last executing test programs:

2.563748364s ago: executing program 4 (id=2190):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x900, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffe0, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x9, 0xc, 0x8, 0x1}}}}]}, 0x48}}, 0x4008800)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

2.299127526s ago: executing program 4 (id=2195):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x10c)
fcntl$setlease(r1, 0x400, 0x1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2.268517356s ago: executing program 4 (id=2196):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9)
pwritev2(r1, 0x0, 0x0, 0x2000, 0x0, 0x3)

2.188110076s ago: executing program 4 (id=2198):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x8000002)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c000000020601030000000000000000000000010900020073797a3000000000050001000600000005000500000000000500040000000000140007800800114000000000050015000c0000000d000300686173683a6d6163"], 0x5c}}, 0x0)

2.187564147s ago: executing program 4 (id=2199):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000100)={0x0, 0xeb6, 0x5, 0xc00}, 0x8)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
syz_usb_connect(0x3, 0x2d, 0x0, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r5=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='xdp_devmap_xmit\x00', 0xffffffffffffffff, 0x0, 0x2000000000000000}, 0x18)
membarrier(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip_vs_stats\x00')
bind$can_j1939(r4, &(0x7f0000000380)={0x1d, r5, 0x1, {0x0, 0x1, 0x3}, 0xfe}, 0x18)
sendmmsg$sock(r4, &(0x7f0000001c80)=[{{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000005c0)="0cb3bcaddbae60dff8", 0x9}], 0x1}}, {{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000001b00)="b667b4", 0x3}], 0x1}}], 0x2, 0x10)

2.049986137s ago: executing program 3 (id=2203):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000ffdbdf250c", @ANYRES32=r3, @ANYBLOB="0c00038005"], 0x2c}, 0x1, 0x0, 0x0, 0x818}, 0x4)

2.010972678s ago: executing program 3 (id=2204):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000880)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000002e0000000c000500000000570000000008000200", @ANYRES32=r2, @ANYBLOB="05002b0003000000"], 0x30}}, 0x0)
r4 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000036c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002100)=ANY=[@ANYBLOB="c8010000000201010000000000004c000700000294000a80080001400000000008000140000000000800014000000000700002800600034000010000060003400001000006000340100100000c00028005000100110000002c00018014000300fe8000000000800000000000000000bb14000400fe80000000000000000000000000001206000340000300000c000280050001000600000006000340000000000800214000000001f00003800c00028005f7d9db2619310ea600018014000300ff02000000000000800000000000000114000400ff0200000000000000f20000000000010c00028005000100210000001400018008000100ac14142308000200e00000022c000180140003000000000000000000000000000000000014000400fc0000000000000000000000000000001400018008000100ac1414bb08000200e00000022c000180140003002001000000000000000000000000000014000400200100000000000000000000400000011400018008000100ac1414bb08000200ac1414aa14000180080001006401010108000200ffffffff0e0006007369702d32303030300000000e0006006674702d007369702d323030303000"/456], 0x1c8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})
sendmsg$can_raw(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@canfd={{0x4, 0x1, 0x0, 0x1}, 0x28, 0x2, 0x0, 0x0, "494c9d6c097393f81b202b5477a26cd8670531c89bc60ca94cfaf216c68cbe6a2d68ee49bc37a5156e18b36935c537dcc22114f5dd76a7b07fc558661df80fd0"}, 0x48}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000000c0), 0xd, 0x200000)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010bc0)='kfree\x00', r9, 0x0, 0x4}, 0x18)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000100010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)
ioctl$SG_BLKTRACETEARDOWN(r7, 0x1276, 0x0)
fsopen(&(0x7f0000000040)='9p\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r11 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r11, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r12 = open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
sendfile(r12, r12, 0x0, 0x800000009)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="02030003130000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56dee2944af05000600000000000a004e2300000007ff010000000000000000000000000001010000800000000002000100000000000000070c0000008005000500000000000a004e23000000fffe8000000000000000000000000000aaff010000000000000200130002"], 0x98}, 0x1, 0x7}, 0x0)

1.68217839s ago: executing program 0 (id=2207):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd26, 0x25dfdafd, {0x0, 0x0, 0x0, r3, {0xc, 0xc}, {0x1f9666b4ac8f9708, 0xfff1}, {0x0, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x4044000}, 0x4041080)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000040)={'team0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000ffff26bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15170000bcb7040008000a00", @ANYRES32=r6, @ANYBLOB="140012800c0001006d6163767461700004000280080005"], 0x44}, 0x1, 0x0, 0x0, 0x240448c5}, 0x8000002)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c000000020601030000000000000000000000010900020073797a3000000000050001000600000005000500000000000500040000000000140007800800114000000000050015000c0000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8, 0x0, 0x1}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r9}, 0x18)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
fsetxattr$security_selinux(r10, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r12, 0x0, 0x6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lgetxattr(0x0, 0x0, 0x0, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="640000001000ffff25bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7a0a0500212b0000440012800b000100697036746e6c000034000280140003000000000000000000000082620000003f14000200fe80000000000000000000000000000f08000100", @ANYRES32], 0x64}}, 0x24000000)
write$cgroup_int(r11, &(0x7f0000000040)=0xfe8e, 0x12)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.61511181s ago: executing program 0 (id=2209):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x80}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'tunl0\x00'})
socket$vsock_stream(0x28, 0x1, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)={0x1c, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}]}, 0x1c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)

1.59632037s ago: executing program 0 (id=2210):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00"/11], 0x48)
syz_io_uring_setup(0x4000066e, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x2, 0xfffffffb}, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000280)=0x1, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r1}, 0x38)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0xffffffffffffff74}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000019200)='svc_xprt_dequeue\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)

1.477110451s ago: executing program 2 (id=2211):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x10c)
fcntl$setlease(r1, 0x400, 0x1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.445091581s ago: executing program 0 (id=2212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x14d9, &(0x7f0000000480)={0x0, 0x5121, 0x0, 0x3, 0x257}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file1\x00'})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.444807691s ago: executing program 2 (id=2213):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'macvtap0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x28001}, 0x4000094)

1.352146662s ago: executing program 2 (id=2215):
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r2 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
wait4(r2, 0x0, 0x40000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000246cbca80000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0x6, 0x20200)
ioctl$LOOP_GET_STATUS64(r5, 0x4c05, &(0x7f00000006c0))
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r6, 0x0, 0x20000023896)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r1, 0x58, &(0x7f0000000040)}, 0x10)
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
quotactl_fd$Q_QUOTAOFF(r4, 0x3, r7, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r8, 0x3, 0x25, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r8, 0x3, 0x25, 0x0, 0x0, 0x0, 0x119, 0x0, 0xffffffffffffffa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x40)
fcntl$getown(r0, 0x9)
r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0)
write$vga_arbiter(r9, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
write$vga_arbiter(r9, &(0x7f0000000340)=ANY=[@ANYBLOB="6465636f646573206e6f6e6500848506c5a67345c07ad49a4abb37f972f54541c2aeb0b0195e4f4715138eb35fa8d9aa83817e1e3fb5e85ee9484c96dcad27fe1983fd3f2dfa2827fee4271ed04edee316a795b9498c3a9f7837201f577d8bec080ac9ac52"], 0xd)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0000}]})
close_range(r10, 0xffffffffffffffff, 0x0)

1.240285942s ago: executing program 0 (id=2217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0xffffffffffffff74}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)

880.263724ms ago: executing program 3 (id=2218):
r0 = syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x1a00404, &(0x7f0000000080)={[{@noblock_validity}, {@grpquota}]}, 0x1, 0xbb9, &(0x7f00000017c0)="$eJzs3M1rHGUYAPBnJpvv2KQiaotgQKqiuE2bUqGn1rOooAePjcmmhGw/TCKY0ENa7+pBxENB+icI3u3Fk+ChHrT+BUUsUvTS9rAy+5Gu2WwSk81Om/5+8Gbed97JPs+T2e68AzsN4Ik1nv1IIw5FxNkkYrS+P42IvmpvIGK1dtz9u5ens5ZEpfL+X0kkEXHv7uXpxmsl9e1wfTAQETffSuLpz1rjLi6vzE+Vy6WF+vjo0vlLRxeXV96YOz91rnSudOHE5JsnJk9OTnaw1tuXPvrmhV/eefnq9c8n3v36wE9JnI6R+lxzHZ0yHuNrf5NmhYiY6nSwnPTU62muMynkmBAAAJtKm9Zwz8Zo9MTDxdto/PhrrskBAAAAHVHpiagAAAAA+1zi/h8AAAD2ucb3AO7dvTzdaPl+I6G77pyJiLFa/Y3nm2szhVitbgeiNyKG/k6i+bHWpPZruzaeRfr+51LWYqvnkAc7EHCd1SsR8fxG5z+p1j9WfYq7tf40IiY6EH983bjb77/d1H+6A/Hzrh+AJ9ONM7ULWev1L62tf/pro/XXv8IG166dyPv611j/3W9Z/6Vr67+eNuu/97YZ4/CD1262m2te/334xe8zWfxsu6ui/oc7VyIOFzaqP1mrP2lT/9ltxhievn2t3VxWf1Zvo3W7/sr1iCPV1Vxr/Q3JZv8/0dHZuXJpovZzg9dfPrl5/Obzn7UsfuNeoBuy8z8UOzv/l7YZY+y5Pw+1m9u6/vSPvuSDaq+vvufTqaWlhWMRfcnbrfuPb55L45jGa2T1v/rS5v/+N6o/+0xYrf8dsnfPlfo2G19dF3P4yPHvdl7/3srqn9nh+f9ymzG+/eHax+3m8q4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdDGhEjkaTFtX6aFosRwxHxTAyl5YuLS6/PXvzkwkw2FzEWvensXLk0ERGjtXGSjY9V+w/Hx9eNJyPiYER8NTpYHRenL5Zn8i4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANcMRMRJJWoyINCL+GU3TYjHvrAAAAICOG8s7AQAAAGDPuf8HAACA/a/l/r/wn9FAN3MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgXzr44o1bSUSsnhqstkxffa4318yAvZZu77Chvc4D6L6evBMAclNo6lcqlUqOqQBd5h4fSLaYH2g709/xXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4dL1y6MatJCJWTw1WW6avPteba2bAXkvzTgDITc9mk8mWO4DHWCHvBIDcuMcHaiv7B5Wa1vmBtr/Zv+uoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw+RqotSYsRkVb7aVosRjwVEWPRm8zOlUsTEXEgIn4b7e3PxsfyThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICOW1xemZ8ql0sLOvu2U6mf60clnyejMxhdizVYP8FtjulvP7VJJ8cPJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcrO4vDI/VS6XFhbzzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI2+LyyvxUuVxa2MNO3jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCffwMAAP//xB0HRA==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000100)="2e9b3d0007e03dd65193df163e75963f86ddf06712e9001c2f8db0049d90491c3248040000f858dbb8a1", 0x2a}, {&(0x7f0000000200)="c082b44eb524", 0x6}, {&(0x7f0000000140)="a43b2eaab4000000000000006558d25d9aebb39c5da12af6af9d88a8", 0x1c}], 0x3)
ioctl$int_out(r0, 0x5466, &(0x7f0000000500))
r5 = socket$qrtr(0x2a, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$qrtr(r5, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_RCVMTU(r6, 0x112, 0xd, &(0x7f0000000040)=0xcc8, &(0x7f0000000200)=0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
mbind(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000000340)=0x3, 0x227, 0x3)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)

857.084745ms ago: executing program 1 (id=2219):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x900, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c6572"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffe0, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x9, 0xc, 0x8, 0x1}}}}]}, 0x48}}, 0x4008800)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

755.474495ms ago: executing program 3 (id=2220):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000000040000cd00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000980), 0x0, 0x2c, 0xe8034000, 0x0, 0x0, 0x0, 0x0, 0x5dc}, 0x50)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x20, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x80, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pI4   \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000540)='fib6_table_lookup\x00', r1, 0x0, 0xffffffffffffff70}, 0x18)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

736.280675ms ago: executing program 1 (id=2221):
r0 = open(&(0x7f00000000c0)='.\x00', 0x48800, 0x50)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004b1e00400064000001069078ac1414bbac1414bb8303b044140fc10a01010100000005ac1414aa0000000a004e224e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="b6bddde93d7fceda"], 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

696.621445ms ago: executing program 3 (id=2222):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x1}, 0x18)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

696.215885ms ago: executing program 3 (id=2223):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYBLOB="8ca8212001bdeb31df55316db80b159149c13979dff8e2f834d258f530df94a26b814a0fa9f01582ab3d7708d01c49a1e3cb4bab3f00ac1ab6c35da48ddf13409f1d29c9f5d589935705e88346ca815f350f10b08203138b4c66b28ee10081790cb5206335196c3dfc04df1389b7357eb94fd15aed1cd0e34a93f9", @ANYRES32, @ANYRES32, @ANYRESDEC, @ANYRES32, @ANYRES8], 0x48)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x8, r1)
tgkill(r1, r1, 0x1a)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESOCT=r0], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
fsync(r4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
madvise(&(0x7f0000ff4000/0x9000)=nil, 0x9000, 0xc)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
r8 = fcntl$dupfd(r6, 0x0, r7)
ioctl$int_in(r8, 0x5452, &(0x7f0000000000)=0x8001)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYRES16=r8], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x57, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000200)='9p_protocol_dump\x00', r9}, 0x18)
r10 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000040), &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
shutdown(r8, 0x1)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000240)=@generic={&(0x7f00000001c0)='./file0\x00'}, 0x18)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)=@generic={&(0x7f0000000140)='./file0\x00', r11}, 0x18)

630.776936ms ago: executing program 2 (id=2224):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x10c)
fcntl$setlease(r1, 0x400, 0x1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

615.555766ms ago: executing program 2 (id=2225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000008600850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
sysinfo(&(0x7f0000000540)=""/190)
lsm_set_self_attr(0x66, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
unshare(0x6a040000)
r3 = socket$xdp(0x2c, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
getsockopt$XDP_STATISTICS(r3, 0x11b, 0x8, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
open$dir(0x0, 0x20040, 0x0)
r5 = inotify_init()
inotify_add_watch(r5, &(0x7f00000000c0)='./file0\x00', 0x420)
inotify_add_watch(r5, &(0x7f0000000040)='./file0\x00', 0x10000000)
setsockopt$inet_tcp_buf(r4, 0x6, 0x21, &(0x7f0000000280)="dc8daf8d760c0b8caa98fa19c6a35a18883775d272c579ff", 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x400, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r6, &(0x7f0000000140)=@known='system.posix_acl_default\x00', &(0x7f00000002c0)='a\x00K\xbc\x1d\x00~\x92\xe8\x1eV\xfd\xf1\xbc\xf6k\f\xeat\xb0\xd8G\t\xdb(\x00\x00\x00\x00\x00\x00\bq\xb7\xdfr\xcb\x80\xb8\xa2W\x1a\xea\xc6A-H\x90\x9fr\xf1D#Y\xba\xe7y@\x7f\x8c\x9cR\x90\xeap\xfa\xe2G n\xa9no$\xb8k<lY\x17e\x99\t\xd9Ll\x82\x18\x1d:\xa9Z\xc7\x13\xa3\x1cA[\xe7C\x85\xe7\x1bd\xda\xe7\xb2\xf0c\xeb\x9br1\x93\r\xbf\xe2\xe1%\x1b\xe9\x9c\x8a\xa8#\xf5\nJ\xce&\xf4\xb1\xa9I\rE\xa5\xd57\x96\x8d*\x12\xb4\xf7\xf0\xc51\x1fyP\v-\rx\xee\x0eGE\x8c\x83\\d\xd3B\x13\x99\xee\xcc\x85\xf1>\x98\xba\x14\xb1L\xb1_:4\xf5\x98y\xcd\x92=\\\xd9\xcf,\xaaxAN', 0xc3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)

518.152656ms ago: executing program 2 (id=2226):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000000000000611070000000000007000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x3c)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r4, <r6=>0xffffffffffffffff}, &(0x7f0000000880), &(0x7f00000008c0)=r3}, 0x20)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000006c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x2, @local}}}, 0x108)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={&(0x7f0000000040)="b64b6779e728a585fc6d831c9c111ee3bf867c7fa20663508d961b5b0bc1d4eded804b84c8ee0b5e7b55af44aa8bf4a16c4d4aaf896a13f650a3b4f737945a9a179a6ceb93adadb8dd841258d0f04b02868cd415ab9bc48b055a8b3f92b143cb16138c216513a045af2101e7e3c507bedee404330f1171812cdaeed17a0e89dd4863a4e6808ca6b7046c38f33b9a0417e1c8fae7a9", 0x0, 0x0, 0x0}, 0x38)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000c00)=@nat={'nat\x00', 0x1b, 0x5, 0x670, 0x250, 0x458, 0xffffffff, 0x0, 0x0, 0x5a0, 0x5a0, 0xffffffff, 0x5a0, 0x5a0, 0x5, &(0x7f0000000b80), {[{{@uncond, 0x0, 0x208, 0x250, 0x0, {}, [@common=@hl={{0x28}, {0x3, 0x80}}, @common=@rt={{0x138}, {0x8, [0x40, 0x4], 0xfffffff9, 0x1, 0x2, [@mcast2, @local, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1a}}, @ipv4={'\x00', '\xff\xff', @loopback}, @remote, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1={0xfc, 0x1, '\x00', 0x1}, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, @rand_addr=' \x01\x00', @private2, @local, @private1={0xfc, 0x1, '\x00', 0x1}], 0xa}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x11, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @ipv4=@empty, @icmp_id=0x65, @icmp_id=0x64}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv4=@loopback, @gre_key=0x1, @icmp_id=0x65}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@mh={{0x28}, {'$$'}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0xe, @ipv4=@local, @ipv4=@remote, @port=0x4e23, @gre_key=0x9}}}, {{@uncond, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'hsr0\x00', {0x22, 0x5, 0x71e, 0x4, 0x5, 0xce7, 0x10, 0x8}, {0x1}}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x8, @ipv6=@local, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @gre_key, @gre_key=0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000060000000000000100000a0900010073797a31000000000900030073797a3000000000a4000300"], 0x118}, 0x1, 0x0, 0x0, 0x240401d4}, 0x240408d0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f00000004c0)={'ip6gre0\x00', &(0x7f00000003c0)={'ip6_vti0\x00', <r8=>0x0, 0x4, 0x7c, 0xff, 0x7, 0x4, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0x700, 0x8, 0x5, 0x8}})
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$GTP_CMD_ECHOREQ(r3, &(0x7f0000001400)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x8801002}, 0xc, &(0x7f00000013c0)={&(0x7f0000001380)={0x1c, r9, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004804}, 0x240040c0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x3, 0x15, &(0x7f0000000280)=@raw=[@jmp={0x5, 0x1, 0x5, 0x0, 0x7, 0x80, 0xffffffffffffffff}, @generic={0x9, 0x8, 0x4, 0x4, 0x100}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}], &(0x7f0000000340)='GPL\x00', 0x800, 0xa1, &(0x7f0000000940)=""/161, 0x40f00, 0x10, '\x00', r8, @fallback=0x15, r3, 0x8, &(0x7f0000000500)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000580)={0x5, 0x0, 0x6, 0x8}, 0x10, 0xffffffffffffffff, r2, 0x6, &(0x7f00000005c0)=[r3, r3, r6, r5], &(0x7f0000000800)=[{0x0, 0x2, 0xd, 0xa}, {0x2, 0x2, 0x2, 0x3}, {0x2, 0x5, 0x3}, {0x3, 0x2, 0x10, 0x9}, {0x4, 0x2, 0x10, 0x5}, {0x3, 0x2, 0x1, 0x3}], 0x10, 0x4e}, 0x94)

512.231647ms ago: executing program 1 (id=2227):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x14d9, &(0x7f0000000480)={0x0, 0x5121, 0x0, 0x3, 0x257}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000080)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file1\x00'})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

438.583997ms ago: executing program 4 (id=2228):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000080000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000008000000850000000600000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
readv(r2, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@getchain={0x24, 0x66, 0x100, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xd, 0xffff}, {0x2, 0xffff}, {0xfff1, 0xf}}}, 0x24}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x800003}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80d1}, 0x45)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x4}, 0x18)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000a00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r9 = socket$igmp(0x2, 0x3, 0x2)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80004}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x28, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$MRT_ADD_MFC(r9, 0x0, 0x5, &(0x7f0000000240)={@broadcast, @empty, 0xeffb, "66c5aff8a6eb3af1f6cec2e7420000008c84aea31700", 0x96bd, 0x1000000, 0x7e, 0x6b}, 0x3c)
setsockopt$MRT_INIT(r9, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r11 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r11, 0x400, 0x0)

308.748248ms ago: executing program 0 (id=2229):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r3 = open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
sendfile(r3, r3, 0x0, 0x800000009)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="02030003130000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56dee2944af05000600000000000a004e2300000007ff010000000000000000000000000001010000800000000002000100000000000000070c0000008005000500000000000a004e23000000fffe8000000000000000000000000000aaff010000000000000200130002"], 0x98}, 0x1, 0x7}, 0x0)

308.443978ms ago: executing program 1 (id=2230):
r0 = syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x1a00404, &(0x7f0000000080)={[{@noblock_validity}, {@grpquota}]}, 0x1, 0xbb9, &(0x7f00000017c0)="$eJzs3M1rHGUYAPBnJpvv2KQiaotgQKqiuE2bUqGn1rOooAePjcmmhGw/TCKY0ENa7+pBxENB+icI3u3Fk+ChHrT+BUUsUvTS9rAy+5Gu2WwSk81Om/5+8Gbed97JPs+T2e68AzsN4Ik1nv1IIw5FxNkkYrS+P42IvmpvIGK1dtz9u5ens5ZEpfL+X0kkEXHv7uXpxmsl9e1wfTAQETffSuLpz1rjLi6vzE+Vy6WF+vjo0vlLRxeXV96YOz91rnSudOHE5JsnJk9OTnaw1tuXPvrmhV/eefnq9c8n3v36wE9JnI6R+lxzHZ0yHuNrf5NmhYiY6nSwnPTU62muMynkmBAAAJtKm9Zwz8Zo9MTDxdto/PhrrskBAAAAHVHpiagAAAAA+1zi/h8AAAD2ucb3AO7dvTzdaPl+I6G77pyJiLFa/Y3nm2szhVitbgeiNyKG/k6i+bHWpPZruzaeRfr+51LWYqvnkAc7EHCd1SsR8fxG5z+p1j9WfYq7tf40IiY6EH983bjb77/d1H+6A/Hzrh+AJ9ONM7ULWev1L62tf/pro/XXv8IG166dyPv611j/3W9Z/6Vr67+eNuu/97YZ4/CD1262m2te/334xe8zWfxsu6ui/oc7VyIOFzaqP1mrP2lT/9ltxhievn2t3VxWf1Zvo3W7/sr1iCPV1Vxr/Q3JZv8/0dHZuXJpovZzg9dfPrl5/Obzn7UsfuNeoBuy8z8UOzv/l7YZY+y5Pw+1m9u6/vSPvuSDaq+vvufTqaWlhWMRfcnbrfuPb55L45jGa2T1v/rS5v/+N6o/+0xYrf8dsnfPlfo2G19dF3P4yPHvdl7/3srqn9nh+f9ymzG+/eHax+3m8q4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdDGhEjkaTFtX6aFosRwxHxTAyl5YuLS6/PXvzkwkw2FzEWvensXLk0ERGjtXGSjY9V+w/Hx9eNJyPiYER8NTpYHRenL5Zn8i4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANcMRMRJJWoyINCL+GU3TYjHvrAAAAICOG8s7AQAAAGDPuf8HAACA/a/l/r/wn9FAN3MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgXzr44o1bSUSsnhqstkxffa4318yAvZZu77Chvc4D6L6evBMAclNo6lcqlUqOqQBd5h4fSLaYH2g709/xXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4dL1y6MatJCJWTw1WW6avPteba2bAXkvzTgDITc9mk8mWO4DHWCHvBIDcuMcHaiv7B5Wa1vmBtr/Zv+uoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw+RqotSYsRkVb7aVosRjwVEWPRm8zOlUsTEXEgIn4b7e3PxsfyThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICOW1xemZ8ql0sLOvu2U6mf60clnyejMxhdizVYP8FtjulvP7VJJ8cPJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcrO4vDI/VS6XFhbzzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI2+LyyvxUuVxa2MNO3jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCffwMAAP//xB0HRA==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000100)="2e9b3d0007e03dd65193df163e75963f86ddf06712e9001c2f8db0049d90491c3248040000f858dbb8a1", 0x2a}, {&(0x7f0000000200)="c082b44eb524", 0x6}, {&(0x7f0000000140)="a43b2eaab4000000000000006558d25d9aebb39c5da12af6af9d88a8", 0x1c}], 0x3)
ioctl$int_out(r0, 0x5466, &(0x7f0000000500))
r5 = socket$qrtr(0x2a, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$qrtr(r5, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_RCVMTU(r6, 0x112, 0xd, &(0x7f0000000040)=0xcc8, &(0x7f0000000200)=0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
mbind(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000000340)=0x3, 0x227, 0x3)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)

199.343848ms ago: executing program 1 (id=2231):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x6, 0x76b5}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd27}, 0x94)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="05000000460a"], 0x80}}, 0x0)
sendmsg$can_bcm(r1, 0x0, 0x4000000)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r5}, 0x18)
syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x758e, 0x80, 0x0, 0x34f}, &(0x7f00000000c0), &(0x7f0000000080))
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000040))
r6 = socket(0x2, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000100)={0x1, &(0x7f00000001c0)=[{0x6, 0x4, 0x6, 0x6}]}, 0x10)
fadvise64(0xffffffffffffffff, 0x1, 0x4, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030000000000002000128008000100677470001400028008000300030000000500060006000000c59103a99f845c670ce66a9e7755c05c5f55a9f1c82776d0a2f0bb3ad75ae6414d08000000dee3a159952253942b8593fe4d1fd5118eabe09018b237e1d7afb2bc8d84e20ebf18ce65792bda2d9cb384dc"], 0x40}}, 0x0)
syz_clone(0x4c82a000, &(0x7f0000000040)="ee9d8ed01de7cd4f6f7070", 0xb, 0x0, 0x0, 0x0)

0s ago: executing program 1 (id=2232):
syz_usb_connect(0x6, 0xb43, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
setns(r2, 0x66020000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x9, 0x3, 0x2c0, 0x100, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x1f0, 0xffffffff, 0xffffffff, 0x1f0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [0x0, 0xffffffff, 0xffffff00, 0xff], [0x0, 0x0, 0x0, 0xff], 'veth0_to_hsr\x00', 'pimreg0\x00', {0xff}, {}, 0x4, 0x1, 0x2}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x2, 0x6, 0x5}, {0x4, 0x4, 0x2}, 0x81, 0xb42}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @empty, [0x0, 0xffffffff, 0xff000000], [0xffffffff, 0xffffffff, 0x0, 0xffffffff], 'pimreg\x00', 'veth0_virt_wifi\x00', {}, {}, 0xff, 0x6, 0x5, 0x12}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x2, 0xfffffffd, 0x2, 'pptp\x00', {0xa}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_clone(0x400a1400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  138.441483][ T7531] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  138.507481][ T7537] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7537 comm=syz.4.1359
[  138.571071][ T7539] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  138.688937][ T7541] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  138.709072][ T7541] syzkaller0: entered promiscuous mode
[  138.714707][ T7541] syzkaller0: entered allmulticast mode
[  138.760423][ T7541] tipc: Resetting bearer <eth:syzkaller0>
[  138.774721][ T7540] tipc: Resetting bearer <eth:syzkaller0>
[  138.789074][ T7540] tipc: Disabling bearer <eth:syzkaller0>
[  138.904948][ T7543] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  138.923840][ T7543] tipc: Resetting bearer <eth:syzkaller0>
[  138.933103][ T7547] loop1: detected capacity change from 0 to 2048
[  138.943673][ T7542] tipc: Disabling bearer <eth:syzkaller0>
[  139.070805][ T7554] loop2: detected capacity change from 0 to 2048
[  139.084699][ T7554] 9pnet_fd: Insufficient options for proto=fd
[  139.120699][ T7548] loop4: detected capacity change from 0 to 512
[  139.186872][ T7548] EXT4-fs (loop4): orphan cleanup on readonly fs
[  139.203956][ T7548] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1362: Failed to acquire dquot type 1
[  139.221106][ T7559] __nla_validate_parse: 3 callbacks suppressed
[  139.221122][ T7559] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1367'.
[  139.244648][ T7561] loop3: detected capacity change from 0 to 1024
[  139.258515][ T7548] EXT4-fs (loop4): 1 truncate cleaned up
[  139.264566][ T7561] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.319387][ T7561] netlink: '': attribute type 30 has an invalid length.
[  139.372176][ T7573] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7573 comm=syz.0.1370
[  139.478685][ T7579] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7579 comm=syz.2.1374
[  139.510648][ T7582] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  139.519422][ T7582] tipc: Resetting bearer <eth:syzkaller0>
[  139.526212][ T7583] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  139.540002][ T7581] tipc: Disabling bearer <eth:syzkaller0>
[  139.601209][ T7587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1377'.
[  139.651302][ T7593] loop0: detected capacity change from 0 to 128
[  139.797881][ T7603] loop3: detected capacity change from 0 to 4096
[  139.856557][ T7597] loop2: detected capacity change from 0 to 512
[  139.872212][ T7597] EXT4-fs (loop2): orphan cleanup on readonly fs
[  139.890880][ T7597] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1378: Failed to acquire dquot type 1
[  139.905109][ T7597] EXT4-fs (loop2): 1 truncate cleaned up
[  139.913304][ T7609] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7609 comm=syz.4.1386
[  139.981081][ T7611] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  139.996178][ T7611] tipc: Resetting bearer <eth:syzkaller0>
[  140.008711][ T7610] tipc: Disabling bearer <eth:syzkaller0>
[  140.018741][ T7613] loop3: detected capacity change from 0 to 2048
[  140.029543][ T7616] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1389'.
[  140.042656][ T7613] 9pnet_fd: Insufficient options for proto=fd
[  140.103675][ T7625] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  140.138665][ T7633] loop0: detected capacity change from 0 to 2048
[  140.157857][ T7633] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.1397: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  140.174916][ T7633] EXT4-fs (loop0): Remounting filesystem read-only
[  140.183238][ T7633] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1397'.
[  140.200114][ T7640] loop1: detected capacity change from 0 to 1024
[  140.207964][ T7640] EXT4-fs: Ignoring removed nomblk_io_submit option
[  140.237586][ T7643] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  140.298653][ T7647] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7647 comm=syz.0.1400
[  140.300479][ T7649] loop1: detected capacity change from 0 to 2048
[  140.322572][ T7649] 9pnet_fd: Insufficient options for proto=fd
[  140.375719][ T7653] loop1: detected capacity change from 0 to 2048
[  140.512003][ T7655] loop0: detected capacity change from 0 to 512
[  140.521701][ T7655] EXT4-fs (loop0): orphan cleanup on readonly fs
[  140.535756][ T7655] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1405: Failed to acquire dquot type 1
[  140.578705][ T7655] EXT4-fs (loop0): 1 truncate cleaned up
[  140.618212][ T7667] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  140.630333][ T7669] loop0: detected capacity change from 0 to 1024
[  140.639713][ T7667] syzkaller0: entered promiscuous mode
[  140.645234][ T7667] syzkaller0: entered allmulticast mode
[  140.649700][ T7669] EXT4-fs: Ignoring removed nomblk_io_submit option
[  140.660950][ T7667] tipc: Resetting bearer <eth:syzkaller0>
[  140.667862][ T7666] tipc: Resetting bearer <eth:syzkaller0>
[  140.676308][ T7666] tipc: Disabling bearer <eth:syzkaller0>
[  140.708351][ T7675] siw: device registration error -23
[  140.838418][ T7683] loop1: detected capacity change from 0 to 2048
[  140.849161][ T7683] 9pnet_fd: Insufficient options for proto=fd
[  140.890697][ T7685] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  140.900849][ T7687] loop4: detected capacity change from 0 to 2048
[  140.916373][ T7687] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1417: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  140.933053][ T7687] EXT4-fs (loop4): Remounting filesystem read-only
[  140.940827][ T7687] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1417'.
[  141.103768][ T7694] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  141.339679][ T7704] loop1: detected capacity change from 0 to 1024
[  141.346759][ T7704] EXT4-fs: Ignoring removed nomblk_io_submit option
[  141.612117][ T7732] loop0: detected capacity change from 0 to 1024
[  141.619179][ T7732] EXT4-fs: Ignoring removed nomblk_io_submit option
[  141.643781][ T7737] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  141.811879][ T7741] loop2: detected capacity change from 0 to 512
[  141.828767][ T7741] EXT4-fs (loop2): orphan cleanup on readonly fs
[  141.837673][ T7741] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1435: Failed to acquire dquot type 1
[  141.853491][ T7741] EXT4-fs (loop2): 1 truncate cleaned up
[  142.155862][ T7756] loop3: detected capacity change from 0 to 4096
[  142.498226][ T7773] loop3: detected capacity change from 0 to 1024
[  142.516393][ T7773] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.593142][ T7779] loop3: detected capacity change from 0 to 2048
[  142.627021][ T7779] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.1448: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  142.687530][ T7784] loop0: detected capacity change from 0 to 512
[  142.712328][ T7784] EXT4-fs (loop0): orphan cleanup on readonly fs
[  142.721176][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1448'.
[  142.752627][ T7784] __quota_error: 172 callbacks suppressed
[  142.752644][ T7784] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  142.768922][ T7784] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  142.778494][ T7784] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1449: Failed to acquire dquot type 1
[  142.799957][ T7779] EXT4-fs (loop3): Remounting filesystem read-only
[  142.846520][ T7784] EXT4-fs (loop0): 1 truncate cleaned up
[  142.869781][   T29] audit: type=1326 audit(1762467188.689:12161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  142.911391][   T29] audit: type=1326 audit(1762467188.719:12162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  142.935047][   T29] audit: type=1326 audit(1762467188.719:12163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  142.969447][ T7777] loop4: detected capacity change from 0 to 512
[  142.995682][   T29] audit: type=1326 audit(1762467188.779:12164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  143.019433][   T29] audit: type=1326 audit(1762467188.779:12165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  143.043114][   T29] audit: type=1326 audit(1762467188.799:12166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  143.066759][   T29] audit: type=1326 audit(1762467188.799:12167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7780 comm="syz.0.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  143.072356][ T7794] loop2: detected capacity change from 0 to 4096
[  143.100423][ T7799] loop0: detected capacity change from 0 to 2048
[  143.113518][ T7799] 9pnet_fd: Insufficient options for proto=fd
[  143.155388][ T7777] EXT4-fs (loop4): orphan cleanup on readonly fs
[  143.186427][ T7777] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  143.198035][ T7777] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1446: Failed to acquire dquot type 1
[  143.228629][ T7777] EXT4-fs (loop4): 1 truncate cleaned up
[  143.246866][ T7811] loop3: detected capacity change from 0 to 1024
[  143.260545][ T7811] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.385711][ T7824] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1463'.
[  143.447458][ T7826] loop2: detected capacity change from 0 to 2048
[  143.522527][ T7826] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1464: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  143.542943][ T7826] EXT4-fs (loop2): Remounting filesystem read-only
[  143.551385][ T7826] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1464'.
[  144.949883][ T7842] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7842 comm=syz.4.1468
[  145.475209][ T7847] siw: device registration error -23
[  145.930348][ T7854] loop2: detected capacity change from 0 to 2048
[  145.969776][ T7854] 9pnet_fd: Insufficient options for proto=fd
[  146.873300][ T7857] loop2: detected capacity change from 0 to 128
[  147.235897][ T7863] 9pnet_fd: Insufficient options for proto=fd
[  147.450697][ T7866] loop2: detected capacity change from 0 to 2048
[  147.540113][ T7866] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1477: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  147.598740][ T7866] EXT4-fs (loop2): Remounting filesystem read-only
[  147.632988][ T7877] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1477'.
[  148.287822][ T7884] loop2: detected capacity change from 0 to 512
[  148.307644][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  148.307659][   T29] audit: type=1326 audit(1762467194.129:12168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7887 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.337448][   T29] audit: type=1326 audit(1762467194.129:12169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7887 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.421945][ T7893] netlink: 'syz.3.1483': attribute type 12 has an invalid length.
[  148.429876][ T7893] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1483'.
[  148.445579][ T7884] EXT4-fs (loop2): orphan cleanup on readonly fs
[  148.474995][ T7884] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  148.486075][ T7884] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  148.495765][ T7884] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1480: Failed to acquire dquot type 1
[  148.538585][ T7893] loop3: detected capacity change from 0 to 512
[  148.564820][ T7893] EXT4-fs: Ignoring removed bh option
[  148.604042][   T29] audit: type=1326 audit(1762467194.179:12170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7887 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.627610][   T29] audit: type=1326 audit(1762467194.179:12171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7887 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.651069][   T29] audit: type=1326 audit(1762467194.179:12172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7887 comm="syz.3.1482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.674645][   T29] audit: type=1326 audit(1762467194.219:12173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7891 comm="syz.3.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.698195][   T29] audit: type=1326 audit(1762467194.219:12174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7891 comm="syz.3.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.721760][   T29] audit: type=1326 audit(1762467194.219:12175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7891 comm="syz.3.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  148.745925][ T7893] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  148.764903][ T7884] EXT4-fs (loop2): 1 truncate cleaned up
[  148.771729][ T7893] EXT4-fs (loop3): 1 truncate cleaned up
[  148.777642][ T7897] loop4: detected capacity change from 0 to 2048
[  148.800370][ T7897] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1484: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  148.819526][ T7897] EXT4-fs (loop4): Remounting filesystem read-only
[  148.828740][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1484'.
[  148.892479][ T7905] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  148.931623][ T7906] netlink: 'syz.3.1486': attribute type 12 has an invalid length.
[  148.937874][ T7911] loop0: detected capacity change from 0 to 1024
[  148.939783][ T7906] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1486'.
[  148.946349][ T7911] EXT4-fs: Ignoring removed nomblk_io_submit option
[  148.971960][ T7908] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.980828][ T7908] syzkaller0: entered promiscuous mode
[  148.986640][ T7908] syzkaller0: entered allmulticast mode
[  148.997290][ T7907] tipc: Resetting bearer <eth:syzkaller0>
[  149.003434][ T7906] loop3: detected capacity change from 0 to 512
[  149.010658][ T7906] EXT4-fs: Ignoring removed bh option
[  149.010963][ T7907] tipc: Disabling bearer <eth:syzkaller0>
[  149.016556][ T7906] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  149.032886][ T7906] EXT4-fs (loop3): 1 truncate cleaned up
[  149.041588][ T7919] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  149.047118][ T7911] netlink: '': attribute type 30 has an invalid length.
[  149.086847][ T7921] loop2: detected capacity change from 0 to 4096
[  149.108585][ T7924] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1492'.
[  149.118078][ T7924] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1492'.
[  149.328385][ T7932] loop0: detected capacity change from 0 to 512
[  149.347842][ T7932] EXT4-fs (loop0): orphan cleanup on readonly fs
[  149.354880][ T7932] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1494: Failed to acquire dquot type 1
[  149.370338][ T7932] EXT4-fs (loop0): 1 truncate cleaned up
[  149.412567][ T7940] loop1: detected capacity change from 0 to 2048
[  149.435879][ T7940] 9pnet_fd: Insufficient options for proto=fd
[  149.454032][ T7938] loop4: detected capacity change from 0 to 4096
[  149.539941][ T7950] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  149.611362][ T7948] loop0: detected capacity change from 0 to 512
[  149.612496][ T7952] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  149.637799][ T7948] EXT4-fs (loop0): orphan cleanup on readonly fs
[  149.647206][ T7948] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1498: Failed to acquire dquot type 1
[  149.662124][ T7948] EXT4-fs (loop0): 1 truncate cleaned up
[  149.781892][ T7964] loop0: detected capacity change from 0 to 1024
[  149.804440][ T7964] EXT4-fs: Ignoring removed nomblk_io_submit option
[  149.909944][ T7966] loop2: detected capacity change from 0 to 512
[  149.980743][ T7970] loop0: detected capacity change from 0 to 4096
[  150.023512][ T7966] EXT4-fs (loop2): orphan cleanup on readonly fs
[  150.045099][ T7966] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1503: Failed to acquire dquot type 1
[  150.063425][ T7966] EXT4-fs (loop2): 1 truncate cleaned up
[  150.099146][ T7981] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  150.154549][ T7984] loop2: detected capacity change from 0 to 2048
[  150.166090][ T7984] 9pnet_fd: Insufficient options for proto=fd
[  150.300459][ T7989] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  150.481949][ T7994] loop0: detected capacity change from 0 to 512
[  150.499024][ T7994] EXT4-fs (loop0): orphan cleanup on readonly fs
[  150.506838][ T7994] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1512: Failed to acquire dquot type 1
[  150.519750][ T7994] EXT4-fs (loop0): 1 truncate cleaned up
[  150.567074][ T8002] loop1: detected capacity change from 0 to 1024
[  150.574104][ T8002] EXT4-fs: Ignoring removed nomblk_io_submit option
[  150.608608][ T8002] netlink: '': attribute type 30 has an invalid length.
[  150.630479][ T8009] loop0: detected capacity change from 0 to 1024
[  150.637249][ T8009] EXT4-fs: Ignoring removed nomblk_io_submit option
[  150.688987][ T8013] loop4: detected capacity change from 0 to 2048
[  150.717916][ T8013] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.1518: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  150.764135][ T8013] EXT4-fs (loop4): Remounting filesystem read-only
[  150.781492][ T8013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1518'.
[  150.842732][ T8015] loop0: detected capacity change from 0 to 512
[  150.858871][ T8015] EXT4-fs (loop0): orphan cleanup on readonly fs
[  150.895809][ T8015] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1519: Failed to acquire dquot type 1
[  150.922725][ T8015] EXT4-fs (loop0): 1 truncate cleaned up
[  151.017346][ T8039] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  151.062206][ T8041] loop4: detected capacity change from 0 to 4096
[  151.147799][ T8043] loop0: detected capacity change from 0 to 512
[  151.165049][ T8043] EXT4-fs (loop0): orphan cleanup on readonly fs
[  151.174734][ T8043] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1526: Failed to acquire dquot type 1
[  151.190307][ T8043] EXT4-fs (loop0): 1 truncate cleaned up
[  151.300253][ T8050] ip6tnl1: entered allmulticast mode
[  151.309992][ T8050] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  151.436836][ T8058] loop0: detected capacity change from 0 to 512
[  151.445165][ T8058] EXT4-fs (loop0): orphan cleanup on readonly fs
[  151.451831][ T8058] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1533: Failed to acquire dquot type 1
[  151.463895][ T8058] EXT4-fs (loop0): 1 truncate cleaned up
[  151.568416][ T8067] loop0: detected capacity change from 0 to 4096
[  151.581607][ T8073] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1539'.
[  151.778558][ T8076] loop3: detected capacity change from 0 to 512
[  151.790992][ T8089] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  151.838815][ T8088] loop0: detected capacity change from 0 to 512
[  151.845097][ T8076] EXT4-fs (loop3): orphan cleanup on readonly fs
[  151.860543][ T8076] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1540: Failed to acquire dquot type 1
[  151.885143][ T8088] EXT4-fs (loop0): orphan cleanup on readonly fs
[  151.897442][ T8088] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1544: Failed to acquire dquot type 1
[  151.917677][ T8076] EXT4-fs (loop3): 1 truncate cleaned up
[  151.957860][ T8088] EXT4-fs (loop0): 1 truncate cleaned up
[  151.971404][ T8091] loop1: detected capacity change from 0 to 512
[  151.991500][ T8091] EXT4-fs (loop1): orphan cleanup on readonly fs
[  152.012702][ T8091] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1545: Failed to acquire dquot type 1
[  152.039059][ T8091] EXT4-fs (loop1): 1 truncate cleaned up
[  152.188519][ T8113] loop1: detected capacity change from 0 to 512
[  152.206034][ T8113] EXT4-fs (loop1): orphan cleanup on readonly fs
[  152.214796][ T8101] loop0: detected capacity change from 0 to 512
[  152.214904][ T8113] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1550: Failed to acquire dquot type 1
[  152.215564][ T8113] EXT4-fs (loop1): 1 truncate cleaned up
[  152.245377][ T8101] EXT4-fs (loop0): orphan cleanup on readonly fs
[  152.260404][ T8101] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1548: Failed to acquire dquot type 1
[  152.285323][ T8101] EXT4-fs (loop0): 1 truncate cleaned up
[  152.388484][ T8124] loop1: detected capacity change from 0 to 4096
[  152.406733][ T8131] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1558'.
[  152.415835][ T8131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1558'.
[  152.472612][ T8134] loop4: detected capacity change from 0 to 2048
[  152.492645][ T8134] 9pnet_fd: Insufficient options for proto=fd
[  152.680158][ T8154] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  152.916845][ T8157] loop0: detected capacity change from 0 to 1024
[  152.923729][ T8157] EXT4-fs: Ignoring removed nomblk_io_submit option
[  152.948156][ T8157] netlink: '': attribute type 30 has an invalid length.
[  153.010452][ T8165] loop3: detected capacity change from 0 to 2048
[  153.037076][ T8165] 9pnet_fd: Insufficient options for proto=fd
[  153.188927][ T8176] loop0: detected capacity change from 0 to 4096
[  153.212151][ T8186] loop4: detected capacity change from 0 to 4096
[  153.594504][ T8205] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  153.615369][ T8207] loop4: detected capacity change from 0 to 2048
[  153.627140][ T8207] 9pnet_fd: Insufficient options for proto=fd
[  153.814133][ T8216] loop4: detected capacity change from 0 to 128
[  153.950291][ T8218] loop2: detected capacity change from 0 to 1024
[  153.995645][ T8218] EXT4-fs: Ignoring removed nomblk_io_submit option
[  154.128768][   T29] kauditd_printk_skb: 501 callbacks suppressed
[  154.128783][   T29] audit: type=1326 audit(1762467199.949:12653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.140543][ T8218] netlink: '': attribute type 30 has an invalid length.
[  154.184170][   T29] audit: type=1326 audit(1762467199.949:12654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.207923][   T29] audit: type=1326 audit(1762467199.949:12655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.231450][   T29] audit: type=1326 audit(1762467199.949:12656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.254956][   T29] audit: type=1326 audit(1762467199.949:12657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.278434][   T29] audit: type=1326 audit(1762467199.949:12658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.302058][   T29] audit: type=1326 audit(1762467199.949:12659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.325690][   T29] audit: type=1326 audit(1762467199.949:12660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.349211][   T29] audit: type=1326 audit(1762467199.949:12661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.372795][   T29] audit: type=1326 audit(1762467199.949:12662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  154.448415][ T8233] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1594'.
[  154.457424][ T8233] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1594'.
[  154.709302][ T8234] loop1: detected capacity change from 0 to 512
[  154.724534][ T8234] EXT4-fs (loop1): orphan cleanup on readonly fs
[  154.771487][ T8250] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  154.797503][ T8234] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1593: Failed to acquire dquot type 1
[  154.841652][ T8234] EXT4-fs (loop1): 1 truncate cleaned up
[  154.939295][ T8257] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  154.977782][ T8259] loop1: detected capacity change from 0 to 4096
[  155.200926][ T8272] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1606'.
[  155.210010][ T8272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1606'.
[  155.221418][ T8272] sit1: entered allmulticast mode
[  155.272778][ T8277] loop2: detected capacity change from 0 to 2048
[  155.280280][ T8278] loop4: detected capacity change from 0 to 1024
[  155.287330][ T8278] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.297783][ T8277] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1608: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  155.435534][ T8284] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1608'.
[  155.467422][ T8277] EXT4-fs (loop2): Remounting filesystem read-only
[  155.556415][ T8285] netlink: '': attribute type 30 has an invalid length.
[  155.700819][ T8290] loop2: detected capacity change from 0 to 2048
[  156.027622][ T8298] loop0: detected capacity change from 0 to 512
[  156.064569][ T8298] EXT4-fs (loop0): orphan cleanup on readonly fs
[  156.084450][ T8298] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1613: Failed to acquire dquot type 1
[  156.099062][ T8298] EXT4-fs (loop0): 1 truncate cleaned up
[  156.124655][ T8302] loop4: detected capacity change from 0 to 1024
[  156.131493][ T8302] EXT4-fs: Ignoring removed nomblk_io_submit option
[  156.185301][ T8302] netlink: '': attribute type 30 has an invalid length.
[  156.312814][ T8308] loop3: detected capacity change from 0 to 4096
[  156.404923][ T8317] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  156.420648][ T8313] loop0: detected capacity change from 0 to 512
[  156.440592][ T8313] EXT4-fs (loop0): orphan cleanup on readonly fs
[  156.458097][ T8313] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1616: Failed to acquire dquot type 1
[  156.487217][ T8313] EXT4-fs (loop0): 1 truncate cleaned up
[  156.559456][ T8324] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1620'.
[  156.568684][ T8324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1620'.
[  156.668124][ T8333] loop0: detected capacity change from 0 to 1024
[  156.675870][ T8333] EXT4-fs: Ignoring removed nomblk_io_submit option
[  156.702559][ T8333] netlink: '': attribute type 30 has an invalid length.
[  156.727872][ T8340] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  156.739120][ T8339] loop2: detected capacity change from 0 to 2048
[  156.777582][ T8339] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1625: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  156.855638][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1625'.
[  156.888659][ T8339] EXT4-fs (loop2): Remounting filesystem read-only
[  156.960653][ T8347] loop3: detected capacity change from 0 to 512
[  156.967453][ T3316] EXT4-fs unmount: 135 callbacks suppressed
[  156.967469][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.987792][ T8347] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.000580][ T8347] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.038180][ T8354] loop0: detected capacity change from 0 to 512
[  157.067668][ T8354] EXT4-fs (loop0): orphan cleanup on readonly fs
[  157.100012][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.154625][ T8354] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1626: Failed to acquire dquot type 1
[  157.181780][ T8354] EXT4-fs (loop0): 1 truncate cleaned up
[  157.199701][ T8354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  157.225079][ T8358] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  157.276370][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.345788][ T8364] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1633'.
[  157.355037][ T8364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1633'.
[  157.398742][ T8369] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  157.410695][ T8369] syzkaller0: entered promiscuous mode
[  157.416231][ T8369] syzkaller0: entered allmulticast mode
[  157.426693][ T8369] tipc: Resetting bearer <eth:syzkaller0>
[  157.433290][ T8368] tipc: Resetting bearer <eth:syzkaller0>
[  157.440529][ T8368] tipc: Disabling bearer <eth:syzkaller0>
[  157.557512][ T3312] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  157.568527][ T3312] CPU: 1 UID: 0 PID: 3312 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  157.568555][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  157.568567][ T3312] Call Trace:
[  157.568573][ T3312]  <TASK>
[  157.568581][ T3312]  __dump_stack+0x1d/0x30
[  157.568606][ T3312]  dump_stack_lvl+0xe8/0x140
[  157.568704][ T3312]  dump_stack+0x15/0x1b
[  157.568758][ T3312]  dump_header+0x81/0x220
[  157.568847][ T3312]  oom_kill_process+0x342/0x400
[  157.568959][ T3312]  out_of_memory+0x979/0xb80
[  157.569028][ T3312]  try_charge_memcg+0x610/0xa10
[  157.569150][ T3312]  charge_memcg+0x51/0xc0
[  157.569175][ T3312]  __mem_cgroup_charge+0x28/0xb0
[  157.569199][ T3312]  filemap_add_folio+0x111/0x360
[  157.569228][ T3312]  __filemap_get_folio+0x31e/0x650
[  157.569267][ T3312]  filemap_fault+0x447/0xb60
[  157.569287][ T3312]  __do_fault+0xbc/0x200
[  157.569310][ T3312]  handle_mm_fault+0xf78/0x2be0
[  157.569396][ T3312]  ? vma_start_read+0x141/0x1f0
[  157.569501][ T3312]  do_user_addr_fault+0x630/0x1080
[  157.569564][ T3312]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  157.569593][ T3312]  exc_page_fault+0x62/0xa0
[  157.569626][ T3312]  asm_exc_page_fault+0x26/0x30
[  157.569643][ T3312] RIP: 0033:0x7fc88a515f24
[  157.569658][ T3312] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 78 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 89 f7 ea 00 48 01 d1
[  157.569736][ T3312] RSP: 002b:00007ffe6fa8e380 EFLAGS: 00010206
[  157.569752][ T3312] RAX: 0000001b33724000 RBX: 000000000000034c RCX: 0000000000026548
[  157.569767][ T3312] RDX: 00000000082e635c RSI: 00007ffe6fa8e410 RDI: 0000000000000001
[  157.569781][ T3312] RBP: 00007ffe6fa8e3bc R08: 000000001f3574ea R09: 7fffffffffffffff
[  157.569845][ T3312] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  157.569859][ T3312] R13: 00000000000927c0 R14: 00000000000266ba R15: 00007ffe6fa8e410
[  157.569880][ T3312]  </TASK>
[  157.569886][ T3312] memory: usage 303040kB, limit 307200kB, failcnt 5563
[  157.746295][ T8379] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  157.748556][ T3312] memory+swap: usage 24064kB, limit 9007199254740988kB, failcnt 0
[  157.784189][ T3312] kmem: usage 660kB, limit 9007199254740988kB, failcnt 0
[  157.791207][ T3312] Memory cgroup stats for /syz0:
[  157.791847][ T3312] cache 524288
[  157.800199][ T3312] rss 225280
[  157.803385][ T3312] shmem 0
[  157.806324][ T3312] mapped_file 4096
[  157.810029][ T3312] dirty 4096
[  157.813242][ T3312] writeback 0
[  157.816581][ T3312] workingset_refault_anon 159
[  157.821227][ T3312] workingset_refault_file 1478
[  157.826019][ T3312] swap 4096
[  157.829105][ T3312] swapcached 0
[  157.832446][ T3312] pgpgin 272078
[  157.835974][ T3312] pgpgout 271895
[  157.839505][ T3312] pgfault 260402
[  157.843023][ T3312] pgmajfault 106
[  157.846565][ T3312] inactive_anon 225280
[  157.850621][ T3312] active_anon 0
[  157.854150][ T3312] inactive_file 0
[  157.857767][ T3312] active_file 524288
[  157.861639][ T3312] unevictable 0
[  157.865117][ T3312] hierarchical_memory_limit 314572800
[  157.870498][ T3312] hierarchical_memsw_limit 9223372036854771712
[  157.876723][ T3312] total_cache 524288
[  157.880630][ T3312] total_rss 225280
[  157.884376][ T3312] total_shmem 0
[  157.887813][ T3312] total_mapped_file 4096
[  157.892054][ T3312] total_dirty 4096
[  157.895816][ T3312] total_writeback 0
[  157.899607][ T3312] total_workingset_refault_anon 159
[  157.904831][ T3312] total_workingset_refault_file 1478
[  157.910140][ T3312] total_swap 4096
[  157.913755][ T3312] total_swapcached 0
[  157.917647][ T3312] total_pgpgin 272078
[  157.921621][ T3312] total_pgpgout 271895
[  157.925682][ T3312] total_pgfault 260402
[  157.929745][ T3312] total_pgmajfault 106
[  157.933889][ T3312] total_inactive_anon 225280
[  157.938488][ T3312] total_active_anon 0
[  157.942518][ T3312] total_inactive_file 0
[  157.946683][ T3312] total_active_file 524288
[  157.951082][ T3312] total_unevictable 0
[  157.955086][ T3312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1631,pid=8359,uid=0
[  157.969704][ T3312] Memory cgroup out of memory: OOM victim 8359 (syz.0.1631) is already exiting. Skip killing the task
[  157.983453][ T8381] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  158.013122][ T8387] loop0: detected capacity change from 0 to 4096
[  158.021882][ T8387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.055579][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.109880][ T8399] loop0: detected capacity change from 0 to 512
[  158.136279][ T8397] ip6tnl1: entered allmulticast mode
[  158.142471][ T8397] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  158.391513][ T3316] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  158.402442][ T3316] CPU: 1 UID: 0 PID: 3316 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  158.402468][ T3316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  158.402498][ T3316] Call Trace:
[  158.402505][ T3316]  <TASK>
[  158.402514][ T3316]  __dump_stack+0x1d/0x30
[  158.402539][ T3316]  dump_stack_lvl+0xe8/0x140
[  158.402562][ T3316]  dump_stack+0x15/0x1b
[  158.402588][ T3316]  dump_header+0x81/0x220
[  158.402667][ T3316]  oom_kill_process+0x342/0x400
[  158.402703][ T3316]  out_of_memory+0x979/0xb80
[  158.402737][ T3316]  try_charge_memcg+0x610/0xa10
[  158.402774][ T3316]  charge_memcg+0x51/0xc0
[  158.402799][ T3316]  __mem_cgroup_charge+0x28/0xb0
[  158.402825][ T3316]  filemap_add_folio+0x111/0x360
[  158.402884][ T3316]  __filemap_get_folio+0x31e/0x650
[  158.402916][ T3316]  filemap_fault+0x447/0xb60
[  158.402939][ T3316]  __do_fault+0xbc/0x200
[  158.403080][ T3316]  handle_mm_fault+0xf78/0x2be0
[  158.403103][ T3316]  ? vma_start_read+0x141/0x1f0
[  158.403140][ T3316]  do_user_addr_fault+0x630/0x1080
[  158.403166][ T3316]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  158.403285][ T3316]  exc_page_fault+0x62/0xa0
[  158.403369][ T3316]  asm_exc_page_fault+0x26/0x30
[  158.403465][ T3316] RIP: 0033:0x7f2128dd5f24
[  158.403479][ T3316] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 78 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 89 f7 ea 00 48 01 d1
[  158.403495][ T3316] RSP: 002b:00007fffb9d33040 EFLAGS: 00010206
[  158.403510][ T3316] RAX: 0000001b33924000 RBX: 0000000000000398 RCX: 0000000000026930
[  158.403589][ T3316] RDX: 00000000059fe067 RSI: 00007fffb9d330d0 RDI: 0000000000000001
[  158.403601][ T3316] RBP: 00007fffb9d3307c R08: 000000001574b178 R09: 7fffffffffffffff
[  158.403613][ T3316] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  158.403631][ T3316] R13: 00000000000927c0 R14: 0000000000026a14 R15: 00007fffb9d330d0
[  158.403651][ T3316]  </TASK>
[  158.403657][ T3316] memory: usage 275480kB, limit 307200kB, failcnt 16306
[  158.600834][ T3316] memory+swap: usage 80936kB, limit 9007199254740988kB, failcnt 0
[  158.608668][ T3316] kmem: usage 560kB, limit 9007199254740988kB, failcnt 0
[  158.615742][ T3316] Memory cgroup stats for /syz2:
[  158.615997][ T3316] cache 81928192
[  158.624920][ T3316] rss 57344
[  158.628030][ T3316] shmem 80879616
[  158.631549][ T3316] mapped_file 0
[  158.635088][ T3316] dirty 8192
[  158.638374][ T3316] writeback 0
[  158.641649][ T3316] workingset_refault_anon 119
[  158.646342][ T3316] workingset_refault_file 5012
[  158.651462][ T3316] swap 0
[  158.654334][ T3316] swapcached 0
[  158.657703][ T3316] pgpgin 442882
[  158.661140][ T3316] pgpgout 422866
[  158.664685][ T3316] pgfault 251426
[  158.668223][ T3316] pgmajfault 78
[  158.671655][ T3316] inactive_anon 80936960
[  158.676006][ T3316] active_anon 0
[  158.679440][ T3316] inactive_file 0
[  158.683049][ T3316] active_file 962560
[  158.686955][ T3316] unevictable 0
[  158.690408][ T3316] hierarchical_memory_limit 314572800
[  158.695772][ T3316] hierarchical_memsw_limit 9223372036854771712
[  158.702014][ T3316] total_cache 81928192
[  158.706092][ T3316] total_rss 57344
[  158.709714][ T3316] total_shmem 80879616
[  158.713841][ T3316] total_mapped_file 0
[  158.717848][ T3316] total_dirty 8192
[  158.721611][ T3316] total_writeback 0
[  158.725630][ T3316] total_workingset_refault_anon 119
[  158.730910][ T3316] total_workingset_refault_file 5012
[  158.736198][ T3316] total_swap 0
[  158.739543][ T3316] total_swapcached 0
[  158.743410][ T3316] total_pgpgin 442882
[  158.747432][ T3316] total_pgpgout 422866
[  158.750305][ T8426] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  158.751549][ T3316] total_pgfault 251426
[  158.751559][ T3316] total_pgmajfault 78
[  158.769457][ T3316] total_inactive_anon 80936960
[  158.774205][ T3316] total_active_anon 0
[  158.778244][ T3316] total_inactive_file 0
[  158.782430][ T3316] total_active_file 962560
[  158.786952][ T3316] total_unevictable 0
[  158.790912][ T3316] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1649,pid=8410,uid=0
[  158.805484][ T3316] Memory cgroup out of memory: OOM victim 8410 (syz.2.1649) is already exiting. Skip killing the task
[  158.830213][ T8428] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  158.937415][ T8432] loop2: detected capacity change from 0 to 512
[  158.946557][ T8432] EXT4-fs (loop2): orphan cleanup on readonly fs
[  158.953907][ T8432] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1654: Failed to acquire dquot type 1
[  158.974194][ T8432] EXT4-fs (loop2): 1 truncate cleaned up
[  158.981177][ T8432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  159.010277][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.060407][ T8441] loop2: detected capacity change from 0 to 4096
[  159.066928][ T8439] loop0: detected capacity change from 0 to 2048
[  159.082533][ T8441] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.099860][ T8439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.117135][ T8447] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  159.235252][ T8439] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.1656: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  159.253791][ T8439] EXT4-fs (loop0): Remounting filesystem read-only
[  160.259991][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.885964][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.931448][ T8472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1665'.
[  160.940515][ T8472] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1665'.
[  160.985072][ T8474] loop2: detected capacity change from 0 to 2048
[  160.995938][ T8474] 9pnet_fd: Insufficient options for proto=fd
[  161.075609][ T3312] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  161.086716][ T3312] CPU: 0 UID: 0 PID: 3312 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  161.086742][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  161.086753][ T3312] Call Trace:
[  161.086760][ T3312]  <TASK>
[  161.086767][ T3312]  __dump_stack+0x1d/0x30
[  161.086847][ T3312]  dump_stack_lvl+0xe8/0x140
[  161.086867][ T3312]  dump_stack+0x15/0x1b
[  161.086937][ T3312]  dump_header+0x81/0x220
[  161.086958][ T3312]  oom_kill_process+0x342/0x400
[  161.087008][ T3312]  out_of_memory+0x979/0xb80
[  161.087040][ T3312]  try_charge_memcg+0x610/0xa10
[  161.087110][ T3312]  charge_memcg+0x51/0xc0
[  161.087215][ T3312]  __mem_cgroup_charge+0x28/0xb0
[  161.087241][ T3312]  filemap_add_folio+0x111/0x360
[  161.087306][ T3312]  __filemap_get_folio+0x31e/0x650
[  161.087341][ T3312]  filemap_fault+0x447/0xb60
[  161.087365][ T3312]  __do_fault+0xbc/0x200
[  161.087392][ T3312]  handle_mm_fault+0xf78/0x2be0
[  161.087446][ T3312]  ? vma_start_read+0x141/0x1f0
[  161.087485][ T3312]  do_user_addr_fault+0x630/0x1080
[  161.087508][ T3312]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  161.087538][ T3312]  exc_page_fault+0x62/0xa0
[  161.087579][ T3312]  asm_exc_page_fault+0x26/0x30
[  161.087599][ T3312] RIP: 0033:0x7fc88a515f24
[  161.087616][ T3312] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 78 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 89 f7 ea 00 48 01 d1
[  161.087637][ T3312] RSP: 002b:00007ffe6fa8e380 EFLAGS: 00010206
[  161.087725][ T3312] RAX: 0000001b33724000 RBX: 0000000000000363 RCX: 00000000000274e8
[  161.087737][ T3312] RDX: 0000000000883f06 RSI: 00007ffe6fa8e410 RDI: 0000000000000001
[  161.087748][ T3312] RBP: 00007ffe6fa8e3bc R08: 000000000207bceb R09: 7fffffffffffffff
[  161.087760][ T3312] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  161.087771][ T3312] R13: 00000000000927c0 R14: 0000000000027447 R15: 00007ffe6fa8e410
[  161.087788][ T3312]  </TASK>
[  161.087795][ T3312] memory: usage 303820kB, limit 307200kB, failcnt 6011
[  161.288119][ T3312] memory+swap: usage 36368kB, limit 9007199254740988kB, failcnt 0
[  161.296070][ T3312] kmem: usage 21932kB, limit 9007199254740988kB, failcnt 0
[  161.303379][ T3312] Memory cgroup stats for /syz0:
[  161.306314][ T3312] cache 524288
[  161.314953][ T3312] rss 102400
[  161.318297][ T3312] shmem 0
[  161.321348][ T3312] mapped_file 4096
[  161.323908][ T8476] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  161.325218][ T3312] dirty 4096
[  161.338650][ T3312] writeback 0
[  161.342136][ T3312] workingset_refault_anon 192
[  161.346976][ T3312] workingset_refault_file 1735
[  161.351880][ T3312] swap 102400
[  161.355336][ T3312] swapcached 36864
[  161.359185][ T3312] pgpgin 274471
[  161.362753][ T3312] pgpgout 274310
[  161.366491][ T3312] pgfault 263076
[  161.370179][ T3312] pgmajfault 129
[  161.373842][ T3312] inactive_anon 4096
[  161.377970][ T3312] active_anon 131072
[  161.381977][ T3312] inactive_file 0
[  161.385802][ T3312] active_file 524288
[  161.389939][ T3312] unevictable 0
[  161.393633][ T3312] hierarchical_memory_limit 314572800
[  161.399154][ T3312] hierarchical_memsw_limit 9223372036854771712
[  161.405439][ T3312] total_cache 524288
[  161.409472][ T3312] total_rss 102400
[  161.413287][ T3312] total_shmem 0
[  161.416862][ T3312] total_mapped_file 4096
[  161.421245][ T3312] total_dirty 4096
[  161.425103][ T3312] total_writeback 0
[  161.429041][ T3312] total_workingset_refault_anon 192
[  161.434368][ T3312] total_workingset_refault_file 1735
[  161.439737][ T3312] total_swap 102400
[  161.443706][ T3312] total_swapcached 36864
[  161.448246][ T3312] total_pgpgin 274471
[  161.452442][ T3312] total_pgpgout 274310
[  161.456676][ T3312] total_pgfault 263076
[  161.460878][ T3312] total_pgmajfault 129
[  161.465076][ T3312] total_inactive_anon 4096
[  161.469609][ T3312] total_active_anon 131072
[  161.474175][ T3312] total_inactive_file 0
[  161.478429][ T3312] total_active_file 524288
[  161.482994][ T3312] total_unevictable 0
[  161.487125][ T3312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1663,pid=8463,uid=0
[  161.501842][ T3312] Memory cgroup out of memory: OOM victim 8463 (syz.0.1663) is already exiting. Skip killing the task
[  161.518862][ T8481] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  161.871763][ T8503] loop1: detected capacity change from 0 to 4096
[  161.887063][ T8503] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.080643][ T8516] loop2: detected capacity change from 0 to 512
[  162.156655][ T8516] EXT4-fs (loop2): orphan cleanup on readonly fs
[  162.171623][ T8516] __quota_error: 624 callbacks suppressed
[  162.171655][ T8516] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  162.192616][ T8516] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  162.202725][ T8516] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1677: Failed to acquire dquot type 1
[  162.218280][ T8516] EXT4-fs (loop2): 1 truncate cleaned up
[  162.227673][ T8516] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.277218][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.304681][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.318673][ T8521] loop2: detected capacity change from 0 to 2048
[  162.347229][ T8521] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.359972][ T8521] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1679: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  162.378678][ T8521] EXT4-fs (loop2): Remounting filesystem read-only
[  162.409533][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.455073][ T8541] loop0: detected capacity change from 0 to 1024
[  162.461842][ T8541] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.469984][ T8539] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  162.480228][ T8540] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  162.492404][ T8541] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.512808][   T29] audit: type=1326 audit(1762467208.329:13277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.514230][ T8537] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  162.536610][   T29] audit: type=1326 audit(1762467208.329:13278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.552336][ T8541] netlink: '': attribute type 30 has an invalid length.
[  162.569751][   T29] audit: type=1326 audit(1762467208.329:13279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.600361][   T29] audit: type=1326 audit(1762467208.329:13280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.624070][   T29] audit: type=1326 audit(1762467208.329:13281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.647763][   T29] audit: type=1326 audit(1762467208.329:13282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.671554][   T29] audit: type=1326 audit(1762467208.329:13283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.695245][   T29] audit: type=1326 audit(1762467208.329:13284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8536 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  162.762473][ T8551] loop4: detected capacity change from 0 to 1024
[  162.769319][ T8551] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.792047][ T8551] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.812901][ T8551] netlink: '': attribute type 30 has an invalid length.
[  162.859882][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.871392][ T8556] loop2: detected capacity change from 0 to 4096
[  162.955903][ T8556] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.024315][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.242925][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.644003][ T8581] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  164.066616][ T8588] siw: device registration error -23
[  164.417901][ T8597] loop1: detected capacity change from 0 to 1024
[  164.438153][ T8599] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1705'.
[  164.469570][ T8595] loop2: detected capacity change from 0 to 4096
[  164.486706][ T8597] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.516074][ T8595] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.566502][ T8597] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.707637][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.776132][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.009271][ T8622] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  165.123541][ T8620] loop2: detected capacity change from 0 to 4096
[  165.162073][ T8620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.220170][ T8628] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8628 comm=syz.3.1714
[  166.986519][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.345123][ T8655] loop0: detected capacity change from 0 to 1024
[  167.363978][ T8655] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.396756][ T8655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.418837][ T8659] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  167.427257][ T8659] tipc: Resetting bearer <eth:syzkaller0>
[  167.435213][ T8658] tipc: Disabling bearer <eth:syzkaller0>
[  167.474628][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.578408][ T8670] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8670 comm=syz.4.1725
[  167.595262][ T8669] loop1: detected capacity change from 0 to 4096
[  167.605878][ T8669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.754977][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.821412][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  167.821426][   T29] audit: type=1326 audit(1762467213.639:13484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  167.890005][   T29] audit: type=1326 audit(1762467213.639:13485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  167.913643][   T29] audit: type=1326 audit(1762467213.639:13486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  167.937237][   T29] audit: type=1326 audit(1762467213.669:13487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  167.960762][   T29] audit: type=1326 audit(1762467213.669:13488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  167.984363][   T29] audit: type=1326 audit(1762467213.669:13489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  168.007898][   T29] audit: type=1326 audit(1762467213.669:13490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  168.031472][   T29] audit: type=1326 audit(1762467213.669:13491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8680 comm="syz.4.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  168.081067][ T8685] loop4: detected capacity change from 0 to 4096
[  168.113296][ T8685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.209083][ T8675] loop2: detected capacity change from 0 to 512
[  168.222591][ T8675] EXT4-fs (loop2): orphan cleanup on readonly fs
[  168.231167][ T8675] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  168.243539][ T8675] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  168.254697][ T8675] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1728: Failed to acquire dquot type 1
[  168.276394][ T8675] EXT4-fs (loop2): 1 truncate cleaned up
[  168.286248][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.297441][ T8675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  168.440756][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.502145][ T8694] loop1: detected capacity change from 0 to 512
[  168.518703][ T8694] EXT4-fs (loop1): orphan cleanup on readonly fs
[  168.526189][ T8694] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1734: Failed to acquire dquot type 1
[  168.550701][ T8694] EXT4-fs (loop1): 1 truncate cleaned up
[  168.604909][ T8694] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  168.642745][ T8710] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8710 comm=syz.2.1739
[  168.681529][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.709303][ T8713] loop4: detected capacity change from 0 to 512
[  168.746109][ T8713] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.772107][ T8712] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8712 comm=syz.1.1740
[  168.820061][ T8713] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.077799][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.126755][ T8718] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  169.349808][ T8746] loop1: detected capacity change from 0 to 1024
[  169.356632][ T8746] EXT4-fs: Ignoring removed nomblk_io_submit option
[  169.378748][ T8746] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.396989][ T8744] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8744 comm=syz.2.1751
[  169.415496][ T8746] netlink: '': attribute type 30 has an invalid length.
[  169.553740][ T3324] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  169.564737][ T3324] CPU: 1 UID: 0 PID: 3324 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  169.564766][ T3324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  169.564780][ T3324] Call Trace:
[  169.564788][ T3324]  <TASK>
[  169.564797][ T3324]  __dump_stack+0x1d/0x30
[  169.564822][ T3324]  dump_stack_lvl+0xe8/0x140
[  169.564904][ T3324]  dump_stack+0x15/0x1b
[  169.564922][ T3324]  dump_header+0x81/0x220
[  169.564941][ T3324]  oom_kill_process+0x342/0x400
[  169.564973][ T3324]  out_of_memory+0x979/0xb80
[  169.565034][ T3324]  try_charge_memcg+0x610/0xa10
[  169.565070][ T3324]  charge_memcg+0x51/0xc0
[  169.565119][ T3324]  __mem_cgroup_charge+0x28/0xb0
[  169.565145][ T3324]  filemap_add_folio+0x111/0x360
[  169.565179][ T3324]  __filemap_get_folio+0x31e/0x650
[  169.565240][ T3324]  filemap_fault+0x447/0xb60
[  169.565271][ T3324]  __do_fault+0xbc/0x200
[  169.565299][ T3324]  handle_mm_fault+0xf78/0x2be0
[  169.565327][ T3324]  ? vma_start_read+0x141/0x1f0
[  169.565370][ T3324]  do_user_addr_fault+0x630/0x1080
[  169.565397][ T3324]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  169.565427][ T3324]  exc_page_fault+0x62/0xa0
[  169.565480][ T3324]  asm_exc_page_fault+0x26/0x30
[  169.565502][ T3324] RIP: 0033:0x7efddcbf5f24
[  169.565518][ T3324] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 78 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 89 f7 ea 00 48 01 d1
[  169.565538][ T3324] RSP: 002b:00007fff6a4b4180 EFLAGS: 00010206
[  169.565555][ T3324] RAX: 0000001b33b24000 RBX: 00000000000003a7 RCX: 0000000000029428
[  169.565569][ T3324] RDX: 0000000007fa8592 RSI: 00007fff6a4b4210 RDI: 0000000000000001
[  169.565583][ T3324] RBP: 00007fff6a4b41bc R08: 000000001e6f9a28 R09: 7fffffffffffffff
[  169.565596][ T3324] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  169.565642][ T3324] R13: 00000000000927c0 R14: 0000000000029542 R15: 00007fff6a4b4210
[  169.565663][ T3324]  </TASK>
[  169.565670][ T3324] memory: usage 299400kB, limit 307200kB, failcnt 30331
[  169.763070][ T3324] memory+swap: usage 78628kB, limit 9007199254740988kB, failcnt 0
[  169.770998][ T3324] kmem: usage 780kB, limit 9007199254740988kB, failcnt 0
[  169.778051][ T3324] Memory cgroup stats for /syz4:
[  169.778917][ T3324] cache 524288
[  169.781259][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.783847][ T3324] rss 200704
[  169.783855][ T3324] shmem 0
[  169.783862][ T3324] mapped_file 4096
[  169.806203][ T3324] dirty 4096
[  169.809402][ T3324] writeback 0
[  169.812679][ T3324] workingset_refault_anon 199
[  169.815207][ T8753] loop1: detected capacity change from 0 to 2048
[  169.817380][ T3324] workingset_refault_file 4606
[  169.828466][ T3324] swap 78782464
[  169.829645][ T8753] 9pnet_fd: Insufficient options for proto=fd
[  169.831916][ T3324] swapcached 24576
[  169.831972][ T3324] pgpgin 432450
[  169.845305][ T3324] pgpgout 432267
[  169.848840][ T3324] pgfault 287798
[  169.852403][ T3324] pgmajfault 116
[  169.856032][ T3324] inactive_anon 143360
[  169.860089][ T3324] active_anon 81920
[  169.863883][ T3324] inactive_file 0
[  169.867581][ T3324] active_file 524288
[  169.871613][ T3324] unevictable 0
[  169.875104][ T3324] hierarchical_memory_limit 314572800
[  169.880468][ T3324] hierarchical_memsw_limit 9223372036854771712
[  169.886672][ T3324] total_cache 524288
[  169.890576][ T3324] total_rss 200704
[  169.894363][ T3324] total_shmem 0
[  169.897817][ T3324] total_mapped_file 4096
[  169.902047][ T3324] total_dirty 4096
[  169.905779][ T3324] total_writeback 0
[  169.909653][ T3324] total_workingset_refault_anon 199
[  169.914875][ T3324] total_workingset_refault_file 4606
[  169.920242][ T3324] total_swap 78782464
[  169.924342][ T3324] total_swapcached 24576
[  169.928606][ T3324] total_pgpgin 432450
[  169.932622][ T3324] total_pgpgout 432267
[  169.936719][ T3324] total_pgfault 287798
[  169.940778][ T3324] total_pgmajfault 116
[  169.944920][ T3324] total_inactive_anon 143360
[  169.949498][ T3324] total_active_anon 81920
[  169.953813][ T3324] total_inactive_file 0
[  169.957972][ T3324] total_active_file 524288
[  169.962390][ T3324] total_unevictable 0
[  169.966440][ T3324] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1744,pid=8731,uid=0
[  169.981057][ T3324] Memory cgroup out of memory: OOM victim 8731 (syz.4.1744) is already exiting. Skip killing the task
[  170.099292][ T8767] loop3: detected capacity change from 0 to 512
[  170.123604][ T8767] EXT4-fs (loop3): orphan cleanup on readonly fs
[  170.134428][ T8767] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1759: Failed to acquire dquot type 1
[  170.156040][ T3318] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  170.166981][ T3318] CPU: 0 UID: 0 PID: 3318 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  170.167029][ T3318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  170.167041][ T3318] Call Trace:
[  170.167048][ T3318]  <TASK>
[  170.167055][ T3318]  __dump_stack+0x1d/0x30
[  170.167079][ T3318]  dump_stack_lvl+0xe8/0x140
[  170.167146][ T3318]  dump_stack+0x15/0x1b
[  170.167163][ T3318]  dump_header+0x81/0x220
[  170.167222][ T3318]  oom_kill_process+0x342/0x400
[  170.167327][ T3318]  out_of_memory+0x979/0xb80
[  170.167357][ T3318]  try_charge_memcg+0x610/0xa10
[  170.167410][ T3318]  charge_memcg+0x51/0xc0
[  170.167435][ T3318]  __mem_cgroup_charge+0x28/0xb0
[  170.167471][ T3318]  filemap_add_folio+0x111/0x360
[  170.167505][ T3318]  __filemap_get_folio+0x31e/0x650
[  170.167536][ T3318]  filemap_fault+0x447/0xb60
[  170.167573][ T3318]  __do_fault+0xbc/0x200
[  170.167699][ T3318]  handle_mm_fault+0xf78/0x2be0
[  170.167723][ T3318]  ? vma_start_read+0x141/0x1f0
[  170.167836][ T3318]  do_user_addr_fault+0x630/0x1080
[  170.167857][ T3318]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  170.167964][ T3318]  exc_page_fault+0x62/0xa0
[  170.168111][ T3318]  asm_exc_page_fault+0x26/0x30
[  170.168131][ T3318] RIP: 0033:0x7ff945735f24
[  170.168145][ T3318] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 78 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 89 f7 ea 00 48 01 d1
[  170.168163][ T3318] RSP: 002b:00007ffcb9ce2b10 EFLAGS: 00010202
[  170.168177][ T3318] RAX: 0000001b33824000 RBX: 000000000000037c RCX: 0000000000029810
[  170.168263][ T3318] RDX: 0000000001e6e7ea RSI: 00007ffcb9ce2ba0 RDI: 0000000000000001
[  170.168274][ T3318] RBP: 00007ffcb9ce2b4c R08: 000000000741660f R09: 7fffffffffffffff
[  170.168286][ T3318] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  170.168299][ T3318] R13: 00000000000927c0 R14: 000000000002980d R15: 00007ffcb9ce2ba0
[  170.168333][ T3318]  </TASK>
[  170.168340][ T3318] memory: usage 294720kB, limit 307200kB, failcnt 33713
[  170.287357][ T8767] EXT4-fs (loop3): 1 truncate cleaned up
[  170.289623][ T3318] memory+swap: usage 84872kB, limit 9007199254740988kB, failcnt 0
[  170.289638][ T3318] kmem: usage 912kB, limit 9007199254740988kB, failcnt 0
[  170.387687][ T3318] Memory cgroup stats for /syz1:
[  170.388671][ T8767] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.390833][ T3318] cache 48615424
[  170.409754][ T3318] rss 49152
[  170.412894][ T3318] shmem 48091136
[  170.416450][ T3318] mapped_file 0
[  170.419949][ T3318] dirty 4096
[  170.423130][ T3318] writeback 0
[  170.426428][ T3318] workingset_refault_anon 40
[  170.431089][ T3318] workingset_refault_file 1016
[  170.435904][ T3318] swap 37167104
[  170.439380][ T3318] swapcached 12288
[  170.443089][ T3318] pgpgin 455061
[  170.446579][ T3318] pgpgout 443177
[  170.450116][ T3318] pgfault 304896
[  170.453658][ T3318] pgmajfault 18
[  170.457184][ T3318] inactive_anon 48107520
[  170.461420][ T3318] active_anon 45056
[  170.465341][ T3318] inactive_file 0
[  170.469029][ T3318] active_file 524288
[  170.472914][ T3318] unevictable 0
[  170.476378][ T3318] hierarchical_memory_limit 314572800
[  170.481872][ T3318] hierarchical_memsw_limit 9223372036854771712
[  170.488029][ T3318] total_cache 48615424
[  170.492254][ T3318] total_rss 49152
[  170.495917][ T3318] total_shmem 48091136
[  170.500112][ T3318] total_mapped_file 0
[  170.504138][ T3318] total_dirty 4096
[  170.507854][ T3318] total_writeback 0
[  170.511653][ T3318] total_workingset_refault_anon 40
[  170.516959][ T3318] total_workingset_refault_file 1016
[  170.522291][ T3318] total_swap 37167104
[  170.526292][ T3318] total_swapcached 12288
[  170.530573][ T3318] total_pgpgin 455061
[  170.534568][ T3318] total_pgpgout 443177
[  170.538621][ T3318] total_pgfault 304896
[  170.542716][ T3318] total_pgmajfault 18
[  170.546709][ T3318] total_inactive_anon 48107520
[  170.551467][ T3318] total_active_anon 45056
[  170.555827][ T3318] total_inactive_file 0
[  170.560047][ T3318] total_active_file 524288
[  170.564580][ T3318] total_unevictable 0
[  170.568643][ T3318] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1756,pid=8756,uid=0
[  170.583280][ T3318] Memory cgroup out of memory: OOM victim 8756 (syz.1.1756) is already exiting. Skip killing the task
[  170.597115][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.653929][ T8774] loop0: detected capacity change from 0 to 512
[  170.682754][ T8774] EXT4-fs (loop0): orphan cleanup on readonly fs
[  170.726987][ T8784] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8784 comm=syz.3.1763
[  170.741196][ T8774] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1761: Failed to acquire dquot type 1
[  170.755568][ T8774] EXT4-fs (loop0): 1 truncate cleaned up
[  170.765443][ T8774] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.793338][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.196922][ T8804] loop2: detected capacity change from 0 to 1024
[  171.203664][ T8804] EXT4-fs: Ignoring removed nomblk_io_submit option
[  171.233156][ T8804] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.291000][ T8804] netlink: '': attribute type 30 has an invalid length.
[  171.341305][ T8813] loop3: detected capacity change from 0 to 512
[  171.416625][ T8813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.439427][ T8813] ext4 filesystem being mounted at /350/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.497072][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.515500][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.687732][ T8826] loop1: detected capacity change from 0 to 4096
[  171.730427][ T8826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.732406][ T8832] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8832 comm=syz.3.1779
[  171.904352][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.065567][ T8856] loop1: detected capacity change from 0 to 1024
[  172.072641][ T8856] EXT4-fs: Ignoring removed nomblk_io_submit option
[  172.095463][ T8856] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.096860][ T8858] netlink: 'syz.0.1788': attribute type 12 has an invalid length.
[  172.115450][ T8858] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1788'.
[  172.131205][ T8856] netlink: '': attribute type 30 has an invalid length.
[  172.144773][ T8858] loop0: detected capacity change from 0 to 512
[  172.151914][ T8858] EXT4-fs: Ignoring removed bh option
[  172.176929][ T8858] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  172.190493][ T8858] EXT4-fs (loop0): 1 truncate cleaned up
[  172.190764][ T8867] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8867 comm=syz.3.1791
[  172.196536][ T8858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.239267][ T8869] netlink: 'syz.2.1790': attribute type 12 has an invalid length.
[  172.247154][ T8869] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1790'.
[  172.275766][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.318895][ T8869] loop2: detected capacity change from 0 to 512
[  172.346259][ T8869] EXT4-fs: Ignoring removed bh option
[  172.373271][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.374367][ T8869] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  172.434987][ T8869] EXT4-fs (loop2): 1 truncate cleaned up
[  172.442177][ T8869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.463845][ T8882] loop4: detected capacity change from 0 to 4096
[  172.497877][ T8890] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  172.587411][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.614408][ T8892] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  172.654695][ T8882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.721572][ T8903] loop2: detected capacity change from 0 to 4096
[  172.817503][ T8903] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.869674][ T8912] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1804'.
[  172.878884][ T8912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1804'.
[  172.972547][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.057691][ T8920] loop3: detected capacity change from 0 to 1024
[  173.072465][ T8920] EXT4-fs: Ignoring removed nomblk_io_submit option
[  173.093206][ T8922] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8922 comm=syz.0.1808
[  173.094227][   T29] kauditd_printk_skb: 578 callbacks suppressed
[  173.094240][   T29] audit: type=1326 audit(1762467218.909:14064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.136081][   T29] audit: type=1326 audit(1762467218.909:14065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.159652][   T29] audit: type=1326 audit(1762467218.909:14066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.183263][   T29] audit: type=1326 audit(1762467218.909:14067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.206890][   T29] audit: type=1326 audit(1762467218.909:14068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.231000][   T29] audit: type=1326 audit(1762467218.909:14069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.254667][   T29] audit: type=1326 audit(1762467218.909:14070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.278245][   T29] audit: type=1326 audit(1762467218.909:14071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.301800][   T29] audit: type=1326 audit(1762467218.909:14072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.317547][ T8920] netlink: '': attribute type 30 has an invalid length.
[  173.325412][   T29] audit: type=1326 audit(1762467218.909:14073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8918 comm="syz.3.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x7ffc0000
[  173.519518][ T8937] loop2: detected capacity change from 0 to 1024
[  173.552342][ T8937] EXT4-fs: Ignoring removed nomblk_io_submit option
[  173.614324][ T8944] SELinux:  Context system_u:object_r:crypt_device_t:s0 is not valid (left unmapped).
[  173.688690][ T8945] loop4: detected capacity change from 0 to 4096
[  173.991104][ T8966] loop1: detected capacity change from 0 to 4096
[  174.195291][ T8973] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8973 comm=syz.4.1820
[  174.617514][ T8985] siw: device registration error -23
[  174.739416][ T8980] loop2: detected capacity change from 0 to 512
[  174.749268][ T8993] loop1: detected capacity change from 0 to 512
[  174.749665][ T8993] EXT4-fs: Ignoring removed orlov option
[  174.751999][ T8993] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  174.866394][ T8993] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  174.875637][ T8993] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.1827: corrupted in-inode xattr: e_value size too large
[  174.890147][ T8993] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1827: couldn't read orphan inode 15 (err -117)
[  174.921459][ T8980] EXT4-fs (loop2): orphan cleanup on readonly fs
[  174.931563][ T8980] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1825: Failed to acquire dquot type 1
[  174.947387][ T8980] EXT4-fs (loop2): 1 truncate cleaned up
[  175.027757][ T9004] loop2: detected capacity change from 0 to 2048
[  175.068538][ T9007] syzkaller0: entered promiscuous mode
[  175.074080][ T9007] syzkaller0: entered allmulticast mode
[  175.229838][ T9015] loop1: detected capacity change from 0 to 4096
[  175.663693][ T9039] loop2: detected capacity change from 0 to 2048
[  175.735593][ T9041] loop2: detected capacity change from 0 to 4096
[  175.807243][ T9033] loop3: detected capacity change from 0 to 512
[  175.855609][ T9033] EXT4-fs (loop3): orphan cleanup on readonly fs
[  175.909303][ T9033] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1842: Failed to acquire dquot type 1
[  175.974690][ T9033] EXT4-fs (loop3): 1 truncate cleaned up
[  176.069936][ T9060] loop4: detected capacity change from 0 to 1024
[  176.084676][ T9060] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.120593][ T9060] netlink: '': attribute type 30 has an invalid length.
[  176.176637][ T9066] loop1: detected capacity change from 0 to 512
[  176.187063][ T9066] EXT4-fs (loop1): orphan cleanup on readonly fs
[  176.193766][ T9066] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1853: Failed to acquire dquot type 1
[  176.336746][ T9066] EXT4-fs (loop1): 1 truncate cleaned up
[  176.407904][ T9074] loop3: detected capacity change from 0 to 2048
[  176.440593][ T9078] loop2: detected capacity change from 0 to 1024
[  176.494488][ T9078] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.538816][ T9094] loop1: detected capacity change from 0 to 1024
[  176.555284][ T9094] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.599544][ T9100] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  176.640996][ T9094] netlink: '': attribute type 30 has an invalid length.
[  176.652985][ T9095] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  176.894151][ T9105] loop4: detected capacity change from 0 to 512
[  177.073264][ T9118] loop4: detected capacity change from 0 to 2048
[  177.169786][ T9130] loop4: detected capacity change from 0 to 1024
[  177.176794][ T9130] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.234518][ T9138] loop1: detected capacity change from 0 to 1024
[  177.282268][ T9109] loop2: detected capacity change from 0 to 512
[  177.289371][ T9138] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.296162][ T9134] loop3: detected capacity change from 0 to 512
[  177.314132][ T9109] EXT4-fs (loop2): orphan cleanup on readonly fs
[  177.342412][ T9138] netlink: '': attribute type 30 has an invalid length.
[  177.374448][ T9109] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1870: Failed to acquire dquot type 1
[  177.503307][ T9109] EXT4-fs (loop2): 1 truncate cleaned up
[  177.596931][ T9153] loop1: detected capacity change from 0 to 2048
[  177.628273][ T9153] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.1886: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  177.659365][ T9153] EXT4-fs (loop1): Remounting filesystem read-only
[  177.696108][ T9153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1886'.
[  177.722355][ T9157] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  177.813640][ T9156] loop0: detected capacity change from 0 to 4096
[  177.853403][ T9162] loop2: detected capacity change from 0 to 4096
[  177.961676][ T9171] loop1: detected capacity change from 0 to 2048
[  178.493089][ T9189] syzkaller0: entered promiscuous mode
[  178.498702][ T9189] syzkaller0: entered allmulticast mode
[  178.547562][ T9191] loop0: detected capacity change from 0 to 1024
[  178.565860][ T9191] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.617487][   T29] kauditd_printk_skb: 548 callbacks suppressed
[  178.617502][   T29] audit: type=1326 audit(1762467224.439:14614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.647283][   T29] audit: type=1326 audit(1762467224.439:14615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.656892][ T9191] netlink: '': attribute type 30 has an invalid length.
[  178.670798][   T29] audit: type=1326 audit(1762467224.439:14616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.701240][   T29] audit: type=1326 audit(1762467224.439:14617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.724872][   T29] audit: type=1326 audit(1762467224.439:14618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.748478][   T29] audit: type=1326 audit(1762467224.439:14619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.772152][   T29] audit: type=1326 audit(1762467224.439:14620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.795669][   T29] audit: type=1326 audit(1762467224.439:14621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.814415][ T9196] loop2: detected capacity change from 0 to 4096
[  178.819302][   T29] audit: type=1326 audit(1762467224.439:14622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  178.849223][   T29] audit: type=1326 audit(1762467224.439:14623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9190 comm="syz.0.1896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc88a63f6c9 code=0x7ffc0000
[  179.068972][ T9200] loop4: detected capacity change from 0 to 1024
[  179.111005][ T9200] EXT4-fs: Ignoring removed nomblk_io_submit option
[  179.172635][ T9211] loop3: detected capacity change from 0 to 2048
[  179.376823][ T9219] loop0: detected capacity change from 0 to 512
[  179.452552][ T9219] ext4 filesystem being mounted at /383/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.574352][ T9235] siw: device registration error -23
[  180.150710][ T9245] loop3: detected capacity change from 0 to 1024
[  180.174817][ T9245] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.216003][ T9245] netlink: '': attribute type 30 has an invalid length.
[  180.262127][ T9249] loop4: detected capacity change from 0 to 1024
[  180.278091][ T9249] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.520206][ T9259] loop3: detected capacity change from 0 to 512
[  180.544834][ T9259] EXT4-fs (loop3): orphan cleanup on readonly fs
[  180.557002][ T9259] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1919: Failed to acquire dquot type 1
[  180.574487][ T9259] EXT4-fs (loop3): 1 truncate cleaned up
[  180.747451][ T9277] loop2: detected capacity change from 0 to 4096
[  180.749010][ T9280] loop3: detected capacity change from 0 to 512
[  180.786453][ T9280] ext4 filesystem being mounted at /384/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.802747][ T9284] loop4: detected capacity change from 0 to 512
[  180.936444][ T9284] EXT4-fs (loop4): orphan cleanup on readonly fs
[  181.039428][ T9284] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1924: Failed to acquire dquot type 1
[  181.106353][ T9293] loop2: detected capacity change from 0 to 4096
[  181.115410][ T9297] random: crng reseeded on system resumption
[  181.179330][ T9301] loop1: detected capacity change from 0 to 1024
[  181.225348][ T9284] EXT4-fs (loop4): 1 truncate cleaned up
[  181.244223][ T9301] EXT4-fs: Ignoring removed nomblk_io_submit option
[  181.294346][ T9301] netlink: '': attribute type 30 has an invalid length.
[  181.575989][ T9310] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  181.852021][ T9316] loop2: detected capacity change from 0 to 512
[  181.869774][ T9316] EXT4-fs (loop2): orphan cleanup on readonly fs
[  181.881954][ T9316] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1935: Failed to acquire dquot type 1
[  181.897030][ T9316] EXT4-fs (loop2): 1 truncate cleaned up
[  181.973829][ T9326] loop0: detected capacity change from 0 to 512
[  182.004533][ T9324] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  182.088161][ T9326] EXT4-fs (loop0): orphan cleanup on readonly fs
[  182.110197][ T9326] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1938: Failed to acquire dquot type 1
[  182.126070][ T9326] EXT4-fs (loop0): 1 truncate cleaned up
[  182.565778][ T9343] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  183.058422][ T9366] loop2: detected capacity change from 0 to 512
[  183.254224][ T9364] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  183.333459][ T9367] loop0: detected capacity change from 0 to 4096
[  183.474199][ T9366] EXT4-fs (loop2): orphan cleanup on readonly fs
[  183.574579][ T9366] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.1947: Failed to acquire dquot type 1
[  183.625581][ T9366] EXT4-fs (loop2): 1 truncate cleaned up
[  183.874304][   T29] kauditd_printk_skb: 466 callbacks suppressed
[  183.874321][   T29] audit: type=1326 audit(1762467229.689:15080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.3.1955" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f50e74df6c9 code=0x0
[  183.919914][   T29] audit: type=1326 audit(1762467229.739:15081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9383 comm="syz.2.1954" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x0
[  184.165369][ T9391] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  184.654392][   T29] audit: type=1400 audit(1762467230.479:15082): avc:  denied  { write } for  pid=9396 comm="syz.0.1958" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  184.685130][ T9397] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  184.886660][ T9409] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  184.904979][ T9406] loop3: detected capacity change from 0 to 4096
[  185.308409][ T9421] loop1: detected capacity change from 0 to 4096
[  185.320757][ T9419] loop0: detected capacity change from 0 to 4096
[  185.599460][   T29] audit: type=1326 audit(1762467231.419:15083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.4.1970" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x0
[  185.772406][ T9442] loop0: detected capacity change from 0 to 4096
[  185.789613][ T9442] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.878343][ T9449] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1971'.
[  185.894978][ T9447] loop2: detected capacity change from 0 to 1024
[  185.901835][ T9447] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.972216][ T9447] netlink: '': attribute type 30 has an invalid length.
[  186.035301][   T29] audit: type=1400 audit(1762467231.749:15084): avc:  denied  { map } for  pid=9441 comm="syz.0.1971" path="/402/file0/blkio.bfq.io_service_time_recursive" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  186.060998][   T29] audit: type=1326 audit(1762467231.789:15085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9443 comm="syz.2.1972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  186.084681][   T29] audit: type=1326 audit(1762467231.789:15086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9443 comm="syz.2.1972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  186.108183][   T29] audit: type=1326 audit(1762467231.789:15087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9443 comm="syz.2.1972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  186.108406][ T9450] loop1: detected capacity change from 0 to 512
[  186.131729][   T29] audit: type=1326 audit(1762467231.789:15088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9443 comm="syz.2.1972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  186.161466][   T29] audit: type=1326 audit(1762467231.789:15089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9443 comm="syz.2.1972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  186.262202][ T9450] EXT4-fs (loop1): orphan cleanup on readonly fs
[  186.283643][ T9457] loop0: detected capacity change from 0 to 4096
[  186.295806][ T9450] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1973: Failed to acquire dquot type 1
[  186.322450][ T9450] EXT4-fs (loop1): 1 truncate cleaned up
[  186.448999][ T9469] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1977'.
[  186.498299][ T9467] loop4: detected capacity change from 0 to 4096
[  186.769252][ T9490] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1985'.
[  186.781265][ T9490] vlan2: entered promiscuous mode
[  186.786372][ T9490] macvtap0: entered promiscuous mode
[  186.823108][ T9492] loop4: detected capacity change from 0 to 128
[  186.832430][ T9492] ext4 filesystem being mounted at /395/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  186.969604][ T9500] loop3: detected capacity change from 0 to 512
[  186.979457][ T3324] EXT4-fs unmount: 88 callbacks suppressed
[  186.979474][ T3324] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  186.996450][ T9500] EXT4-fs (loop3): orphan cleanup on readonly fs
[  187.005300][ T9500] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1986: Failed to acquire dquot type 1
[  187.017028][ T9500] EXT4-fs (loop3): 1 truncate cleaned up
[  187.023179][ T9500] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  187.062417][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.085448][ T9509] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  187.159748][ T9511] loop0: detected capacity change from 0 to 4096
[  187.226693][ T9511] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.353772][ T9523] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  187.354254][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.506305][ T9528] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  187.581100][ T9539] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  187.788969][ T9546] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2001'.
[  187.800390][ T9546] vlan2: entered promiscuous mode
[  187.882936][ T9548] loop4: detected capacity change from 0 to 4096
[  187.891593][ T9548] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.115923][ T9559] loop2: detected capacity change from 0 to 4096
[  188.124659][ T9559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.424059][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.488639][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.669150][ T9576] loop1: detected capacity change from 0 to 4096
[  189.707873][ T9576] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.950094][ T9594] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2016'.
[  189.966758][ T9594] vlan2: entered promiscuous mode
[  190.122598][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.145842][ T9601] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  190.258126][ T9604] loop1: detected capacity change from 0 to 4096
[  190.328336][ T9604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.564794][ T9609] loop2: detected capacity change from 0 to 1024
[  190.574481][ T9609] EXT4-fs: Ignoring removed nomblk_io_submit option
[  190.596992][ T9609] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.613498][   T29] kauditd_printk_skb: 241 callbacks suppressed
[  190.613512][   T29] audit: type=1326 audit(1762467236.429:15327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.648794][ T9609] netlink: '': attribute type 30 has an invalid length.
[  190.660027][   T29] audit: type=1326 audit(1762467236.459:15328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.683546][   T29] audit: type=1326 audit(1762467236.469:15329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.707220][   T29] audit: type=1326 audit(1762467236.469:15330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.730840][   T29] audit: type=1326 audit(1762467236.469:15331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.754320][   T29] audit: type=1326 audit(1762467236.469:15332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.777814][   T29] audit: type=1326 audit(1762467236.469:15333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.801284][   T29] audit: type=1326 audit(1762467236.469:15334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.824834][   T29] audit: type=1326 audit(1762467236.469:15335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.848276][   T29] audit: type=1326 audit(1762467236.469:15336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9608 comm="syz.2.2020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2128eff6c9 code=0x7ffc0000
[  190.896497][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.972603][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.981883][ T9616] loop4: detected capacity change from 0 to 4096
[  190.993409][ T9616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.108622][ T9628] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2027'.
[  191.146363][ T9622] loop1: detected capacity change from 0 to 512
[  191.163859][ T9622] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.181628][ T9622] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.219551][ T9625] loop0: detected capacity change from 0 to 4096
[  191.236711][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.246851][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.247424][ T9625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.311035][ T9641] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2029'.
[  191.456759][ T9653] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  191.470614][ T9652] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  191.562133][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.563892][ T9656] loop4: detected capacity change from 0 to 512
[  191.631917][ T9658] loop0: detected capacity change from 0 to 8192
[  191.679132][ T9665] loop0: detected capacity change from 0 to 1024
[  191.686452][ T9665] EXT4-fs: Ignoring removed nomblk_io_submit option
[  191.714644][ T9665] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.744180][ T9674] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2040'.
[  191.779572][ T9665] netlink: '': attribute type 30 has an invalid length.
[  191.824194][ T9675] loop2: detected capacity change from 0 to 512
[  191.861154][ T9675] EXT4-fs (loop2): orphan cleanup on readonly fs
[  191.894737][ T9675] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2038: Failed to acquire dquot type 1
[  191.943809][ T9675] EXT4-fs (loop2): 1 truncate cleaned up
[  191.969325][ T9675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  191.973076][ T9685] loop1: detected capacity change from 0 to 4096
[  192.019099][ T9685] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.035756][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.066197][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.087078][ T9688] loop0: detected capacity change from 0 to 1024
[  192.094552][ T9688] EXT4-fs: Ignoring removed nomblk_io_submit option
[  192.103295][ T9692] siw: device registration error -23
[  192.123975][ T9688] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.147468][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.192161][ T9688] netlink: '': attribute type 30 has an invalid length.
[  192.365378][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.510939][ T9712] loop3: detected capacity change from 0 to 512
[  192.518668][ T9710] loop1: detected capacity change from 0 to 4096
[  192.531199][ T9710] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.674371][ T9721] loop0: detected capacity change from 0 to 4096
[  192.756628][ T9721] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.799979][ T9726] loop3: detected capacity change from 0 to 512
[  192.836436][ T9726] EXT4-fs (loop3): orphan cleanup on readonly fs
[  192.849449][ T9726] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2057: Failed to acquire dquot type 1
[  192.881196][ T9726] EXT4-fs (loop3): 1 truncate cleaned up
[  192.892244][ T9726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.960003][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.014381][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.034399][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.153257][ T9749] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2065'.
[  193.165775][ T9749] vlan2: entered promiscuous mode
[  193.170817][ T9749] macvtap0: entered promiscuous mode
[  193.208179][ T9752] loop1: detected capacity change from 0 to 128
[  193.265141][ T9752] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.324502][ T9752] ext4 filesystem being mounted at /391/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  193.464434][ T3318] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.956889][ T9775] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  194.193455][ T9777] loop0: detected capacity change from 0 to 4096
[  194.251972][ T9777] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.453615][ T9790] loop1: detected capacity change from 0 to 1024
[  194.466860][ T9790] EXT4-fs: Ignoring removed nomblk_io_submit option
[  194.496901][ T9790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.517196][ T9790] netlink: '': attribute type 30 has an invalid length.
[  194.542320][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.785159][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.838541][ T9815] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2084'.
[  194.861615][ T9805] loop0: detected capacity change from 0 to 512
[  194.875813][ T9805] EXT4-fs (loop0): orphan cleanup on readonly fs
[  194.893619][ T9805] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.2082: Failed to acquire dquot type 1
[  194.924461][ T9805] EXT4-fs (loop0): 1 truncate cleaned up
[  194.935035][ T9820] siw: device registration error -23
[  194.961413][ T9805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.059625][ T9823] loop3: detected capacity change from 0 to 4096
[  195.079259][ T9823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.104571][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.208477][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.252817][ T9828] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2090'.
[  195.275585][ T9828] ALSA: seq fatal error: cannot create timer (-19)
[  195.371710][ T9832] loop3: detected capacity change from 0 to 512
[  195.404322][ T9832] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.419695][ T9832] ext4 filesystem being mounted at /415/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.450838][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.495793][ T9836] loop0: detected capacity change from 0 to 4096
[  195.505540][ T9836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.867817][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.621072][ T9881] syzkaller0: entered promiscuous mode
[  197.626597][ T9881] syzkaller0: entered allmulticast mode
[  197.716923][ T9888] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  198.066455][ T9903] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  198.257933][ T9916] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  198.455717][ T9918] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2118'.
[  198.814912][ T9937] loop4: detected capacity change from 0 to 512
[  198.830531][ T9937] EXT4-fs (loop4): orphan cleanup on readonly fs
[  198.839580][ T9937] __quota_error: 504 callbacks suppressed
[  198.839613][ T9937] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  198.856031][ T9937] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  198.865801][ T9937] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2126: Failed to acquire dquot type 1
[  198.886933][ T9937] EXT4-fs (loop4): 1 truncate cleaned up
[  198.896744][ T9937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  198.928934][   T29] audit: type=1326 audit(1762467244.749:15835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  198.955613][   T29] audit: type=1326 audit(1762467244.769:15836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  198.979200][   T29] audit: type=1326 audit(1762467244.769:15837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  198.996878][ T9941] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2127'.
[  199.002842][   T29] audit: type=1326 audit(1762467244.769:15838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  199.035305][   T29] audit: type=1326 audit(1762467244.769:15839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  199.058977][   T29] audit: type=1326 audit(1762467244.779:15840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  199.099217][   T29] audit: type=1326 audit(1762467244.859:15841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  199.122996][   T29] audit: type=1326 audit(1762467244.879:15842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9934 comm="syz.4.2126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efddcd1f6c9 code=0x7ffc0000
[  199.157025][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.171691][ T9944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2129'.
[  199.190502][ T9941] ALSA: seq fatal error: cannot create timer (-19)
[  199.191622][ T9944] vlan2: entered promiscuous mode
[  199.202118][ T9944] macvtap0: entered promiscuous mode
[  199.204954][ T9949] loop4: detected capacity change from 0 to 1024
[  199.225331][ T9949] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.237936][ T9949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.258143][ T9949] netlink: '': attribute type 30 has an invalid length.
[  199.268628][ T9955] loop2: detected capacity change from 0 to 128
[  199.280832][ T9955] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.293250][ T9955] ext4 filesystem being mounted at /446/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  199.426703][ T3316] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  199.496682][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.515986][ T9968] wireguard0: entered promiscuous mode
[  199.521508][ T9968] wireguard0: entered allmulticast mode
[  199.524264][ T9967] SELinux: failed to load policy
[  199.622894][ T9978] loop1: detected capacity change from 0 to 1024
[  199.630126][ T9978] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.645714][ T9978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.697481][ T9978] netlink: '': attribute type 30 has an invalid length.
[  199.741717][ T9985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2141'.
[  199.785059][ T9989] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2142'.
[  199.816529][ T9989] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2142'.
[  199.828842][ T9985] vlan2: entered promiscuous mode
[  199.833918][ T9985] macvtap0: entered promiscuous mode
[  199.856830][ T9992] loop0: detected capacity change from 0 to 128
[  199.865412][ T9992] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.884295][ T9992] ext4 filesystem being mounted at /427/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  199.970528][ T9999] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2144'.
[  200.115466][ T3312] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.127541][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.165417][T10005] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2146'.
[  200.361337][T10018] loop4: detected capacity change from 0 to 4096
[  200.385898][T10018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.475605][T10015] loop0: detected capacity change from 0 to 512
[  200.485601][T10025] loop2: detected capacity change from 0 to 4096
[  200.496450][T10025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.515117][T10015] EXT4-fs (loop0): orphan cleanup on readonly fs
[  200.552702][T10015] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.2148: Failed to acquire dquot type 1
[  200.624359][T10015] EXT4-fs (loop0): 1 truncate cleaned up
[  200.696708][T10015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  200.791634][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.865317][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.888047][T10038] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2157'.
[  200.995076][T10047] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2162'.
[  201.012060][T10053] loop2: detected capacity change from 0 to 512
[  201.033880][T10053] EXT4-fs (loop2): orphan cleanup on readonly fs
[  201.058576][T10053] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2163: Failed to acquire dquot type 1
[  201.085035][T10058] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  201.144330][T10053] EXT4-fs (loop2): 1 truncate cleaned up
[  201.265122][T10065] loop2: detected capacity change from 0 to 512
[  201.287992][T10065] ext4 filesystem being mounted at /453/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.363489][T10071] vlan2: entered promiscuous mode
[  201.415615][T10074] loop2: detected capacity change from 0 to 128
[  201.425080][T10074] ext4 filesystem being mounted at /454/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.610579][T10084] loop4: detected capacity change from 0 to 512
[  201.618693][T10084] EXT4-fs (loop4): orphan cleanup on readonly fs
[  201.625512][T10084] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2170: Failed to acquire dquot type 1
[  201.654689][T10084] EXT4-fs (loop4): 1 truncate cleaned up
[  201.708684][T10082] loop2: detected capacity change from 0 to 512
[  201.721538][T10082] EXT4-fs (loop2): orphan cleanup on readonly fs
[  201.732687][T10082] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2169: Failed to acquire dquot type 1
[  201.748220][T10082] EXT4-fs (loop2): 1 truncate cleaned up
[  201.788068][T10090] loop0: detected capacity change from 0 to 4096
[  201.858853][T10088] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  201.901055][T10103] loop2: detected capacity change from 0 to 4096
[  201.906362][T10106] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  201.917363][T10106] syzkaller0: entered promiscuous mode
[  201.922856][T10106] syzkaller0: entered allmulticast mode
[  202.043366][T10115] loop1: detected capacity change from 0 to 1024
[  202.052502][T10115] EXT4-fs: Ignoring removed nomblk_io_submit option
[  202.088931][T10115] netlink: '': attribute type 30 has an invalid length.
[  202.424968][T10134] loop4: detected capacity change from 0 to 512
[  202.455689][T10138] bridge_slave_0: left allmulticast mode
[  202.461372][T10138] bridge_slave_0: left promiscuous mode
[  202.467127][T10138] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.481404][T10138] bridge_slave_1: left allmulticast mode
[  202.487077][T10138] bridge_slave_1: left promiscuous mode
[  202.492655][T10139] netlink: 'syz.1.2186': attribute type 10 has an invalid length.
[  202.492704][T10138] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.513892][T10134] EXT4-fs (loop4): orphan cleanup on readonly fs
[  202.526132][T10134] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2183: Failed to acquire dquot type 1
[  202.541412][T10134] EXT4-fs (loop4): 1 truncate cleaned up
[  202.562240][T10138] bond0: (slave bond_slave_0): Releasing backup interface
[  202.573937][T10138] bond0: (slave bond_slave_1): Releasing backup interface
[  202.586790][T10138] team0: Port device team_slave_0 removed
[  202.597225][T10138] team0: Port device team_slave_1 removed
[  202.604653][T10138] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.612039][T10138] batman_adv: batadv0: Removing interface: batadv_slave_0
[  202.620541][T10138] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.628005][T10138] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.639870][T10138] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  202.656708][T10139] batman_adv: batadv0: Adding interface: veth1_vlan
[  202.663394][T10139] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  202.690106][T10139] batman_adv: batadv0: Interface activated: veth1_vlan
[  202.699270][T10143] sch_fq: defrate 4294967295 ignored.
[  202.774149][T10156] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  202.783682][T10149] syzkaller0: entered promiscuous mode
[  202.789379][T10149] syzkaller0: entered allmulticast mode
[  202.789442][T10157] loop1: detected capacity change from 0 to 4096
[  202.832207][T10163] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  202.913579][T10166] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  203.285866][T10190] loop3: detected capacity change from 0 to 4096
[  203.375996][T10195] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  203.395828][T10195] syzkaller0: entered promiscuous mode
[  203.401351][T10195] syzkaller0: entered allmulticast mode
[  203.529745][T10201] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  203.705846][T10207] loop1: detected capacity change from 0 to 512
[  203.723811][T10207] ext4 filesystem being mounted at /419/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.779452][T10220] __nla_validate_parse: 6 callbacks suppressed
[  203.779511][T10220] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2214'.
[  203.842008][T10225] loop1: detected capacity change from 0 to 1024
[  203.887249][T10226] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  203.898892][T10225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  203.944904][   T29] kauditd_printk_skb: 193 callbacks suppressed
[  203.944926][   T29] audit: type=1326 audit(1762467249.769:16026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  203.980220][T10225] netlink: '': attribute type 30 has an invalid length.
[  203.984041][   T29] audit: type=1326 audit(1762467249.769:16027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.011282][   T29] audit: type=1326 audit(1762467249.769:16028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.035114][   T29] audit: type=1326 audit(1762467249.769:16029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.058828][   T29] audit: type=1326 audit(1762467249.769:16030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.082585][   T29] audit: type=1326 audit(1762467249.769:16031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.106353][   T29] audit: type=1326 audit(1762467249.769:16032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.130211][   T29] audit: type=1326 audit(1762467249.769:16033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.153935][   T29] audit: type=1326 audit(1762467249.769:16034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.177622][   T29] audit: type=1326 audit(1762467249.769:16035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10224 comm="syz.1.2216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff94585f6c9 code=0x7ffc0000
[  204.328521][T10235] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  204.339114][T10235] syzkaller0: entered promiscuous mode
[  204.344800][T10235] syzkaller0: entered allmulticast mode
[  204.349295][T10237] loop3: detected capacity change from 0 to 4096
[  204.598293][T10257] loop2: detected capacity change from 0 to 512
[  204.625144][T10257] ext4 filesystem being mounted at /468/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.884781][T10273] loop1: detected capacity change from 0 to 4096
[  204.898892][T10274] loop0: detected capacity change from 0 to 4096
[  205.123195][ T3318] ==================================================================
[  205.131306][ T3318] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  205.138865][ T3318] 
[  205.141176][ T3318] read-write to 0xffff88811af8d278 of 8 bytes by task 10285 on cpu 0:
[  205.149318][ T3318]  inode_add_bytes+0x47/0xe0
[  205.153920][ T3318]  __dquot_alloc_space+0x180/0x8a0
[  205.159047][ T3318]  shmem_inode_acct_blocks+0x129/0x240
[  205.164525][ T3318]  shmem_get_folio_gfp+0x5a7/0xd60
[  205.169667][ T3318]  shmem_write_begin+0xa8/0x190
[  205.174523][ T3318]  generic_perform_write+0x184/0x490
[  205.179811][ T3318]  shmem_file_write_iter+0xc5/0xf0
[  205.184927][ T3318]  __kernel_write_iter+0x2d6/0x540
[  205.190042][ T3318]  dump_user_range+0x61e/0x8f0
[  205.194815][ T3318]  elf_core_dump+0x1de7/0x1f80
[  205.200038][ T3318]  coredump_write+0xb12/0xe30
[  205.204724][ T3318]  vfs_coredump+0x143a/0x20d0
[  205.209407][ T3318]  get_signal+0xd84/0xf70
[  205.213755][ T3318]  arch_do_signal_or_restart+0x96/0x440
[  205.219294][ T3318]  irqentry_exit_to_user_mode+0x5b/0xa0
[  205.224857][ T3318]  irqentry_exit+0x12/0x50
[  205.229275][ T3318]  exc_general_protection+0x15b/0x1f0
[  205.234661][ T3318]  asm_exc_general_protection+0x26/0x30
[  205.240459][ T3318] 
[  205.242775][ T3318] read to 0xffff88811af8d278 of 8 bytes by task 3318 on cpu 1:
[  205.250323][ T3318]  generic_fillattr+0x27d/0x340
[  205.255190][ T3318]  shmem_getattr+0x181/0x200
[  205.259778][ T3318]  vfs_getattr_nosec+0x146/0x1e0
[  205.264733][ T3318]  vfs_statx+0x113/0x390
[  205.268991][ T3318]  vfs_fstatat+0x115/0x170
[  205.273429][ T3318]  __se_sys_newfstatat+0x55/0x260
[  205.278460][ T3318]  __x64_sys_newfstatat+0x55/0x70
[  205.283492][ T3318]  x64_sys_call+0x135a/0x3000
[  205.288174][ T3318]  do_syscall_64+0xd2/0x200
[  205.292681][ T3318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.298578][ T3318] 
[  205.300890][ T3318] value changed: 0x0000000000004ab8 -> 0x0000000000004ac0
[  205.308010][ T3318] 
[  205.310332][ T3318] Reported by Kernel Concurrency Sanitizer on:
[  205.316474][ T3318] CPU: 1 UID: 0 PID: 3318 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  205.326355][ T3318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  205.336406][ T3318] ==================================================================