1118.102934][T15921]  dump_stack_lvl+0xe8/0x140
[ 1118.102967][T15921]  dump_stack+0x15/0x1b
[ 1118.102985][T15921]  should_fail_ex+0x265/0x280
[ 1118.103003][T15921]  should_failslab+0x8c/0xb0
[ 1118.103030][T15921]  kmem_cache_alloc_noprof+0x50/0x480
[ 1118.103088][T15921]  ? getname_flags+0x80/0x3b0
[ 1118.103115][T15921]  getname_flags+0x80/0x3b0
[ 1118.103166][T15921]  user_path_at+0x28/0x130
[ 1118.103183][T15921]  vfs_open_tree+0x19c/0x530
[ 1118.103287][T15921]  __x64_sys_open_tree+0x45/0xc0
[ 1118.103334][T15921]  x64_sys_call+0x2a8b/0x3000
[ 1118.103353][T15921]  do_syscall_64+0xd2/0x200
[ 1118.103371][T15921]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[ 1118.103470][T15921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1118.103494][T15921] RIP: 0033:0x7fdb0e82f6c9
[ 1118.103511][T15921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1118.103531][T15921] RSP: 002b:00007fdb0d297038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac
[ 1118.103551][T15921] RAX: ffffffffffffffda RBX: 00007fdb0ea85fa0 RCX: 00007fdb0e82f6c9
[ 1118.103615][T15921] RDX: 0000000000008801 RSI: 0000200000000580 RDI: ffffffffffffffff
[ 1118.103628][T15921] RBP: 00007fdb0d297090 R08: 0000000000000000 R09: 0000000000000000
[ 1118.103639][T15921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1118.103715][T15921] R13: 00007fdb0ea86038 R14: 00007fdb0ea85fa0 R15: 00007ffdd11842d8
[ 1118.103750][T15921]  </TASK>
[ 1118.291462][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1118.367450][T15925] loop6: detected capacity change from 0 to 2048
[ 1118.396018][T15925] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1118.621377][T15945] loop2: detected capacity change from 0 to 164
[ 1118.629469][T15945] Unable to read rock-ridge attributes
[ 1118.672212][T15946] netlink: 32 bytes leftover after parsing attributes in process `syz.3.14843'.
[ 1118.689344][T15946] netlink: 32 bytes leftover after parsing attributes in process `syz.3.14843'.
[ 1118.750296][   T29] kauditd_printk_skb: 695 callbacks suppressed
[ 1118.750311][   T29] audit: type=1326 audit(1763134265.515:142607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1118.766692][T15961] loop2: detected capacity change from 0 to 764
[ 1118.844478][T15961] Symlink component flag not implemented
[ 1118.850298][T15961] Symlink component flag not implemented
[ 1118.859853][   T29] audit: type=1326 audit(1763134265.545:142608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1118.883820][   T29] audit: type=1326 audit(1763134265.545:142609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1118.908206][   T29] audit: type=1326 audit(1763134265.545:142610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1118.932016][   T29] audit: type=1326 audit(1763134265.555:142611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1118.956042][   T29] audit: type=1326 audit(1763134265.555:142612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1118.979856][   T29] audit: type=1326 audit(1763134265.555:142613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1119.003601][   T29] audit: type=1326 audit(1763134265.555:142614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1119.027544][   T29] audit: type=1326 audit(1763134265.555:142615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1119.051914][   T29] audit: type=1326 audit(1763134265.555:142616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15958 comm="syz.3.14851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29b361f6c9 code=0x7ffc0000
[ 1119.148993][T15972] loop2: detected capacity change from 0 to 512
[ 1119.158863][T15972] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1119.170447][T15972] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1119.180689][T15972] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14855: Corrupt directory, running e2fsck is recommended
[ 1119.194175][T15972] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[ 1119.202501][T15972] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.14855: corrupted in-inode xattr: invalid ea_ino
[ 1119.216577][T15972] EXT4-fs (loop2): Remounting filesystem read-only
[ 1119.223597][T15972] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1119.242388][T15972] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1119.253910][T15972] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1119.264008][T15972] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14855: Corrupt directory, running e2fsck is recommended
[ 1119.294172][T15972] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1119.305705][T15972] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1119.315803][T15972] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14855: Corrupt directory, running e2fsck is recommended
[ 1119.344939][ T8124] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1119.500712][T15980] loop3: detected capacity change from 0 to 164
[ 1119.540218][T15980] Unable to read rock-ridge attributes
[ 1119.664050][T15995] loop3: detected capacity change from 0 to 764
[ 1119.673585][T15981] lo speed is unknown, defaulting to 1000
[ 1119.687447][T15995] Symlink component flag not implemented
[ 1119.693151][T15995] Symlink component flag not implemented
[ 1119.712694][T15997] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14863'.
[ 1119.731225][T27445] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.751121][T15999] loop3: detected capacity change from 0 to 764
[ 1119.783476][T15981] wg1 speed is unknown, defaulting to 1000
[ 1119.792368][T15999] Symlink component flag not implemented
[ 1119.798071][T15999] Symlink component flag not implemented
[ 1119.826439][T27445] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.869355][T16007] loop3: detected capacity change from 0 to 164
[ 1119.895133][T16007] Unable to read rock-ridge attributes
[ 1119.903823][T27445] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.917785][T16012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14867'.
[ 1119.938375][T16005] lo speed is unknown, defaulting to 1000
[ 1119.950514][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1119.984250][T27445] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.014730][T16005] wg1 speed is unknown, defaulting to 1000
[ 1120.051393][T15981] chnl_net:caif_netlink_parms(): no params data found
[ 1120.054123][T16025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14874'.
[ 1120.070489][T16019] lo speed is unknown, defaulting to 1000
[ 1120.181567][T15981] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1120.188841][T15981] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1120.197208][T15981] bridge_slave_0: entered allmulticast mode
[ 1120.203807][T15981] bridge_slave_0: entered promiscuous mode
[ 1120.212292][T15981] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1120.218439][T16034] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16034 comm=syz.6.14878
[ 1120.219425][T15981] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1120.239637][T15981] bridge_slave_1: entered allmulticast mode
[ 1120.246858][T15981] bridge_slave_1: entered promiscuous mode
[ 1120.265091][T27445] batadv9: left allmulticast mode
[ 1120.270279][T27445] batadv9: left promiscuous mode
[ 1120.275459][T27445] bridge0: port 12(batadv9) entered disabled state
[ 1120.295068][T27445] batadv8: left allmulticast mode
[ 1120.300211][T27445] batadv8: left promiscuous mode
[ 1120.305259][T27445] bridge0: port 11(batadv8) entered disabled state
[ 1120.313237][T27445] batadv7: left allmulticast mode
[ 1120.318445][T27445] batadv7: left promiscuous mode
[ 1120.323555][T27445] bridge0: port 10(batadv7) entered disabled state
[ 1120.330958][T27445] batadv6: left allmulticast mode
[ 1120.336011][T27445] batadv6: left promiscuous mode
[ 1120.341165][T27445] bridge0: port 9(batadv6) entered disabled state
[ 1120.349081][T27445] bond0: left allmulticast mode
[ 1120.354072][T27445] bond_slave_0: left allmulticast mode
[ 1120.359570][T27445] bond_slave_1: left allmulticast mode
[ 1120.365267][T27445] bridge0: port 8(bond0) entered disabled state
[ 1120.373537][T27445] batadv5: left allmulticast mode
[ 1120.378666][T27445] batadv5: left promiscuous mode
[ 1120.378998][T16041] loop6: detected capacity change from 0 to 1024
[ 1120.383789][T27445] bridge0: port 7(batadv5) entered disabled state
[ 1120.397166][T27445] batadv4: left allmulticast mode
[ 1120.402134][T16041] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1120.402256][T27445] batadv4: left promiscuous mode
[ 1120.419917][T27445] bridge0: port 6(batadv4) entered disabled state
[ 1120.427324][T27445] batadv3: left allmulticast mode
[ 1120.432455][T27445] batadv3: left promiscuous mode
[ 1120.437571][T27445] bridge0: port 5(batadv3) entered disabled state
[ 1120.447238][T16034] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4193: comm syz.6.14878: Allocating blocks 449-513 which overlap fs metadata
[ 1120.465817][T27445] batadv2: left allmulticast mode
[ 1120.470919][T27445] batadv2: left promiscuous mode
[ 1120.474212][T16047] loop4: detected capacity change from 0 to 2048
[ 1120.476050][T27445] bridge0: port 4(batadv2) entered disabled state
[ 1120.477372][T16033] EXT4-fs (loop6): pa ffff88810060f850: logic 48, phys. 177, len 21
[ 1120.496925][T16033] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1120.501506][T16047] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1120.520356][T27445] batadv1: left allmulticast mode
[ 1120.525410][T27445] batadv1: left promiscuous mode
[ 1120.530481][T27445] bridge0: port 3(batadv1) entered disabled state
[ 1120.538711][T27445] bridge_slave_1: left allmulticast mode
[ 1120.544392][T27445] bridge_slave_1: left promiscuous mode
[ 1120.550084][T27445] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1120.558457][T27445] bridge_slave_0: left allmulticast mode
[ 1120.564195][T27445] bridge_slave_0: left promiscuous mode
[ 1120.569938][T27445] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1120.584205][T16051] netlink: 'syz.0.14884': attribute type 25 has an invalid length.
[ 1120.618196][T24366] page_pool_release_retry() stalled pool shutdown: id 296, 1 inflight 60 sec
[ 1120.686681][ T8745] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1120.700872][T27445] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1120.718440][T27445] bond_slave_0: left promiscuous mode
[ 1120.743693][T27445] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1120.762319][T27445] bond_slave_1: left promiscuous mode
[ 1120.777272][T27445] bond0 (unregistering): Released all slaves
[ 1120.794611][T27445] bond1 (unregistering): Released all slaves
[ 1120.818612][T16019] wg1 speed is unknown, defaulting to 1000
[ 1120.836351][T15981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1120.910683][T15981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1121.002072][T24374] kernel write not supported for file 1241/net/vlan/vlan1 (pid: 24374 comm: kworker/1:12)
[ 1121.040728][T27445] hsr_slave_0: left promiscuous mode
[ 1121.060362][T27445] hsr_slave_1: left promiscuous mode
[ 1121.077082][T27445] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1121.084526][T27445] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1121.137259][T27445] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1121.144743][T27445] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1121.160888][T16062] loop6: detected capacity change from 0 to 128
[ 1121.169276][T27445] veth1_macvtap: left promiscuous mode
[ 1121.200520][T16062] bio_check_eod: 204 callbacks suppressed
[ 1121.200612][T16062] syz.6.14888: attempt to access beyond end of device
[ 1121.200612][T16062] loop6: rw=2049, sector=138, nr_sectors = 112 limit=128
[ 1121.223288][T27445] veth0_macvtap: left promiscuous mode
[ 1121.228865][T27445] veth1_vlan: left promiscuous mode
[ 1121.236755][T27445] veth0_vlan: left promiscuous mode
[ 1121.513739][T27445] team0 (unregistering): Port device team_slave_1 removed
[ 1121.646245][T15981] team0: Port device team_slave_0 added
[ 1121.701856][T15981] team0: Port device team_slave_1 added
[ 1121.782954][T15981] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1121.789999][T15981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1121.816144][T15981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1121.827989][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1121.868693][T15981] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1121.875713][T15981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1121.901702][T15981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1121.942148][T15981] hsr_slave_0: entered promiscuous mode
[ 1121.949226][T15981] hsr_slave_1: entered promiscuous mode
[ 1121.955259][T15981] debugfs: 'hsr0' already exists in 'hsr'
[ 1121.961040][T15981] Cannot create hsr debugfs directory
[ 1121.970921][T16067] lo speed is unknown, defaulting to 1000
[ 1121.986349][T16068] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14889'.
[ 1122.080942][T16067] wg1 speed is unknown, defaulting to 1000
[ 1122.143599][T16074] pim6reg: entered allmulticast mode
[ 1122.161053][T16075] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1122.290077][T16079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14893'.
[ 1122.306458][T24366] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1122.326815][T24366] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1122.362361][T16081] loop4: detected capacity change from 0 to 128
[ 1122.446170][T16085] loop6: detected capacity change from 0 to 512
[ 1122.503931][T16085] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1122.521378][T16087] bond2: entered promiscuous mode
[ 1122.526611][T16087] bond2: entered allmulticast mode
[ 1122.527486][T16085] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1122.553237][T16087] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1122.563305][T16087] bond2 (unregistering): Released all slaves
[ 1122.587574][T16085] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.14896: corrupted inode contents
[ 1122.601618][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.601618][T16081] loop4: rw=2049, sector=185, nr_sectors = 16 limit=128
[ 1122.625941][T16085] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #16: comm syz.6.14896: mark_inode_dirty error
[ 1122.656764][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.656764][T16081] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1122.679235][T16085] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.14896: corrupted inode contents
[ 1122.698697][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.698697][T16081] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[ 1122.714313][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.714313][T16081] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[ 1122.722698][T15981] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1122.728609][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.728609][T16081] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[ 1122.751943][T16085] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.14896: mark_inode_dirty error
[ 1122.765998][T15981] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1122.773361][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.773361][T16081] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[ 1122.787332][T16085] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.14896: corrupted inode contents
[ 1122.801943][T15981] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1122.808949][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.808949][T16081] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1122.825633][T15981] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1122.832526][T16085] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem
[ 1122.844813][T16085] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.14896: corrupted inode contents
[ 1122.857067][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.857067][T16081] loop4: rw=2049, sector=305, nr_sectors = 8 limit=128
[ 1122.871355][T16081] syz.4.14894: attempt to access beyond end of device
[ 1122.871355][T16081] loop4: rw=2049, sector=321, nr_sectors = 8 limit=128
[ 1122.885184][T16085] EXT4-fs error (device loop6): ext4_truncate:4637: inode #16: comm syz.6.14896: mark_inode_dirty error
[ 1122.897362][T16085] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem
[ 1122.922743][T16085] EXT4-fs (loop6): 1 truncate cleaned up
[ 1122.928575][T27451] EXT4-fs error (device loop6): ext4_release_dquot:6981: comm kworker/u8:53: Failed to release dquot type 1
[ 1122.944736][T15981] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1122.993707][T16085] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1123.007684][T16100] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16100 comm=syz.4.14897
[ 1123.034019][T15981] 8021q: adding VLAN 0 to HW filter on device team0
[ 1123.042389][T16100] siw: device registration error -23
[ 1123.049785][T16102] loop3: detected capacity change from 0 to 2048
[ 1123.065587][T16085] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1123.081460][T27431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.088549][T27431] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1123.103176][T16102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1123.127536][T27431] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.134646][T27431] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1123.168039][T15981] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1123.178483][T15981] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1123.303542][T16108] netlink: 24 bytes leftover after parsing attributes in process `syz.6.14899'.
[ 1123.312715][T16108] netlink: 24 bytes leftover after parsing attributes in process `syz.6.14899'.
[ 1123.435335][T16100] loop4: detected capacity change from 0 to 1024
[ 1123.487082][T15981] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1123.507424][T16100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1123.543748][T16122] loop6: detected capacity change from 0 to 764
[ 1123.640736][T16122] Symlink component flag not implemented
[ 1123.646379][T16122] Symlink component flag not implemented
[ 1123.675826][T15981] veth0_vlan: entered promiscuous mode
[ 1123.682900][T16100] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.14897: Allocating blocks 449-513 which overlap fs metadata
[ 1123.714949][T16099] EXT4-fs (loop4): pa ffff88810060fa80: logic 48, phys. 177, len 21
[ 1123.723088][T16099] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1123.733949][T15981] veth1_vlan: entered promiscuous mode
[ 1123.740486][T16131] SELinux:  Context system_u:object_r:systemd_systemctl_exec_t:s0 is not valid (left unmapped).
[ 1123.758902][T15981] veth0_macvtap: entered promiscuous mode
[ 1123.764760][   T29] kauditd_printk_skb: 325 callbacks suppressed
[ 1123.764836][   T29] audit: type=1400 audit(1763134270.515:142941): avc:  denied  { relabelto } for  pid=16129 comm="syz.0.14902" name="bus" dev="tmpfs" ino=3140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:systemd_systemctl_exec_t:s0"
[ 1123.798846][   T29] audit: type=1400 audit(1763134270.515:142942): avc:  denied  { associate } for  pid=16129 comm="syz.0.14902" name="bus" dev="tmpfs" ino=3140 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_systemctl_exec_t:s0"
[ 1123.829776][T15981] veth1_macvtap: entered promiscuous mode
[ 1123.840770][T15981] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1123.858402][T15981] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1123.894906][T27431] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.945166][   T29] audit: type=1400 audit(1763134270.535:142943): avc:  denied  { rename } for  pid=16129 comm="syz.0.14902" name="bus" dev="tmpfs" ino=3140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:systemd_systemctl_exec_t:s0"
[ 1123.950722][T27431] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.972751][   T29] audit: type=1400 audit(1763134270.595:142944): avc:  denied  { unmount } for  pid=8745 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[ 1123.972777][   T29] audit: type=1400 audit(1763134270.635:142945): avc:  denied  { allowed } for  pid=16129 comm="syz.0.14902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1124.021824][   T29] audit: type=1400 audit(1763134270.665:142946): avc:  denied  { mounton } for  pid=15981 comm="syz-executor" path="/root/syzkaller.1RzyFj/syz-tmp" dev="sda1" ino=2089 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1124.046485][   T29] audit: type=1400 audit(1763134270.675:142947): avc:  denied  { mount } for  pid=15981 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1124.068869][   T29] audit: type=1400 audit(1763134270.675:142948): avc:  denied  { mount } for  pid=15981 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1124.091144][   T29] audit: type=1400 audit(1763134270.675:142949): avc:  denied  { mounton } for  pid=15981 comm="syz-executor" path="/root/syzkaller.1RzyFj/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1124.114611][T27431] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.118176][   T29] audit: type=1400 audit(1763134270.675:142950): avc:  denied  { mounton } for  pid=15981 comm="syz-executor" path="/root/syzkaller.1RzyFj/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=166483 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1124.167151][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1124.185938][T16137] lo speed is unknown, defaulting to 1000
[ 1124.194523][T27431] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.227536][T16137] wg1 speed is unknown, defaulting to 1000
[ 1124.268215][ T9093] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1124.277866][ T9093] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1124.308431][T16146] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14907'.
[ 1124.357080][T16148] netlink: 14 bytes leftover after parsing attributes in process `syz.6.14908'.
[ 1124.379425][T16150] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14909'.
[ 1124.431121][T16152] pim6reg: entered allmulticast mode
[ 1124.470417][T16152] pim6reg: left allmulticast mode
[ 1124.477234][T16156] loop6: detected capacity change from 0 to 164
[ 1124.485941][T16156] Unable to read rock-ridge attributes
[ 1124.591114][T16164] 9pnet_fd: Insufficient options for proto=fd
[ 1124.799102][ T9093] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[ 1124.809476][ T9093] hid-generic 0000:0000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1124.874468][T16179] loop2: detected capacity change from 0 to 1024
[ 1124.881209][T16179] EXT4-fs: Ignoring removed orlov option
[ 1124.917623][T16182] loop4: detected capacity change from 0 to 512
[ 1124.948960][ T9067] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.129798][T16179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1125.130617][T16182] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1125.153416][T16182] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1125.163516][T16182] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.14923: Corrupt directory, running e2fsck is recommended
[ 1125.180009][T16182] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[ 1125.182711][T27431] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.188654][T16182] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.14923: corrupted in-inode xattr: invalid ea_ino
[ 1125.214759][T16193] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16193 comm=syz.6.14927
[ 1125.232336][T16182] EXT4-fs (loop4): Remounting filesystem read-only
[ 1125.239119][ T9093] wg1 speed is unknown, defaulting to 1000
[ 1125.244991][ T9093] syz: Port: 1 Link DOWN
[ 1125.252784][T16182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1125.268142][T27431] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.286510][T16182] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1125.298073][T16182] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1125.308182][T16182] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.14923: Corrupt directory, running e2fsck is recommended
[ 1125.333206][T16182] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1125.344793][T16182] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[ 1125.350991][T16189] lo speed is unknown, defaulting to 1000
[ 1125.354924][T16182] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.14923: Corrupt directory, running e2fsck is recommended
[ 1125.372031][T16205] loop3: detected capacity change from 0 to 512
[ 1125.394025][T27431] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.419079][T16210] loop4: detected capacity change from 0 to 1024
[ 1125.431967][T16189] wg1 speed is unknown, defaulting to 1000
[ 1125.438432][T16210] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[ 1125.503643][T16189] chnl_net:caif_netlink_parms(): no params data found
[ 1125.588070][T16193] loop6: detected capacity change from 0 to 1024
[ 1125.595734][T16221] loop2: detected capacity change from 0 to 128
[ 1125.629213][T27431] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1125.662111][T16234] loop2: detected capacity change from 0 to 164
[ 1125.662456][T16189] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.675520][T16189] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1125.682982][T16189] bridge_slave_0: entered allmulticast mode
[ 1125.689483][T16189] bridge_slave_0: entered promiscuous mode
[ 1125.689489][T16234] Unable to read rock-ridge attributes
[ 1125.700480][T16189] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.707878][T16189] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1125.716911][T16189] bridge_slave_1: entered allmulticast mode
[ 1125.723521][T16189] bridge_slave_1: entered promiscuous mode
[ 1125.747973][T16189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1125.772069][T16189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1125.778623][T16238] loop3: detected capacity change from 0 to 512
[ 1125.790930][T27431] batadv3: left allmulticast mode
[ 1125.795994][T27431] batadv3: left promiscuous mode
[ 1125.801147][T27431] bridge0: port 6(batadv3) entered disabled state
[ 1125.803040][T16238] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.14937: error while reading EA inode 32 err=-116
[ 1125.821157][T16238] EXT4-fs (loop3): Remounting filesystem read-only
[ 1125.827708][T16238] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[ 1125.838010][T16238] EXT4-fs (loop3): 1 orphan inode deleted
[ 1125.838115][T27431] batadv2: left allmulticast mode
[ 1125.848826][T27431] batadv2: left promiscuous mode
[ 1125.854009][T27431] bridge0: port 5(batadv2) entered disabled state
[ 1125.861833][T27431] batadv1: left allmulticast mode
[ 1125.866582][T16243] loop6: detected capacity change from 0 to 512
[ 1125.866989][T27431] batadv1: left promiscuous mode
[ 1125.873592][T16243] EXT4-fs: Ignoring removed bh option
[ 1125.878347][T27431] bridge0: port 4(batadv1) entered disabled state
[ 1125.891208][T27431] batadv0: left allmulticast mode
[ 1125.891832][T16243] ext4 filesystem being mounted at /513/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1125.896316][T27431] batadv0: left promiscuous mode
[ 1125.911804][T27431] bridge0: port 3(batadv0) entered disabled state
[ 1125.919340][T27431] bridge_slave_1: left allmulticast mode
[ 1125.925063][T27431] bridge_slave_1: left promiscuous mode
[ 1125.930795][T27431] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1125.938813][T27431] bridge_slave_0: left allmulticast mode
[ 1125.944566][T27431] bridge_slave_0: left promiscuous mode
[ 1125.950307][T27431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1125.992191][T16248] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(13)
[ 1125.998797][T16248] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1126.007049][T16248] vhci_hcd vhci_hcd.0: Device attached
[ 1126.014973][T27431] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1126.024448][T27431] bond0 (unregistering): Released all slaves
[ 1126.040291][T16189] team0: Port device team_slave_0 added
[ 1126.047056][T16189] team0: Port device team_slave_1 added
[ 1126.053944][T16243] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[ 1126.067438][T16189] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1126.074487][T16189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1126.100505][T16189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1126.111983][T16189] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1126.118991][T16189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1126.144996][T16189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1126.172374][T16249] vhci_hcd: connection closed
[ 1126.172593][T27463] vhci_hcd: stop threads
[ 1126.181563][T27463] vhci_hcd: release socket
[ 1126.186058][T27463] vhci_hcd: disconnect device
[ 1126.200737][T16189] hsr_slave_0: entered promiscuous mode
[ 1126.207138][T16189] hsr_slave_1: entered promiscuous mode
[ 1126.213176][T16189] debugfs: 'hsr0' already exists in 'hsr'
[ 1126.219254][T16189] Cannot create hsr debugfs directory
[ 1126.228892][T27431] hsr_slave_0: left promiscuous mode
[ 1126.236673][T27431] hsr_slave_1: left promiscuous mode
[ 1126.243239][T16252] FAULT_INJECTION: forcing a failure.
[ 1126.243239][T16252] name failslab, interval 1, probability 0, space 0, times 0
[ 1126.256021][T16252] CPU: 0 UID: 0 PID: 16252 Comm: syz.2.14941 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1126.256101][T16252] Tainted: [W]=WARN
[ 1126.256107][T16252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1126.256134][T16252] Call Trace:
[ 1126.256140][T16252]  <TASK>
[ 1126.256147][T16252]  __dump_stack+0x1d/0x30
[ 1126.256169][T16252]  dump_stack_lvl+0xe8/0x140
[ 1126.256186][T16252]  dump_stack+0x15/0x1b
[ 1126.256247][T16252]  should_fail_ex+0x265/0x280
[ 1126.256264][T16252]  should_failslab+0x8c/0xb0
[ 1126.256287][T16252]  kmem_cache_alloc_noprof+0x50/0x480
[ 1126.256382][T16252]  ? audit_log_start+0x342/0x720
[ 1126.256407][T16252]  audit_log_start+0x342/0x720
[ 1126.256433][T16252]  ? kstrtouint+0x76/0xc0
[ 1126.256460][T16252]  audit_seccomp+0x48/0x100
[ 1126.256486][T16252]  ? __seccomp_filter+0x82d/0x1250
[ 1126.256531][T16252]  __seccomp_filter+0x83e/0x1250
[ 1126.256555][T16252]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1126.256581][T16252]  ? vfs_write+0x7e8/0x960
[ 1126.256646][T16252]  ? __rcu_read_unlock+0x4f/0x70
[ 1126.256668][T16252]  ? __fget_files+0x184/0x1c0
[ 1126.256693][T16252]  __secure_computing+0x82/0x150
[ 1126.256782][T16252]  syscall_trace_enter+0xcf/0x1e0
[ 1126.256806][T16252]  do_syscall_64+0xac/0x200
[ 1126.256824][T16252]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[ 1126.256911][T16252]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[ 1126.257001][T16252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1126.257020][T16252] RIP: 0033:0x7f16ba34f6c9
[ 1126.257033][T16252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1126.257048][T16252] RSP: 002b:00007f16b8daf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba
[ 1126.257065][T16252] RAX: ffffffffffffffda RBX: 00007f16ba5a5fa0 RCX: 00007f16ba34f6c9
[ 1126.257076][T16252] RDX: 0000000000009800 RSI: 0000000000000000 RDI: ffffffffffffffff
[ 1126.257087][T16252] RBP: 00007f16b8daf090 R08: 0000000000000000 R09: 0000000000000000
[ 1126.257110][T16252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1126.257121][T16252] R13: 00007f16ba5a6038 R14: 00007f16ba5a5fa0 R15: 00007ffe287014e8
[ 1126.257136][T16252]  </TASK>
[ 1126.477773][T27431] veth1_macvtap: left promiscuous mode
[ 1126.483355][T27431] veth0_macvtap: left promiscuous mode
[ 1126.543272][T16261] loop4: detected capacity change from 0 to 128
[ 1126.572126][T27431] team0 (unregistering): Port device team_slave_0 removed
[ 1126.645094][T16261] bio_check_eod: 98 callbacks suppressed
[ 1126.645110][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.645110][T16261] loop4: rw=2049, sector=185, nr_sectors = 16 limit=128
[ 1126.647519][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.651951][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.651951][T16261] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1126.664660][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.672142][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.672142][T16261] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128
[ 1126.685658][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.695322][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.695322][T16261] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128
[ 1126.707764][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.735076][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.735275][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.735275][T16261] loop4: rw=2049, sector=257, nr_sectors = 8 limit=128
[ 1126.742669][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.763485][ T9093] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1126.772043][ T9093] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[ 1126.786466][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.786466][T16261] loop4: rw=2049, sector=273, nr_sectors = 8 limit=128
[ 1126.794863][T16265] bond2: entered promiscuous mode
[ 1126.805135][T16265] bond2: entered allmulticast mode
[ 1126.805436][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.805436][T16261] loop4: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1126.816119][T16265] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1126.823872][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.823872][T16261] loop4: rw=2049, sector=305, nr_sectors = 8 limit=128
[ 1126.844146][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.844146][T16261] loop4: rw=2049, sector=321, nr_sectors = 8 limit=128
[ 1126.857723][T16261] syz.4.14944: attempt to access beyond end of device
[ 1126.857723][T16261] loop4: rw=2049, sector=337, nr_sectors = 8 limit=128
[ 1126.872812][T16265] bond2 (unregistering): Released all slaves
[ 1126.935689][T16274] loop6: detected capacity change from 0 to 164
[ 1126.944133][T16274] Unable to read rock-ridge attributes
[ 1126.965601][T16276] loop2: detected capacity change from 0 to 512
[ 1126.977488][T16276] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.14949: error while reading EA inode 32 err=-116
[ 1126.996515][T16276] EXT4-fs (loop2): Remounting filesystem read-only
[ 1127.003286][T16276] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[ 1127.013962][T16276] EXT4-fs (loop2): 1 orphan inode deleted
[ 1127.029524][ T9093] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1127.062908][T16283] __nla_validate_parse: 2 callbacks suppressed
[ 1127.062950][T16283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14952'.
[ 1127.065455][T16285] loop6: detected capacity change from 0 to 2048
[ 1127.069136][T16283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14952'.
[ 1127.096002][T27431] IPVS: stop unused estimator thread 0...
[ 1127.161902][T16298] loop4: detected capacity change from 0 to 1024
[ 1127.168839][T16298] EXT4-fs: inline encryption not supported
[ 1127.174698][T16298] EXT4-fs: Ignoring removed orlov option
[ 1127.181038][T16298] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1127.207540][T16189] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1127.221590][T16298] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[ 1127.233167][T16189] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1127.244833][T16298] System zones: 0-1, 3-12
[ 1127.253995][T16189] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1127.270377][T16189] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1127.289074][T16298] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[ 1127.301472][T16298] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1127.301472][T16298] 
[ 1127.311111][T16298] EXT4-fs (loop4): Total free blocks count 0
[ 1127.317089][T16298] EXT4-fs (loop4): Free/Dirty block details
[ 1127.323056][T16298] EXT4-fs (loop4): free_blocks=0
[ 1127.327991][T16298] EXT4-fs (loop4): dirty_blocks=0
[ 1127.333079][T16298] EXT4-fs (loop4): Block reservation details
[ 1127.339064][T16298] EXT4-fs (loop4): i_reserved_data_blocks=0
[ 1127.390224][T16189] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1127.402671][T16189] 8021q: adding VLAN 0 to HW filter on device team0
[ 1127.413877][T27431] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.420994][T27431] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1127.435254][T16311] loop4: detected capacity change from 0 to 1024
[ 1127.442591][T16311] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1127.453814][T16311] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[ 1127.470708][T27445] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1127.477823][T27445] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1127.492900][T16311] JBD2: no valid journal superblock found
[ 1127.498657][T16311] EXT4-fs (loop4): Could not load journal inode
[ 1127.514765][T16189] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1127.539079][T16311] loop4: detected capacity change from 0 to 1024
[ 1127.567774][T16311] EXT4-fs: Ignoring removed bh option
[ 1127.573250][T16311] EXT4-fs: inline encryption not supported
[ 1127.592494][T16311] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1127.607404][T16189] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1127.618841][T16311] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce019, mo2=0000]
[ 1127.633230][T16311] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.14958: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1127.681779][T16311] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.14958: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1127.712913][T16189] veth0_vlan: entered promiscuous mode
[ 1127.720902][T16189] veth1_vlan: entered promiscuous mode
[ 1127.738175][T16189] veth0_macvtap: entered promiscuous mode
[ 1127.745690][T16311] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.14958: Failed to acquire dquot type 0
[ 1127.747049][T16189] veth1_macvtap: entered promiscuous mode
[ 1127.768767][T16189] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1127.782096][T16326] loop3: detected capacity change from 0 to 128
[ 1127.790527][T16189] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1127.813092][T27463] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.825171][T16311] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[ 1127.841008][T27463] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.875659][T16311] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.14958: mark_inode_dirty error
[ 1127.888870][T27463] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.924807][T16330] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14926'.
[ 1127.927519][T27463] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.949753][T16311] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1127.955643][T16326] bond2: entered promiscuous mode
[ 1127.965147][T16326] bond2: entered allmulticast mode
[ 1127.971648][T16326] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1127.982961][T16326] bond2 (unregistering): Released all slaves
[ 1127.998635][T16311] EXT4-fs (loop4): 1 orphan inode deleted
[ 1128.019967][T27463] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:65: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1128.062370][T27463] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:65: Failed to release dquot type 0
[ 1128.111674][T14990] hid_parser_main: 23 callbacks suppressed
[ 1128.111693][T14990] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[ 1128.125913][ T8358] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1128.135595][T14990] hid-generic 0000:0000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1128.150002][T16342] loop2: detected capacity change from 0 to 164
[ 1128.158524][T16345] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16345 comm=syz.0.14967
[ 1128.172749][ T8358] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[ 1128.184125][T16342] Unable to read rock-ridge attributes
[ 1128.197091][T16347] loop3: detected capacity change from 0 to 764
[ 1128.198105][ T8358] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[ 1128.218414][T16345] siw: device registration error -23
[ 1128.243415][T16347] Symlink component flag not implemented
[ 1128.249081][T16347] Symlink component flag not implemented
[ 1128.305882][T16352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14965'.
[ 1128.314875][T16352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14965'.
[ 1128.361538][T16354] loop3: detected capacity change from 0 to 512
[ 1128.413380][T16354] ext4 filesystem being mounted at /542/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1128.488243][T16363] lo speed is unknown, defaulting to 1000
[ 1128.659936][ T9093] kernel write not supported for file 1359/net/vlan/vlan1 (pid: 9093 comm: kworker/0:0)
[ 1128.694232][T16361] loop4: detected capacity change from 0 to 128
[ 1128.778228][   T29] kauditd_printk_skb: 400 callbacks suppressed
[ 1128.778245][   T29] audit: type=1400 audit(1763134275.535:143346): avc:  denied  { create } for  pid=16367 comm="syz.2.14974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1128.852504][T16368] netlink: 256 bytes leftover after parsing attributes in process `syz.2.14974'.
[ 1128.864636][   T29] audit: type=1400 audit(1763134275.615:143347): avc:  denied  { write } for  pid=16367 comm="syz.2.14974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1128.928797][T16372] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16372 comm=syz.0.14975
[ 1128.944032][   T29] audit: type=1400 audit(1763134275.705:143348): avc:  denied  { unmount } for  pid=8358 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1129.002784][T16374] loop4: detected capacity change from 0 to 128
[ 1129.012745][   T29] audit: type=1400 audit(1763134275.775:143349): avc:  denied  { create } for  pid=16370 comm="syz.0.14975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1129.080401][   T29] audit: type=1400 audit(1763134275.775:143350): avc:  denied  { write } for  pid=16370 comm="syz.0.14975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1129.149941][   T29] audit: type=1400 audit(1763134275.895:143351): avc:  denied  { read } for  pid=16376 comm="syz.2.14977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1129.221336][T16379] bond2: entered promiscuous mode
[ 1129.226412][T16379] bond2: entered allmulticast mode
[ 1129.232227][   T29] audit: type=1400 audit(1763134275.965:143352): avc:  denied  { open } for  pid=16373 comm="syz.4.14976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[ 1129.252276][   T29] audit: type=1400 audit(1763134275.965:143353): avc:  denied  { kernel } for  pid=16373 comm="syz.4.14976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[ 1129.280907][T16379] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1129.305648][T16379] bond2 (unregistering): Released all slaves
[ 1129.385313][   T29] audit: type=1400 audit(1763134276.145:143354): avc:  denied  { execute } for  pid=16383 comm="syz.2.14979" name="file0" dev="tmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1129.408063][   T29] audit: type=1400 audit(1763134276.145:143355): avc:  denied  { execute_no_trans } for  pid=16383 comm="syz.2.14979" path="/25/file0" dev="tmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1129.537746][T16391] loop3: detected capacity change from 0 to 164
[ 1129.574806][T16391] Unable to read rock-ridge attributes
[ 1129.670823][T16394] loop2: detected capacity change from 0 to 512
[ 1129.674444][T16397] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16397 comm=syz.3.14985
[ 1129.698163][T16394] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1129.709708][T16394] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1129.719884][T16394] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14984: Corrupt directory, running e2fsck is recommended
[ 1129.725516][T16399] siw: device registration error -23
[ 1129.786707][T16394] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[ 1129.799977][T16394] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.14984: corrupted in-inode xattr: invalid ea_ino
[ 1129.818787][T16394] EXT4-fs (loop2): Remounting filesystem read-only
[ 1129.851574][T16403] loop4: detected capacity change from 0 to 128
[ 1129.859087][T16394] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1129.870644][T16394] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1129.870664][T16394] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14984: Corrupt directory, running e2fsck is recommended
[ 1129.882808][T16394] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1129.913291][T16394] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[ 1129.923381][T16394] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.14984: Corrupt directory, running e2fsck is recommended
[ 1129.986205][T16409] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16409 comm=syz.2.14989
[ 1130.018555][T16397] loop3: detected capacity change from 0 to 1024
[ 1130.026125][T16409] siw: device registration error -23
[ 1130.055770][T16414] loop4: detected capacity change from 0 to 2048
[ 1130.168249][T16420] netlink: 256 bytes leftover after parsing attributes in process `syz.3.14993'.
[ 1130.231357][T16426] loop3: detected capacity change from 0 to 128
[ 1130.243690][T16424] loop6: detected capacity change from 0 to 2048
[ 1130.412510][T16409] loop2: detected capacity change from 0 to 1024
[ 1130.522933][T16409] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.14989: Allocating blocks 449-513 which overlap fs metadata
[ 1130.549559][T16407] EXT4-fs (loop2): pa ffff888107161d20: logic 48, phys. 177, len 21
[ 1130.557657][T16407] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1130.665258][T16426] bond2: entered promiscuous mode
[ 1130.670903][T16426] bond2: entered allmulticast mode
[ 1130.765149][T16426] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1130.826846][T16426] bond2 (unregistering): Released all slaves
[ 1130.865684][T16411] syz.0.14991 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1130.876789][T16411] CPU: 0 UID: 0 PID: 16411 Comm: syz.0.14991 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1130.876890][T16411] Tainted: [W]=WARN
[ 1130.876897][T16411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1130.876909][T16411] Call Trace:
[ 1130.876917][T16411]  <TASK>
[ 1130.876926][T16411]  __dump_stack+0x1d/0x30
[ 1130.876952][T16411]  dump_stack_lvl+0xe8/0x140
[ 1130.877027][T16411]  dump_stack+0x15/0x1b
[ 1130.877047][T16411]  dump_header+0x81/0x220
[ 1130.877126][T16411]  oom_kill_process+0x342/0x400
[ 1130.877159][T16411]  out_of_memory+0x979/0xb80
[ 1130.877193][T16411]  try_charge_memcg+0x610/0xa10
[ 1130.877293][T16411]  charge_memcg+0x51/0xc0
[ 1130.877318][T16411]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[ 1130.877347][T16411]  __read_swap_cache_async+0x17b/0x2d0
[ 1130.877442][T16411]  swap_cluster_readahead+0x262/0x3c0
[ 1130.877470][T16411]  swapin_readahead+0xde/0x6f0
[ 1130.877492][T16411]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[ 1130.877536][T16411]  ? __lruvec_stat_mod_folio+0xd6/0x120
[ 1130.877568][T16411]  ? __rcu_read_unlock+0x4f/0x70
[ 1130.877595][T16411]  ? swap_cache_get_folio+0x277/0x280
[ 1130.877617][T16411]  do_swap_page+0x2ae/0x2370
[ 1130.877712][T16411]  ? css_rstat_updated+0xb7/0x240
[ 1130.877758][T16411]  ? __pfx_default_wake_function+0x10/0x10
[ 1130.877783][T16411]  handle_mm_fault+0x9a5/0x2be0
[ 1130.877805][T16411]  ? vma_start_read+0x141/0x1f0
[ 1130.877840][T16411]  do_user_addr_fault+0x630/0x1080
[ 1130.877894][T16411]  ? fpregs_restore_userregs+0xad/0x1d0
[ 1130.877931][T16411]  ? switch_fpu_return+0xe/0x20
[ 1130.877973][T16411]  ? fpregs_assert_state_consistent+0xb4/0xe0
[ 1130.878006][T16411]  exc_page_fault+0x62/0xa0
[ 1130.878069][T16411]  asm_exc_page_fault+0x26/0x30
[ 1130.878090][T16411] RIP: 0033:0x7f94426b594c
[ 1130.878106][T16411] Code: 66 0f 1f 44 00 00 69 3d 66 fd ea 00 e8 03 00 00 48 8d 1d 67 06 38 00 e8 e2 9c 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[ 1130.878125][T16411] RSP: 002b:00007ffd4566e400 EFLAGS: 00010202
[ 1130.878142][T16411] RAX: 0000000000000000 RBX: 00007f9442a35fa0 RCX: 0000000000000000
[ 1130.878196][T16411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557fa84808
[ 1130.878208][T16411] RBP: 00007f9442a37da0 R08: 0000000000000000 R09: 7fffffffffffffff
[ 1130.878220][T16411] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000011413e
[ 1130.878233][T16411] R13: 00007ffd4566e4f0 R14: ffffffffffffffff R15: 00007ffd4566e510
[ 1130.878298][T16411]  </TASK>
[ 1130.878306][T16411] memory: usage 307200kB, limit 307200kB, failcnt 4229
[ 1131.125284][T16411] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[ 1131.133310][T16411] kmem: usage 307064kB, limit 9007199254740988kB, failcnt 0
[ 1131.140619][T16411] Memory cgroup stats for /syz0:
[ 1131.178919][T16411] cache 0
[ 1131.186811][T16411] rss 0
[ 1131.189576][T16411] shmem 0
[ 1131.192567][T16411] mapped_file 0
[ 1131.196017][T16411] dirty 0
[ 1131.198967][T16411] writeback 4096
[ 1131.202591][T16411] workingset_refault_anon 5539
[ 1131.207350][T16411] workingset_refault_file 17200
[ 1131.212257][T16411] swap 172032
[ 1131.215537][T16411] swapcached 20480
[ 1131.219249][T16411] pgpgin 2698854
[ 1131.222850][T16411] pgpgout 2698821
[ 1131.226520][T16411] pgfault 2285682
[ 1131.230267][T16411] pgmajfault 1509
[ 1131.233942][T16411] inactive_anon 20480
[ 1131.238068][T16411] active_anon 0
[ 1131.241580][T16411] inactive_file 110592
[ 1131.245642][T16411] active_file 0
[ 1131.249167][T16411] unevictable 0
[ 1131.252684][T16411] hierarchical_memory_limit 314572800
[ 1131.258052][T16411] hierarchical_memsw_limit 9223372036854771712
[ 1131.264249][T16411] total_cache 0
[ 1131.267704][T16411] total_rss 0
[ 1131.271099][T16411] total_shmem 0
[ 1131.274547][T16411] total_mapped_file 0
[ 1131.278559][T16411] total_dirty 0
[ 1131.282099][T16411] total_writeback 4096
[ 1131.286161][T16411] total_workingset_refault_anon 5539
[ 1131.291499][T16411] total_workingset_refault_file 17200
[ 1131.296958][T16411] total_swap 172032
[ 1131.300795][T16411] total_swapcached 20480
[ 1131.305071][T16411] total_pgpgin 2698854
[ 1131.309144][T16411] total_pgpgout 2698821
[ 1131.313325][T16411] total_pgfault 2285682
[ 1131.317479][T16411] total_pgmajfault 1509
[ 1131.321665][T16411] total_inactive_anon 20480
[ 1131.326169][T16411] total_active_anon 0
[ 1131.330199][T16411] total_inactive_file 110592
[ 1131.334779][T16411] total_active_file 0
[ 1131.338781][T16411] total_unevictable 0
[ 1131.342875][T16411] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.14991,pid=16411,uid=0
[ 1131.357795][T16411] Memory cgroup out of memory: Killed process 16411 (syz.0.14991) total-vm:93752kB, anon-rss:1128kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[ 1131.412959][T16445] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16445 comm=syz.2.14998
[ 1131.526556][T16448] loop3: detected capacity change from 0 to 512
[ 1131.593036][T16448] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1131.604561][T16448] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1131.614778][T16448] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.14999: Corrupt directory, running e2fsck is recommended
[ 1131.703250][T16448] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[ 1131.736624][T16448] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.14999: corrupted in-inode xattr: invalid ea_ino
[ 1131.790044][T16448] EXT4-fs (loop3): Remounting filesystem read-only
[ 1131.822824][T16448] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1131.834351][T16448] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1131.844517][T16448] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.14999: Corrupt directory, running e2fsck is recommended
[ 1131.934281][T16445] loop2: detected capacity change from 0 to 1024
[ 1131.960742][T16450] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1131.972325][T16450] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[ 1131.982474][T16450] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.14999: Corrupt directory, running e2fsck is recommended
[ 1132.080077][T16445] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.14998: Allocating blocks 449-513 which overlap fs metadata
[ 1132.136005][T16444] EXT4-fs (loop2): pa ffff88810060f850: logic 48, phys. 177, len 21
[ 1132.144051][T16444] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1132.258381][T16459] lo speed is unknown, defaulting to 1000
[ 1132.345368][T16461] veth2: entered promiscuous mode
[ 1132.350775][T16461] veth2: entered allmulticast mode
[ 1132.434252][T16467] netlink: 256 bytes leftover after parsing attributes in process `syz.2.15005'.
[ 1132.622677][T16487] loop6: detected capacity change from 0 to 512
[ 1132.629506][T16487] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1132.639900][T16489] loop3: detected capacity change from 0 to 2048
[ 1132.647918][T16487] EXT4-fs (loop6): 1 truncate cleaned up
[ 1132.715797][T16494] loop6: detected capacity change from 0 to 164
[ 1132.723099][T16494] Unable to read rock-ridge attributes
[ 1132.755952][T16498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.15016'.
[ 1132.811692][T16500] loop6: detected capacity change from 0 to 128
[ 1132.820481][T16500] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1132.833953][T16502] netlink: 256 bytes leftover after parsing attributes in process `syz.4.15018'.
[ 1132.833942][T16500] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1132.925132][ T3586] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1132.975761][T16513] loop6: detected capacity change from 0 to 1024
[ 1132.988269][T16513] EXT4-fs: inline encryption not supported
[ 1132.994146][T16513] EXT4-fs: Ignoring removed orlov option
[ 1133.010863][T16513] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1133.024164][T16516] lo speed is unknown, defaulting to 1000
[ 1133.044953][T16513] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[ 1133.058319][T16513] System zones: 0-1, 3-12
[ 1133.080755][T16513] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[ 1133.093426][T16513] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1133.093426][T16513] 
[ 1133.103310][T16513] EXT4-fs (loop6): Total free blocks count 0
[ 1133.109294][T16513] EXT4-fs (loop6): Free/Dirty block details
[ 1133.115295][T16513] EXT4-fs (loop6): free_blocks=0
[ 1133.120372][T16513] EXT4-fs (loop6): dirty_blocks=0
[ 1133.125496][T16513] EXT4-fs (loop6): Block reservation details
[ 1133.131584][T16513] EXT4-fs (loop6): i_reserved_data_blocks=0
[ 1133.184227][T16525] loop6: detected capacity change from 0 to 512
[ 1133.191261][T16525] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1133.202507][T16525] EXT4-fs (loop6): 1 truncate cleaned up
[ 1133.300229][T16534] loop6: detected capacity change from 0 to 164
[ 1133.302706][T16538] netlink: 256 bytes leftover after parsing attributes in process `syz.4.15031'.
[ 1133.315970][T16534] Unable to read rock-ridge attributes
[ 1133.381170][T16545] pim6reg: entered allmulticast mode
[ 1133.387341][T16545] pim6reg: left allmulticast mode
[ 1133.400418][T16541] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1133.424747][T16547] loop4: detected capacity change from 0 to 512
[ 1133.449441][T16549] loop6: detected capacity change from 0 to 1024
[ 1133.485484][T16547] ext4 filesystem being mounted at /570/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1133.498566][T16551] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16551 comm=syz.2.15037
[ 1133.522860][T16549] EXT4-fs: inline encryption not supported
[ 1133.528741][T16549] EXT4-fs: Ignoring removed orlov option
[ 1133.548055][T16551] siw: device registration error -23
[ 1133.578073][T16549] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1133.633762][T16549] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[ 1133.649553][T16549] System zones: 0-1, 3-12
[ 1133.669444][T16549] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[ 1133.681921][T16549] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1133.681921][T16549] 
[ 1133.691631][T16549] EXT4-fs (loop6): Total free blocks count 0
[ 1133.697644][T16549] EXT4-fs (loop6): Free/Dirty block details
[ 1133.703724][T16549] EXT4-fs (loop6): free_blocks=0
[ 1133.708671][T16549] EXT4-fs (loop6): dirty_blocks=0
[ 1133.713742][T16549] EXT4-fs (loop6): Block reservation details
[ 1133.719751][T16549] EXT4-fs (loop6): i_reserved_data_blocks=0
[ 1133.780711][T16560] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16560 comm=syz.6.15038
[ 1133.793811][   T29] kauditd_printk_skb: 341 callbacks suppressed
[ 1133.793826][   T29] audit: type=1400 audit(1763134280.545:143697): avc:  denied  { ioctl } for  pid=16558 comm="syz.3.15039" path="socket:[168614]" dev="sockfs" ino=168614 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1133.879763][   T29] audit: type=1400 audit(1763134280.585:143698): avc:  denied  { create } for  pid=16562 comm="syz.3.15040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1133.899676][   T29] audit: type=1400 audit(1763134280.595:143699): avc:  denied  { execmem } for  pid=16562 comm="syz.3.15040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1133.932137][T16563] loop3: detected capacity change from 0 to 128
[ 1133.948005][T16551] loop2: detected capacity change from 0 to 1024
[ 1133.959499][   T29] audit: type=1400 audit(1763134280.695:143700): avc:  denied  { create } for  pid=16562 comm="syz.3.15040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1133.979396][   T29] audit: type=1400 audit(1763134280.705:143701): avc:  denied  { mount } for  pid=16562 comm="syz.3.15040" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1134.001769][   T29] audit: type=1400 audit(1763134280.705:143702): avc:  denied  { bind } for  pid=16550 comm="syz.2.15037" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1134.055695][T16569] loop3: detected capacity change from 0 to 512
[ 1134.063675][T16569] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1134.065315][T16551] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.15037: Allocating blocks 449-513 which overlap fs metadata
[ 1134.090518][T16569] EXT4-fs (loop3): 1 truncate cleaned up
[ 1134.100807][T16550] EXT4-fs (loop2): pa ffff888107161bd0: logic 48, phys. 177, len 21
[ 1134.108905][T16550] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1134.239486][T16560] loop6: detected capacity change from 0 to 1024
[ 1134.272688][   T29] audit: type=1400 audit(1763134281.035:143703): avc:  denied  { write } for  pid=16574 comm="syz.3.15043" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1134.293484][   T29] audit: type=1400 audit(1763134281.035:143704): avc:  denied  { setopt } for  pid=16576 comm="syz.0.15044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1134.345630][T16583] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16583 comm=syz.3.15046
[ 1134.364193][T16583] siw: device registration error -23
[ 1134.403613][   T29] audit: type=1400 audit(1763134281.035:143705): avc:  denied  { write } for  pid=16576 comm="syz.0.15044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1134.423422][   T29] audit: type=1400 audit(1763134281.035:143706): avc:  denied  { connect } for  pid=16576 comm="syz.0.15044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1134.447234][T16586] pim6reg: entered allmulticast mode
[ 1134.468386][T16586] pim6reg: left allmulticast mode
[ 1134.526394][T16583] loop3: detected capacity change from 0 to 1024
[ 1134.542650][T16594] loop2: detected capacity change from 0 to 164
[ 1134.552048][T16594] Unable to read rock-ridge attributes
[ 1134.572530][T16598] loop6: detected capacity change from 0 to 2048
[ 1134.586320][T16600] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16600 comm=syz.2.15053
[ 1134.692008][T16605] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1134.753643][T16609] loop3: detected capacity change from 0 to 512
[ 1134.767058][T16600] loop2: detected capacity change from 0 to 1024
[ 1134.778653][T16609] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1134.800246][T16609] EXT4-fs (loop3): 1 truncate cleaned up
[ 1134.846624][T16600] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.15053: Allocating blocks 449-513 which overlap fs metadata
[ 1134.864992][T16599] EXT4-fs (loop2): pa ffff8881071618c0: logic 48, phys. 177, len 21
[ 1134.873120][T16599] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1134.921718][T16615] loop3: detected capacity change from 0 to 512
[ 1134.929200][T16615] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1134.959509][T16615] EXT4-fs (loop3): 1 truncate cleaned up
[ 1135.015451][T16619] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16619 comm=syz.3.15056
[ 1135.029428][T16619] siw: device registration error -23
[ 1135.076947][T16621] loop2: detected capacity change from 0 to 764
[ 1135.096376][T16621] Symlink component flag not implemented
[ 1135.102071][T16621] Symlink component flag not implemented
[ 1135.203287][T16629] pim6reg: entered allmulticast mode
[ 1135.241268][T16632] loop2: detected capacity change from 0 to 512
[ 1135.242279][T16629] pim6reg: left allmulticast mode
[ 1135.249973][T16619] loop3: detected capacity change from 0 to 1024
[ 1135.274247][T16632] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1135.332959][T16619] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.15056: Allocating blocks 449-513 which overlap fs metadata
[ 1135.361605][T16618] EXT4-fs (loop3): pa ffff88810060fbd0: logic 48, phys. 177, len 21
[ 1135.369769][T16618] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1135.463024][T16640] siw: device registration error -23
[ 1135.513800][T16642] loop4: detected capacity change from 0 to 512
[ 1135.524775][T16642] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1135.536944][T16642] EXT4-fs (loop4): 1 truncate cleaned up
[ 1135.606204][T16649] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16649 comm=syz.4.15068
[ 1135.620475][T16647] loop3: detected capacity change from 0 to 764
[ 1135.630297][T16647] Symlink component flag not implemented
[ 1135.636043][T16647] Symlink component flag not implemented
[ 1135.816422][T16653] lo speed is unknown, defaulting to 1000
[ 1135.819509][T16655] loop4: detected capacity change from 0 to 1024
[ 1135.890756][T16649] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.15068: Allocating blocks 449-513 which overlap fs metadata
[ 1135.924649][T16648] EXT4-fs (loop4): pa ffff88810060fc40: logic 48, phys. 177, len 21
[ 1135.932821][T16648] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1135.956887][T16657] pim6reg: entered allmulticast mode
[ 1135.964268][T16657] pim6reg: left allmulticast mode
[ 1136.078507][T16665] loop6: detected capacity change from 0 to 128
[ 1136.171591][T16667] loop3: detected capacity change from 0 to 164
[ 1136.192970][T16667] Unable to read rock-ridge attributes
[ 1136.198680][T16669] loop4: detected capacity change from 0 to 1024
[ 1136.220028][T16669] EXT4-fs: inline encryption not supported
[ 1136.226003][T16669] EXT4-fs: Ignoring removed orlov option
[ 1136.240968][T16665] bio_check_eod: 418 callbacks suppressed
[ 1136.240982][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.240982][T16665] loop6: rw=2049, sector=185, nr_sectors = 16 limit=128
[ 1136.266212][T16669] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1136.277638][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.277638][T16665] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128
[ 1136.282409][T16671] bond2: entered promiscuous mode
[ 1136.291949][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.291949][T16665] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128
[ 1136.296169][T16671] bond2: entered allmulticast mode
[ 1136.306665][T16671] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1136.310463][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.310463][T16665] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[ 1136.335265][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.335265][T16665] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[ 1136.336375][T16669] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[ 1136.348857][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.348857][T16665] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128
[ 1136.368968][T16669] System zones: 0-1, 3-12
[ 1136.371433][T16678] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1136.386233][T16671] bond2 (unregistering): Released all slaves
[ 1136.401586][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.401586][T16665] loop6: rw=2049, sector=289, nr_sectors = 8 limit=128
[ 1136.430683][T16669] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[ 1136.431534][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.431534][T16665] loop6: rw=2049, sector=305, nr_sectors = 8 limit=128
[ 1136.443112][T16669] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1136.443112][T16669] 
[ 1136.443129][T16669] EXT4-fs (loop4): Total free blocks count 0
[ 1136.472372][T16669] EXT4-fs (loop4): Free/Dirty block details
[ 1136.478263][T16669] EXT4-fs (loop4): free_blocks=0
[ 1136.483353][T16669] EXT4-fs (loop4): dirty_blocks=0
[ 1136.488370][T16669] EXT4-fs (loop4): Block reservation details
[ 1136.494399][T16669] EXT4-fs (loop4): i_reserved_data_blocks=0
[ 1136.507081][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.507081][T16665] loop6: rw=2049, sector=321, nr_sectors = 8 limit=128
[ 1136.528465][T16665] syz.6.15072: attempt to access beyond end of device
[ 1136.528465][T16665] loop6: rw=2049, sector=337, nr_sectors = 8 limit=128
[ 1136.607637][T16685] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16685 comm=syz.4.15078
[ 1136.625386][T16685] siw: device registration error -23
[ 1136.634978][T16690] loop6: detected capacity change from 0 to 164
[ 1136.693659][T16696] loop2: detected capacity change from 0 to 512
[ 1136.724385][T16696] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1136.776406][T16696] EXT4-fs (loop2): 1 orphan inode deleted
[ 1136.782222][T16696] EXT4-fs (loop2): 1 truncate cleaned up
[ 1136.823715][T16696] FAULT_INJECTION: forcing a failure.
[ 1136.823715][T16696] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.836403][T16696] CPU: 0 UID: 0 PID: 16696 Comm: syz.2.15083 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1136.836505][T16696] Tainted: [W]=WARN
[ 1136.836511][T16696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1136.836522][T16696] Call Trace:
[ 1136.836529][T16696]  <TASK>
[ 1136.836537][T16696]  __dump_stack+0x1d/0x30
[ 1136.836558][T16696]  dump_stack_lvl+0xe8/0x140
[ 1136.836615][T16696]  dump_stack+0x15/0x1b
[ 1136.836629][T16696]  should_fail_ex+0x265/0x280
[ 1136.836648][T16696]  should_failslab+0x8c/0xb0
[ 1136.836679][T16696]  kmem_cache_alloc_noprof+0x50/0x480
[ 1136.836727][T16696]  ? getname_flags+0x80/0x3b0
[ 1136.836755][T16696]  getname_flags+0x80/0x3b0
[ 1136.836787][T16696]  user_path_at+0x28/0x130
[ 1136.836825][T16696]  __se_sys_fspick+0xaa/0x240
[ 1136.836851][T16696]  __x64_sys_fspick+0x43/0x50
[ 1136.836878][T16696]  x64_sys_call+0x44c/0x3000
[ 1136.836903][T16696]  do_syscall_64+0xd2/0x200
[ 1136.836969][T16696]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[ 1136.836993][T16696]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[ 1136.837083][T16696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1136.837161][T16696] RIP: 0033:0x7f16ba34f6c9
[ 1136.837231][T16696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1136.837247][T16696] RSP: 002b:00007f16b8daf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b1
[ 1136.837263][T16696] RAX: ffffffffffffffda RBX: 00007f16ba5a5fa0 RCX: 00007f16ba34f6c9
[ 1136.837276][T16696] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1136.837341][T16696] RBP: 00007f16b8daf090 R08: 0000000000000000 R09: 0000000000000000
[ 1136.837352][T16696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1136.837365][T16696] R13: 00007f16ba5a6038 R14: 00007f16ba5a5fa0 R15: 00007ffe287014e8
[ 1136.837385][T16696]  </TASK>
[ 1137.075427][T16685] loop4: detected capacity change from 0 to 1024
[ 1137.098267][T16702] loop2: detected capacity change from 0 to 512
[ 1137.110748][T16702] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1137.134555][T16702] EXT4-fs (loop2): 1 orphan inode deleted
[ 1137.140418][T16702] EXT4-fs (loop2): 1 truncate cleaned up
[ 1137.181360][T16685] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.15078: Allocating blocks 449-513 which overlap fs metadata
[ 1137.213873][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.221323][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.228804][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.248315][T16684] EXT4-fs (loop4): pa ffff88810060fbd0: logic 48, phys. 177, len 21
[ 1137.249770][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.256413][T16684] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[ 1137.263742][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.263840][T16684] ==================================================================
[ 1137.273661][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.280995][T16684] BUG: KCSAN: data-race in _prb_read_valid / prb_reserve
[ 1137.289041][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.296364][T16684] 
[ 1137.296370][T16684] write to 0xffffffff86917790 of 88 bytes by task 24370 on cpu 1:
[ 1137.296384][T16684]  prb_reserve+0x695/0xaf0
[ 1137.296403][T16684]  vprintk_store+0x56d/0x860
[ 1137.303533][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.310819][T16684]  vprintk_emit+0x10d/0x580
[ 1137.310842][T16684]  dev_vprintk_emit+0x242/0x2a0
[ 1137.310862][T16684]  dev_printk_emit+0x84/0xb0
[ 1137.310880][T16684]  __dev_printk+0xf3/0x110
[ 1137.310899][T16684]  _dev_warn+0x9b/0xd0
[ 1137.313224][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.320984][T16684]  hid_parser_main+0x7a5/0x800
[ 1137.325405][T24370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[ 1137.329958][T16684]  hid_open_report+0x48e/0x7a0
[ 1137.376905][T24370] hid-generic 0000:0000:0000.001A: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[ 1137.379231][T16684]  hid_generic_probe+0x33/0x70
[ 1137.398342][T16684]  hid_device_probe+0x312/0x4e0
[ 1137.403200][T16684]  really_probe+0x1bf/0x5c0
[ 1137.407712][T16684]  __driver_probe_device+0x121/0x190
[ 1137.412997][T16684]  driver_probe_device+0x37/0x2f0
[ 1137.418019][T16684]  __device_attach_driver+0x205/0x310
[ 1137.423384][T16684]  bus_for_each_drv+0x1c0/0x230
[ 1137.428236][T16684]  __device_attach+0x1c7/0x290
[ 1137.433032][T16684]  device_initial_probe+0x1a/0x30
[ 1137.438053][T16684]  bus_probe_device+0x143/0x1d0
[ 1137.442923][T16684]  device_add+0x5c9/0x770
[ 1137.447258][T16684]  hid_add_device+0x1b0/0x230
[ 1137.451922][T16684]  uhid_device_add_worker+0x2b/0xa0
[ 1137.457117][T16684]  process_scheduled_works+0x4ce/0x9d0
[ 1137.462595][T16684]  worker_thread+0x582/0x770
[ 1137.467177][T16684]  kthread+0x489/0x510
[ 1137.471456][T16684]  ret_from_fork+0x122/0x1b0
[ 1137.476038][T16684]  ret_from_fork_asm+0x1a/0x30
[ 1137.480814][T16684] 
[ 1137.483133][T16684] read to 0xffffffff86917790 of 8 bytes by task 16684 on cpu 0:
[ 1137.490764][T16684]  _prb_read_valid+0x1c4/0x920
[ 1137.495522][T16684]  prb_final_commit+0x136/0x1e0
[ 1137.500357][T16684]  vprintk_store+0x7c4/0x860
[ 1137.504935][T16684]  vprintk_emit+0x10d/0x580
[ 1137.509425][T16684]  vprintk_default+0x26/0x30
[ 1137.514006][T16684]  vprintk+0x1d/0x30
[ 1137.517898][T16684]  _printk+0x79/0xa0
[ 1137.521792][T16684]  __ext4_grp_locked_error+0x5d0/0x7b0
[ 1137.527253][T16684]  ext4_mb_release_inode_pa+0x594/0x5e0
[ 1137.532801][T16684]  ext4_discard_preallocations+0x616/0x980
[ 1137.538605][T16684]  ext4_release_file+0xf7/0x1c0
[ 1137.543543][T16684]  __fput+0x29b/0x650
[ 1137.547523][T16684]  ____fput+0x1c/0x30
[ 1137.551531][T16684]  task_work_run+0x131/0x1a0
[ 1137.556133][T16684]  exit_to_user_mode_loop+0xed/0x110
[ 1137.561425][T16684]  do_syscall_64+0x1d6/0x200
[ 1137.566105][T16684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1137.572000][T16684] 
[ 1137.574313][T16684] value changed: 0x0000000000007724 -> 0x0000000000009724
[ 1137.581400][T16684] 
[ 1137.583717][T16684] Reported by Kernel Concurrency Sanitizer on:
[ 1137.589855][T16684] CPU: 0 UID: 0 PID: 16684 Comm: syz.4.15078 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[ 1137.601312][T16684] Tainted: [W]=WARN
[ 1137.605107][T16684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1137.615148][T16684] ==================================================================
[ 1137.694630][ T8358] EXT4-fs unmount: 75 callbacks suppressed
[ 1137.694643][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.