last executing test programs:

56.168030932s ago: executing program 3 (id=1408):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000a40)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x1c, 0xb, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_SET_POLICY={0x8}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x58, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_macvtap\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6gretap0\x00'}, {0x14, 0x1, 'veth1_to_team\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELFLOWTABLE={0xd4, 0x18, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK={0x6c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'netpci0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8001}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x733182967bd38a37}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x2c, 0x0, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x34, 0x5, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x248}}, 0x4000800)

56.128869662s ago: executing program 3 (id=1409):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYBLOB="2e7657a3f8836c70c86b4f5e9ff61939c58b3f5579e22d4df674584ecf121808337dac5f92c4a5a348e3d073f466d189e82c971186673f5b80dff8", @ANYBLOB="0000703b73f33531000000000000b6fa0000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000944b32e9e4a424e982c47b4d61437541378352cd36657adcd641a1da449302b458938daf9550eb0fd6548a45f191310ebe371eb763fc207fab1f5a785cd33ed02aa214617a49c497292c48"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000007c0)=<r4=>0x0)
r5 = syz_open_dev$sg(&(0x7f00000001c0), 0x1, 0x200400)
ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{0x0}], 0x1})
r6 = socket$qrtr(0x2a, 0x2, 0x0)
getsockname$qrtr(r6, &(0x7f0000000140), &(0x7f0000000180)=0xc)
io_uring_enter(r2, 0x60ed, 0x2, 0x2, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

56.068728603s ago: executing program 3 (id=1410):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058000084696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c0196322e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d0300470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b720000000000000000000000000000005214e7febdbc00"], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
socket(0x1e, 0x805, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, 0x0, 0x0)

55.943706805s ago: executing program 3 (id=1416):
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x208000, &(0x7f0000000180)={[{@errors_remount}, {@dioread_lock}, {@noquota}, {@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
r0 = open(&(0x7f00000001c0)='./file2\x00', 0x14b27e, 0x20)
write$UHID_INPUT(r0, &(0x7f0000000c00)={0x8, {"b28df2ec84af1cd185f268bee9a61dc67cec706148cace70e534b1141df032d7207b24968ab45223acd873efd4d30822512783c147fb02af944349016545a5810d5e268ad58d43408f8453657556518b3460574c60177e6a0d2b5b012ba926bb30c3dd15e99f2fc2ca4e54d92190e624bc6418a17fe1ec6a8be08e589d5dd1f947f2c842c420481a88c5296028f2f19003a23356511a140d1f5f1689210434d52a05c2d1dd35b41b3ddfb791e1e00b95614657d7f45b53ebee15213d7d80172f11dc799b8982376a94fa0f878a10004e59899f1f2856446d16e77f808c1a32bd87ba44eaef35582522c078f59de420e54faa8f9f2bd3bf99c1e5a57e8a5f55a41e5d2c7ba3a6ca2f85d9788bf15c248c94e180c401c2158d057fff902f68b31777faa0d239547ca9b264f35d75bd99e439768601fa47559ec3904ff352d4d3a02f0d2bedaf2e7888e660ab3e7501098b307f41e375419fe45f93a330d27e381922be528dd88999f7e53eacaa46af17a53c4930e70b534a533a5265a83eec81be3f221cd0c0e00491db01e9228a5d6f33f878abdd0b9405bb0cc4e86db19a07f53c5d5a2dbbc332fddec905f3212f1b767dd7ef9d471ffa98c5470b3b7a1a8f90f8cda0f65bbc5dac3e24457b691c32628ecde1814b30871056150957bd0c416ffc28617a0a7e8bcf919ce93e00b0fdd90205757de137bb8a3a09f32ea320776aea495b1ee5b0bf33d287ff1d8d1798740936b856b5b03e20265e2c79e5b7ccfb5cdc6d0811e67e0af2c6e4d912cb320c0c3ff69285e7c6f470804234fe19ebbb12eefb2e1f4faccc171f8b6ee20a1b928e06bd15d38481c03010be8c59757fbb18236bc692921324d7c7528cd7f044b506931f9a58a6f97e2b9652c99b7886372160e0bb9b5d77f72bae413a7b470fd3e5c2e464ccc39099d524034e6730df7d911e03806a4fd4954060295ec302253c5694aabb443a2d3f293aca309c48eb4c3a5aedd93c76e2c4e61a212ccb613f4bf5116f20d74827e88dcd7de2d83a167a54560fa6a2944a10d68076314aae9d4512307eb3951e8bab2ea7250b43358628dfc5d752b29653f969f19ad50eafb6d9b041204f79399bad48f3c57c9ea546aa5083d241d9ed1bd21a36e5b68ae5052585fbfc955f565395f2714671f34488b9c6502ae6c7dd0ce9b5e975e0191ffe3a66a28e2701dfe86eb2bd9d15ce38af3af0ba8260bc9db4069aa89bb0e97d02149c99e86c89a71f19a4d75781f58a08bbb0a66559efd450ace31ef4c887355dbfada762da02f1fb3a877ba2930f4fe83ee110af9392444c76f98063795070bc10fcd30278c20a343328e390fcdcfc1b47faa9228244de31127ed5e510dfb3ee27966a42f92c87c91c174cc260184d1f7e6e11e23000dcda02ea76ef0840486e0ff300341b3aa75056d4beed27cc52a4daa36d5d3a76c71c6a74339a473a5fab03ffce621e71ac2e1840752c15ef9d40aea751377c0bd6e6dad28e6e2e98d008d57732051d7261fe71e7238ea2c3cb55024de6760613ea25e531dbb04721f01e8bbf3bcd0b1e836746f2a91718019189e883c1c073d7c013baf5b2db2b2c66adb971a8113811fabdda65c6218067b5795ef109a2f95307b211df89b06a4d279714fba739ea40b6c9c12c2653f3e272f170aea9d68229aebe135a12e9859e2be276459e26821813047c86b70dbdefcf2bd5336799940ad62e0bfb7a7068ec20b222db19437a293e5c5da9d19f808966ea0f877625dd57a47ef5cb58863ea7272005405375aef39075af27eec556391fc5ff2df6809f6b0e3d90b6fe1db129f18efb6e4d29a275a30745a43e64378f25ace55eeda79f955371143361a1f8762ee935bf16710fc432bf74a750704669af4b5c2c87d9a7b2bc71d4f25d55d85160116833cc9a0b259f95538d56e6f37ca819fe50978e80a2717cd1388d7e26c8b76a3a29a4103aad726e5baebb2e79d17310fd3c43eaea252cccd7104a7dab666ddafe5aed9f014fa79ca48325faa4afd5e15d65258d01c74d9f7faba1066c12e0ad57133cd0d861121c71d0f728b7bd4d66d230c7ffe320cc1a9e252267f63af1e4c86e1cd4223c2aefd3e353fc65f3f5dc62c84072334f79ea3f7b9d9a27b5e72698b7e95027cf52df06706dec968e8f660216f0e707f23f066f308a6815c6f52fc2d32f6e43a99f42657447fafaad453988a491cf6e80a6b6861a8a4f44ea7d4c4250a0e6d4265e708861f5c1ba4696ad5746a14671ec9e35aaea9759b18ed7be3e5c60a2144f02134593df85212bf63ab4d6910710d341090a87279d205227ab18ccb2b6002cd08abc4665a26ec40865118b61201c11944c41e91ceac74ad948883041615c4c249eb4fb9fed4077bc7028e5d0f4b2ec758cce7f336d1c95ce60a1993331ac842f949128c3ba07fd9bc93119d3b0a89974cc1223ab23541e6b06d77b410010dddda77f6446a3cfacb450d6d11116272aee3bce5c94bd498d8a09d709012ab3e9193b1766ce917c99a658d4418d6b7ad68e6639195af38ac17006aba03d73ff1bf7bc8d273e4757e5f2cb63296dc47919d8ab3de0e5b0e71a606714a2e80cf9acdd035f57ba0ad9aad58dd3b8757e3d79a5543ce1e83469e2669beeaabb4f3a02624e5c98b0ee92d054d7ec34ddff0d238c93ca44b091af13b9f1a901ff337cb3da86ae48eb5f2d45fe0d0a0674514b539ee5be1ee85e199dad3d2528fc71e44fd108f4915a6354779535750f0ae91319bdf8901151773fa18824a3f57fdb195282c819246627e9c4aeccb03827b3d41e0001cc1fa7e982bf68d6f2d52a0e5d1a07d07ace5224f4c82e69431a652c263caab5b8c9e1f20a3c87b2abc3701366cec792bff456386c1f6ee86ffd9702f2008998e6b86c3ba35c47fe6b101266cd8df3ff36314112b0d7274336739f2093cc3596e1b08e358249caba397ffe8f00a408ab8e91dd4aa3dcf6c23054141b5c73971d7ffdf1e1c0c0d06d45bd099d4e9058abc5a9cd7ec2f94869b1de92c3427909d17ee700c5b5880016aa1ca321a9ad65f207113eaa3ef44d41963bd16db4236a60a138972f49ab92415dabec4978aac42647b4dfa2a4af4a0584c66e6d5d83857bf38bea0bf22b35d392d5b21e38162c038c709772a235dc3dfa34fc8fae5a5b8c4f41c2867a1170c79963ee27dfa4a8bc4832c115ad8a257a6154f6471ff26748ba97b91a6fcd11b799857cc1784ada5eb157b7226ac6acaf977bb723ffdb5b9512f26172cd3a7f1081a22e438722951bc0aa7374393f2679183fc0baff425a0623e25496301bdeffbe7873affe7173b5fb28545ee1369aa08c4b9626baeee0d607224e27d82ee6cecc327fc80575aeae834e8e6e7b6718a4afd3288474dcf691c5209c574032fff309ee5191de393696f8bc2f58aba753634018e01d3a8158a3d2ecc126c59f5c62e47e47cb1a9127cab85b4370da1e3966fad3292ac21efe00072fe849840a4a38b04016a86fbfd1e114a37a7ddc4703210870d5c041c4a9f6473d0146865c27863ffa68794389e00ad53aa0f0cc791f7acd0db5397b7d8a67db3090dbb25bc84aa25dc5da96f1fa5cda15fa0d91040386c7a36e90db36436a7002cff6c3f2ea50a51657d07582a374ba78194a377c063048a95502618723613a6893f533a115184e424d1ed50612d5d57506485e5f85221a23a59aeca8262c7edd1a5e9b68e84563fd5efcf581809fcb5e5bba46461656cb643571c98f0d9567f08a32cbc26583b5c239f61167db2cc206324d2f68753667a90fe45e13cf174787f2b1a275618de33fa7e0c1432de734b0376503bc628cb7f89aa43eb2afa7c7aa3c0331aa8c7e23037177bb1bcac4aad5aeaa42cd74fc1642035822789050c915682f06dc5dae3dab917f6da6b6b00886e8403ad39dbec111681d9cadea82436d6aea9b5eba7d26ba572de440a4d11bbbd3348afd604c1011cb235e1b6cede8c421ed39c7d8955b79c1a6a60739cfdb0775722ca030e585a1a6062bd10ef3b57dfe935ca7439f9337d135a70a446b94fc7d4180581c766d44896d103d4fcd6c8e9075166f171ea796e51de4c707d88336ff8424481880c01b215dd7501693912cd128f5c55697f8faa7bc935eaace3fda64c372f13b7ec2757d38386b6efe0e179c63690e6834afda590d56d2c9ca3f9be5d3e73c15eed8796562cea11a350983d70f93ea8a2ebe36c1a019ec6132f55618b86a494f3b524c88e554b1ac8fe4472ceedd42c07eeb68d4e291580f890df86d14d65a409ec61ec9cc01c54a899dcaadaddf9735813c09dc83aec477a2dd86de4408d5c5b4504fe51a4ce240ac010304583fd535108d26ba3be32ffd80906242fd343ce8e0053139036b50fd810cdc4dfbce54266fdfed1be98f0bdce42e566dcb0c7b2211ad48714cb332711f9c24d7309c48a3bfd4331f205e0b9929e2679b227a19f5dec21626c053283177da532cc3770f98bd9718ec96df7bc4d00bab7708a5fbf69f414dfd0943b7c0e436d3d0986587098ac01094523f4b4143741560fac2ee308257547445b67cfe48a75af9803cd08179eb36765ae34f40e593643e1d56a9405692f3a88a2f2782c9228089e37bd0cd04fd8b429a4d2fde6f9517955c5753792727fa4d32f661705610ffa90f8938e723de6efe8a0f2ead7e39d42fb06a4123ec7ad7ad1a355e6b3f4c1a8a0fef9554e8b8c1c7a03516a7eb81afae4725b3d14c52907fddb37480c695f99148da92eb268c97b1a6a921000607f51c88cf6c12e780470ab897798d1f519840092ac6f848cc0476558c57048dda7058612dfc95b3d09f567d3ccaf881ee0354d4e952af515784bdcdc88df80c7f4fc55963a7f41d5f3d1e1768ee6e7a4d0a3ed3b0e99b89d61283a514872354e0b41450f181fe77cf4a7da4908e18add1058b766ad90dd7183d71590cbe54827ea7df1ec8545142950c944daafae2d212658d33e3ac4138503aaf3ce8d9f5c1a48743fbd4b64e8f7a7ac47a06bb2eed86327aff6abf8728028108a304bf2caff1f6d3914c9f26c09d43d0cd2b2a64b60210e3c39af56fe2233c78c7069790619665d2f4593ed1a63440a71b52e2a58c32ae9e8c8ae631bcb526731136c3fd8ebf030d68a21a30b1445563b26cf3aa9ed0b4a2fb1f04ee4ff15ccab97c0f1c6ba52fdd49deef7b4998b21fc238cd040590dfc89836630d22da8bda39ad394b89e431018911d233b5839187281dc60e05e9cd4b93ad8916d40b7a27ae2344d29cd0bbd54b4ed2fa48d2485f36d786a7bf78b8e5b1999540d3aaef6bdbaf29b8fb156d28058f5fb8d0ee3ffec5823e352fd5aa6a562d6112e85a81a374c96fcaee7d896d332fd94c82864d44f3f3a9be2c947420a983de410fa00ecd03c647ffa303e62d3ded9a41df7d77c6bf200207d30aeb760f62cd1812f6149eb41d6c0ff81b402e396cdb4b02d6cbc7a7ee8960b3e11f484ec52643cf3177daf44b30513ba3c70af6df030e59b702596972a61a0e8d691397a18a3e0f2042df73e11972e472ff650d3c43f169269f760017e84e69862f3fccde32d8330b605254d9dfb885b53f27ee4b08af60b35a688eae2e00e1837579db1bfdf8bf4c3438314a1ecc16fa05551affbf71971c1532bf28b163243510c40012471bc74d499dec8edb138230d11913ad2f491172006ca7a6a8aba7fe6a4212583fb00f54ab0cc6527a4bb57f9a04cefe227e712679990b6337e918f8bc5c1d1ccb63239509f2587b16fd9fe1a9c4122a8255115a", 0x1000}}, 0x1006)
setresgid(0xee01, 0xffffffffffffffff, 0xffffffffffffffff)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(r1, 0xc, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
fallocate(r0, 0x3, 0x9, 0x10000)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000000000)={0x10000, 0x6c, 0x1000, 0x2, 0xe})

55.772769118s ago: executing program 3 (id=1419):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
sendmmsg(0xffffffffffffffff, &(0x7f0000003dc0)=[{{0x0, 0x0, &(0x7f0000002940)=[{0x0}], 0x1}}], 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000080)={[{@nobh}, {@usrjquota}]}, 0x1, 0x78e, &(0x7f0000003e00)="$eJzs3c1rHOUfAPDvbN769vslgqD1FBA0UJqYGlsFDxEPIlgo6Nk2JNtQs8mW7KY0IaBFBC+Cije99OxLvXn15ar/hQexVE2LFQ+yMpudZtPsppt0s1ubzwdm93lmZud5vvPyzLM7w2wA+9Zw+pKLOBoRHyYRg7XxSUT0VVO9EZPr891eW51OhyQqldd/T6rz3FpbnY66z2RD+vJ4RHz/XsSx3NZyS8src1OFQn6xlh8rz18cKy2vHL8wPzWbn80vnByfmDhx6rlTJ9sX658/rRy5/tErT381+fe7j1374IckJuNIbVp9HO0yHMPr6yL60lW4ycvtLqzLkm5XgF1JD82e9aM8jsZg9FRTAMDD7O2IqAAA+0zi/A8A+0z2O8CttdXpbOjuLxKddeOliDiwHn92fXN9Sm/tmt2B6nXQQ7eSTVdGkogYakP5wxHx2TdvfpEOsUfXIQEaeedKRJwbGt7a/idb7lnYqWe2mdZfex++a7z2Dzrn27T/83yj/l/uTv8nGvR/Bhocu7tRXUb/Rn7L8X+wDYVsI+3/vVh3b9vtuvhrhnpquf9V+3x9yfkLhXzatv0/IkaibyDNj29TxsjNf242m1bf//vj47c+T8tP3zfmyP3aO7D5MzNT5an7ibnejSsRT/Q2ij+5s/2TJv3fMy2W8eoL73/abFoafxpvNmyNP2p3J+2NytWIpxpu/4072pJt708cq+4OY9lO0cDXPzevf/32T4e0/Oy7QCek2//Q9vEPJfX3a5Z2XsaPVwe/azbt3vE33v/7kzeq6azpuDxVLi+OR/Qnr20df2Ljs1k+mz+Nf+TJxsf/dvt/+p3wXIvx917/7cvdx7+30vhndrT9d564dnuup1n5rW3/iWpqpDamlfav1Qrez7oDAAAAAAAAAAAAAAAAAAAAAAAAgFblIuJIJLnRO+lcbnQ04nBEPBqHcoViqXzsfHFpYSaq/5U9FH257FGXg3XPQx2vPQ8/y5+4K/9sRDwSEZ8MHEyy5yjOdDl2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgcbvL//6lfBrpdOwBgzxzodgUAgI5z/geA/cf5HwD2H+d/ANh/dnn+r/S0uyIAQMf4/g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAeO3P6dDpU/lpbnU7zM5eWl+aKl47P5Etzo/NL06PTxcWLo7PF4mwhPzpdnL/X8grF4sWJWFi6PFbOl8pjpeWVs/PFpYXy2QvzU7P5s/m+jkQFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADtTWl6ZmyoU8osPQSJp1wLTFdPSzJVuh7zzRC4iNo+ZbMOSe2q70wMQYOcTyYNRjTYnGrUW/R1tmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+C/4NAAD//2t/H04=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='svcrdma_decode_rseg\x00', r4, 0x0, 0x6}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002640)=@delchain={0x238, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x1dc, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x1b4, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_simple={0xe8, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0xb1, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330102e688fe12213d2bf7dae04880a34e7bf775010128401ec7b2a9ceab9c40c5f9bd00ceff17d69ca7a27324ef7a1ad28d4b3c6a826826e9c291c16ab3d13e1f337751959e47bf0fe515b70ea5a3584d9cdba83a705d3257305f931866cf9f1faa34fce0e8a7ee76e20f05d4e1adbee4ba00ddd7b896197ea2a0391ef62c651d59ed7e0e8964192a2c1c29308d03650349840a4d759fc9421e3569c90"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_connmark={0x5c, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0x29, 0x6, "726786f34dc39a3b098ea66afe225634df06865f963558e69516e656d1b4d3ec4c23aaeded"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_csum={0x3c, 0x8, 0x0, 0x0, {{0x9}, {0x4}, {0xd, 0x6, "4ac6768e05c6ec90b2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_FD={0x8}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xca}]}}]}, 0x238}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000001640)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000000)=0xb, 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r8, 0x10e, 0x1, &(0x7f0000000140)=0x1, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="88000000000101040000000000000000020000002c00018014000180080001007f00000108000200e00000020c000280050001000000000006000340000300002400028014000180080001000000000008000200ac1414bb0c000280050001000000000008000740000000001c000f8008000140000000000800034000000000080002"], 0x88}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r9, &(0x7f0000000240)={0x27, 0x0, 0x0, 0x4, 0x0, 0x3, "e88509de7f1939e8abff005597c8ef039a5be42200", 0x13}, 0x60)
listen(r9, 0x0)
accept4$nfc_llcp(r9, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)

55.604813171s ago: executing program 3 (id=1423):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x1, @perf_bp={0x0, 0xd}, 0x14c5a, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000ac0)={<r3=>r2}, &(0x7f0000000b00)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x83, &(0x7f00000000c0)={r3, 0x1}, 0x8)
creat(&(0x7f0000000100)='./file0\x00', 0x3)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000040)={[{@norecovery}, {@grpquota}, {@debug}, {@discard}]}, 0xee, 0x498, &(0x7f0000001b40)="$eJzs3E1sFFUcAPD/bL/5kIr4AYJW8YOotLR8yMGLRhMPmpjoAeOplkKQQg2tiZBG0QMeDYl349HEu4knvRj1YEy86t2QENML6GnMzM4s23a3n0sX3N8v2e17M7N97z9vXuf1vd0NoGMNZU9JxLaI+CMidlSzCw8Yqv64OT838c/83EQSafrm30l+3I35uYny0PJ1W6uZNI3oy5J9Dcq98k7E+NTU5IUiPzJ77v2RmYuXDp45N3568vTk+bHjx48c3td7bOxovj9dZ3yV4mcW1409H03v3f3q21dfnzhx9d2fv8nqu63YXx/HuqRLazhUPbuLPZo9Pbmhwu4ov2ZP2+s2JN3NDx7ehAqxel0RkTVXT55LoisGavt2xCuftrFqwG2Wpmna6P4cdfftFPifSvRv6FDlvT77/7d8bM7I485w/cWIOFhk5ucmbtbi767NHfQs+v+2lYYi4sTlf7/MHtGKeQgAgBV8n41/nms0/qvEA3XH3VOsoQxGxL0RsTMi7ouIXRFxf0R+7IMR5x5aY/mLV0iWjn8q19YV2Cpl478XirWtmwvGf+XoLwa7itz2PP6e5NSZqclDxTk5ED19WX50mTJ+ePn3z8t0/6J99eO/7JGVX44Fi3pc6140QXdyfHY8T6Rp+vHGwo/rn0Ts6W4UfxLlMk4SEbsjYs86yzjzzNd7m+1bOf5lLLPOtFrpVxFPV9v/8sLx/62mSurXJwciorY+Ofr8sbGjI/0xNXlopLwqlvrltytvNCt/Q/G3QNb+Wxpe/7VV4MGkP2Lm4qWz+XrtzNrLuPLnZ3V9esHqchZ/5duINV//vclbebq32Pbh+OzshdGI3uS1pdvHbr22zJfHZ/Ef2N+4/++sq/HDEZFdxPsi4pFiETdru8ci4vGI2L9M/D+99MR7zfY1b/9ms/Ktdb04Ucu2f9S3/9oTXWd//K5Z+UPFGmQU56Fx+x/JUweKLbW/f8tYbQXXddIAAADgLlPJ3wOfVIZr6UpleLj6Hv5dsaUyNT0z++yp6Q/On6y+V34weirlTNeOuvnQ0WJuuMyPLcofLuaNv+gayPPDE9NTJ9sdPHS4rU36f+avrnbXDrjtWrCOBtyl9H/oXPo/dC79HzqX/g+dq1H/3+gHC4C7g/s/dK68/z91ud3VANrA/R86l/4PHanpZ+MrG/rIf9NE0upf2DBRfnfCZpS1cqL8LopNL31g3S/vX/nURaW9Z7VjEt1L2iK6W1pEX8NdbfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EL/BQAA///5etKr")

55.604511221s ago: executing program 32 (id=1423):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x1, @perf_bp={0x0, 0xd}, 0x14c5a, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000ac0)={<r3=>r2}, &(0x7f0000000b00)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x83, &(0x7f00000000c0)={r3, 0x1}, 0x8)
creat(&(0x7f0000000100)='./file0\x00', 0x3)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000040)={[{@norecovery}, {@grpquota}, {@debug}, {@discard}]}, 0xee, 0x498, &(0x7f0000001b40)="$eJzs3E1sFFUcAPD/bL/5kIr4AYJW8YOotLR8yMGLRhMPmpjoAeOplkKQQg2tiZBG0QMeDYl349HEu4knvRj1YEy86t2QENML6GnMzM4s23a3n0sX3N8v2e17M7N97z9vXuf1vd0NoGMNZU9JxLaI+CMidlSzCw8Yqv64OT838c/83EQSafrm30l+3I35uYny0PJ1W6uZNI3oy5J9Dcq98k7E+NTU5IUiPzJ77v2RmYuXDp45N3568vTk+bHjx48c3td7bOxovj9dZ3yV4mcW1409H03v3f3q21dfnzhx9d2fv8nqu63YXx/HuqRLazhUPbuLPZo9Pbmhwu4ov2ZP2+s2JN3NDx7ehAqxel0RkTVXT55LoisGavt2xCuftrFqwG2Wpmna6P4cdfftFPifSvRv6FDlvT77/7d8bM7I485w/cWIOFhk5ucmbtbi767NHfQs+v+2lYYi4sTlf7/MHtGKeQgAgBV8n41/nms0/qvEA3XH3VOsoQxGxL0RsTMi7ouIXRFxf0R+7IMR5x5aY/mLV0iWjn8q19YV2Cpl478XirWtmwvGf+XoLwa7itz2PP6e5NSZqclDxTk5ED19WX50mTJ+ePn3z8t0/6J99eO/7JGVX44Fi3pc6140QXdyfHY8T6Rp+vHGwo/rn0Ts6W4UfxLlMk4SEbsjYs86yzjzzNd7m+1bOf5lLLPOtFrpVxFPV9v/8sLx/62mSurXJwciorY+Ofr8sbGjI/0xNXlopLwqlvrltytvNCt/Q/G3QNb+Wxpe/7VV4MGkP2Lm4qWz+XrtzNrLuPLnZ3V9esHqchZ/5duINV//vclbebq32Pbh+OzshdGI3uS1pdvHbr22zJfHZ/Ef2N+4/++sq/HDEZFdxPsi4pFiETdru8ci4vGI2L9M/D+99MR7zfY1b/9ms/Ktdb04Ucu2f9S3/9oTXWd//K5Z+UPFGmQU56Fx+x/JUweKLbW/f8tYbQXXddIAAADgLlPJ3wOfVIZr6UpleLj6Hv5dsaUyNT0z++yp6Q/On6y+V34weirlTNeOuvnQ0WJuuMyPLcofLuaNv+gayPPDE9NTJ9sdPHS4rU36f+avrnbXDrjtWrCOBtyl9H/oXPo/dC79HzqX/g+dq1H/3+gHC4C7g/s/dK68/z91ud3VANrA/R86l/4PHanpZ+MrG/rIf9NE0upf2DBRfnfCZpS1cqL8LopNL31g3S/vX/nURaW9Z7VjEt1L2iK6W1pEX8NdbfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EL/BQAA///5etKr")

2.765007227s ago: executing program 0 (id=2400):
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='sessionid\x00')
r1 = syz_io_uring_setup(0x2e3b, &(0x7f0000000080)={0x0, 0x482b, 0x10100, 0x1}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000300))
syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000103})
syz_io_uring_submit(r2, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x567, 0xa1ff, 0x0, 0x0, 0x0)
open$dir(0x0, 0x0, 0x51)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, 0x0, 0x854)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r6 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x3, r6, 0x0, 0x0)
request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
pause()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)
ioctl$TIOCSETD(r8, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2000000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000080))
socket$inet_udp(0x2, 0x2, 0x0)

1.900353471s ago: executing program 0 (id=2418):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
fcntl$setstatus(r1, 0x4, 0x400)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='kmem_cache_free\x00', r4, 0x0, 0x10001}, 0x18)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800050030000000600000000028290081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)

1.769119442s ago: executing program 0 (id=2420):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x100, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x1)
modify_ldt$write2(0x11, &(0x7f0000000400)={0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
poll(&(0x7f0000000280)=[{r4, 0x3230}], 0x1, 0x4040000)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r2, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

1.493859617s ago: executing program 5 (id=2427):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
pipe2$9p(&(0x7f0000000200), 0x84000)
sendmsg$nl_route(r2, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="340000006800010000000000fedbdf250a00000000000000140006000000000000000000000000000000000108000500", @ANYRES32=r3], 0x34}}, 0x0)
pipe2$9p(&(0x7f0000000000), 0x0)
quotactl$Q_QUOTAON(0xffffffff80000102, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1.455271717s ago: executing program 5 (id=2429):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r2, @ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095", @ANYRES32=0x0, @ANYRES8=r1], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0xa77}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
close(0x3)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
socket$inet6(0xa, 0x3, 0x4)
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x0, 0x5b}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_io_uring_submit(r5, r6, 0x0)
socket(0x10, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
r9 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r10 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r10, 0x0, 0x4, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0)
sendmsg$kcm(r9, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010027b57000fddbdf2500000000", @ANYRES32=r8, @ANYBLOB="8014000004210000"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

1.129054592s ago: executing program 4 (id=2435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4e, &(0x7f0000000240)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x18, 0x0, 0x0, @private2, @local, {[@hopopts={0x6c, 0x2, '\x00', [@generic={0x7, 0xb, "69cf85d7dfa69519625314"}, @pad1]}]}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x13, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000010000000000000000000000180100002020702500000000002020207baaf8ff00000000bd4106000000000047010000f8ffffffb702000008000000b7030000000000008500002dd10000001801000020786c250000000000202020db1af8ffa1000000bda100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @local}, 0x3}}, 0x2e)

1.101974553s ago: executing program 4 (id=2437):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtaction={0x14, 0x30, 0xffff, 0x70bd2d}, 0x14}}, 0x0)

1.098118243s ago: executing program 5 (id=2438):
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'syztnl0\x00', &(0x7f0000000300)={'ip6gre0\x00', r0, 0x2f, 0x2, 0x2, 0x4, 0x44, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x1, 0x9}})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2229c13, 0x0, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="07000000040000000802000021000000886e000051f314fda24cd50fcf7dc1c9fc5c56c19b589bfd6d7444d7221e4c19da8d5a8f5d08c3484aed8e9f4689264278c34db0daf21c0610bb43a4609ef84e58e36ffdffae08f301493464c778cb4006fb021b5fc9a4612a040aec10e394f430f495e790d6dce51ac07f900316658f410e909f00000000000000000000000000000000000000000000d25b10323f4e6a37d5ac6086c5a8353cafd6ad8af80864c44b78d1954003d4faad3dfa7efb71825ddb45671cf3cd13586a45aaf49e5bf1557c7652979bb14c10ab935b25392b9b5987", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = getpid()
r2 = gettid()
rt_tgsigqueueinfo(r1, r2, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})
readv(0xffffffffffffffff, &(0x7f0000001100)=[{&(0x7f0000000440)=""/164, 0xa4}, {&(0x7f0000000f00)=""/184, 0xb8}], 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))

1.082313523s ago: executing program 4 (id=2439):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x254c, &(0x7f0000000000)={0x0, 0x7c87, 0x800, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(0x0, 0x4800)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")

1.004199594s ago: executing program 5 (id=2441):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x254c, &(0x7f0000000000)={0x0, 0x7c87, 0x800, 0x0, 0x39}, &(0x7f0000000080), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(0x0, 0x4800)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nouid32}]}, 0x1, 0x71c, &(0x7f0000000f40)="$eJzs3U1rXNUbAPDn3mb+yb+NJoKKLyAVxYqlkya2lK6sC9FNMVBwm4bkJsTc9MbMTG1CF+nKrYii4Ea/gxtXims/gF9BQbTURV1F7mQmfZtJpppkIPP7wZ15zr03ec6ZCeeBnGFOAAPrZPmQRjwfEdNJxFjrfBIRlWY0FHFp+747t2/OlUcSW1tX/kia95TtuO9nSiciYjMinouInyoRp9NH89bWN5Zn8zxba7Un6iurE7X1jTNLK7OL2WJ27eK5c1PnLpy/eHH/xvrG+x88Wz3/zuj30wszpyZ//S6JSzHaunb/OPbT9mtSKV/CB7x7EMn6KOl3B/hXhiLiWOv5mRiLY80IADjKtoYjtgCAAZOo/wAwYNr/B2iv7R3UOlg3v78dESOd8g+11sxGmuuQx+8kD6xMJBExfpgd5UjavBURV8dPPvr3lzyyZvu4zu5HBzlQP5bzz6VO80+6M/9Eh/lnpP3Zif+o+/x3L/+xLvPfdI853nuxUXTNfyvihaFO+ZOd/EmX/Fd7zP/D3fm/u13b+jbitY71J3kgV/fPh0wsLOXZ2e3HzjlONm5+uNv4j3fJv7nH+Fd7HP/oZy//vLlL/tdf2f3975S/rImf9pj/k8pbX3S7Vuaf7zL+vd7/b3rMf+GljzZ6vBUAAAAAAAAAAAAAAAAAAAAAAAAAAACOhDQiRiNJqztxmlar23t4Px3H07yo1U8vFI1r89HcK3s8Kmn7q5bHtttJ2Z5sfR9/uz31UPvNiHgqIj4f/n+zXZ0r8vl+Dx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWk48tP//X8Pb+/8DAEfcSL87AAAcOvUfAAaP+g8Ag0f9B4DBo/4DwOBR/wFg8Kj/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByy6cuXy2Przu2bc2V7/vp6Y7m4fmY+qy1XVxpz1blibbW6WBSLeVadK1b2+n15UaxOTUXjxkQ9q9UnausbMytF41p9ZmlldjGbySqHMioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDyjzSNJqxGRNuM0rVYjnoiI8agkC0t5djYinoyIX4Yrw2V7st+dBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9VlvfWJ7N82xNIBAIdoJ+z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+O5t+t3vngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAP6W/JRFRHqfGXh19+Or/krvDzeeI+PjrK1/emK3X1ybL83/unK9/1To/1Y/+AwB7adfpdh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE5q6xvLs3merR1g0O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwf/4JAAD//68fzsc=")

963.254295ms ago: executing program 4 (id=2443):
bind$inet6(0xffffffffffffffff, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x4, @loopback, 0x8}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0xffffffac, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x100, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002600)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="a132", 0x2}], 0x1}}], 0x1, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f00000003c0)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/217, 0xd9, 0x0, 0x0}, &(0x7f0000000400)=0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
poll(&(0x7f0000000280)=[{r1, 0x3230}], 0x1, 0x4040000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

853.861986ms ago: executing program 0 (id=2444):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
unlinkat(0xffffffffffffff9c, 0x0, 0x0)

838.597347ms ago: executing program 0 (id=2445):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mmap_lock_acquire_returned\x00', r1, 0x0, 0x5}, 0x18)
mincore(&(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000200)=""/160)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x100000000]}, 0x40, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="180100000000000000000000040000008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x1, 0xf0, &(0x7f00000007c0)=""/240, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x0, &(0x7f0000000200)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@errors_remount}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
acct(&(0x7f0000000200)='./file1\x00')
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r9, &(0x7f0000000940)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x437, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r10, 0x5f501}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5, 0x4, 0x1}, @IFLA_GENEVE_REMOTE6={0x14, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x11}, 0x40004)
sendmmsg$inet(r5, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @empty, @dev={0xac, 0x14, 0x14, 0x27}}}}], 0x20}}], 0x1, 0x80)
setsockopt$inet6_opts(r2, 0x29, 0x0, &(0x7f00000001c0)=@fragment={0x67, 0x0, 0x7, 0x1, 0x0, 0x7, 0x68}, 0x8)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r11, 0x200, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6e3c, 0x47}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x40082)

750.091868ms ago: executing program 1 (id=2446):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1efedf05c33332b6be6f318631d4b74b000000ff", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRESDEC=r2, @ANYRES16=0x0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20092b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r4, 0x0, 0x4ab}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000000), 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r7, 0x29, 0xd4, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r5, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

636.51723ms ago: executing program 0 (id=2447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

564.884131ms ago: executing program 2 (id=2448):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
fchdir(0xffffffffffffffff)
socket(0x28, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
flistxattr(r2, 0x0, 0x0)

545.549311ms ago: executing program 2 (id=2449):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtaction={0x14, 0x30, 0xffff, 0x70bd2d}, 0x14}}, 0x0)

527.393311ms ago: executing program 2 (id=2450):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
fcntl$setstatus(r1, 0x4, 0x400)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='kmem_cache_free\x00', r4, 0x0, 0x10001}, 0x18)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800050030000000600000000028290081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)

431.644783ms ago: executing program 1 (id=2451):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r2, @ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095", @ANYRES32=0x0, @ANYRES8=r1], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0xa77}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
close(0x3)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
socket$inet6(0xa, 0x3, 0x4)
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x0, 0x5b}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_io_uring_submit(r5, r6, 0x0)
socket(0x10, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
r9 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r10 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r10, 0x0, 0x4, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0)
sendmsg$kcm(r9, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010027b57000fddbdf2500000000", @ANYRES32=r8, @ANYBLOB="8014000004210000"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

345.712704ms ago: executing program 2 (id=2452):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
pipe2$9p(&(0x7f0000000200), 0x84000)
sendmsg$nl_route(r2, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="340000006800010000000000fedbdf250a00000000000000140006000000000000000000000000000000000108000500", @ANYRES32=r3], 0x34}}, 0x0)
pipe2$9p(&(0x7f0000000000), 0x0)
quotactl$Q_QUOTAON(0xffffffff80000102, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

330.747475ms ago: executing program 2 (id=2453):
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'syztnl0\x00', &(0x7f0000000300)={'ip6gre0\x00', r0, 0x2f, 0x2, 0x2, 0x4, 0x44, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x1, 0x9}})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2229c13, 0x0, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="07000000040000000802000021000000886e000051f314fda24cd50fcf7dc1c9fc5c56c19b589bfd6d7444d7221e4c19da8d5a8f5d08c3484aed8e9f4689264278c34db0daf21c0610bb43a4609ef84e58e36ffdffae08f301493464c778cb4006fb021b5fc9a4612a040aec10e394f430f495e790d6dce51ac07f900316658f410e909f00000000000000000000000000000000000000000000d25b10323f4e6a37d5ac6086c5a8353cafd6ad8af80864c44b78d1954003d4faad3dfa7efb71825ddb45671cf3cd13586a45aaf49e5bf1557c7652979bb14c10ab935b25392b9b598741b6a30e212efe500e365c8648f75bdd", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = getpid()
r2 = gettid()
rt_tgsigqueueinfo(r1, r2, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})
readv(0xffffffffffffffff, &(0x7f0000001100)=[{&(0x7f0000000440)=""/164, 0xa4}, {&(0x7f0000000f00)=""/184, 0xb8}], 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))

252.696466ms ago: executing program 2 (id=2454):
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='sessionid\x00')
r1 = syz_io_uring_setup(0x2e3b, &(0x7f0000000080)={0x0, 0x482b, 0x10100, 0x1}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000300))
syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000103})
syz_io_uring_submit(r2, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x567, 0xa1ff, 0x0, 0x0, 0x0)
open$dir(0x0, 0x0, 0x51)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, 0x0, 0x854)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r6 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x3, r6, 0x0, 0x0)
request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
pause()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)
ioctl$TIOCSETD(r8, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2000000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000080))
socket$inet_udp(0x2, 0x2, 0x0)

161.831987ms ago: executing program 1 (id=2455):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)

140.677837ms ago: executing program 5 (id=2456):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
fchdir(0xffffffffffffffff)
socket(0x28, 0x5, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000001c0)='cdg\x00', 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
flistxattr(r4, 0x0, 0x0)

117.431318ms ago: executing program 1 (id=2457):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
fcntl$setstatus(r1, 0x4, 0x400)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='kmem_cache_free\x00', r4, 0x0, 0x10001}, 0x18)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800050030000000600000000028290081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)

116.752858ms ago: executing program 5 (id=2458):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mmap_lock_acquire_returned\x00', r1, 0x0, 0x5}, 0x18)
mincore(&(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000200)=""/160)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x100000000]}, 0x40, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="180100000000000000000000040000008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x1, 0xf0, &(0x7f00000007c0)=""/240, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x0, &(0x7f0000000200)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@errors_remount}, {@dioread_lock}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@mblk_io_submit}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t")
acct(&(0x7f0000000200)='./file1\x00')
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket(0x10, 0x803, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x437, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x5f501}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5, 0x4, 0x1}, @IFLA_GENEVE_REMOTE6={0x14, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x11}, 0x40004)
setsockopt$inet6_opts(r2, 0x29, 0x0, &(0x7f00000001c0)=@fragment={0x67, 0x0, 0x7, 0x1, 0x0, 0x7, 0x68}, 0x8)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r6, 0x200, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6e3c, 0x47}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x40082)

52.671959ms ago: executing program 4 (id=2459):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$igmp(0x2, 0x3, 0x2)
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r2, @ANYBLOB, @ANYRES8, @ANYRES64=r2, @ANYRESDEC=r2], 0x48)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYBLOB="01dd745fe09f3d4ff9fb7b0e5e11ea0e82435806c305eab077e5a40a7e18c472670fc63b95ac63c19f403c9e60fa47bc7d6d294605608e7672c9be1dcc47229baada1e24b1276b303fe879d1f1d99a3b8287030c4689829f09fbb3f52f809f6aed9d9f6c436113e8e6190b218b8f5ea8c9217c72f75d6a3f37bcafe28dcea84146bc56da8322f7bb980cb42ef117e811ef173c65d830986d8b0d99ad8caaa291ab0a7bb4fe25a5f3c9f2a79a7a", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10)
modify_ldt$write(0x1, 0x0, 0x0)
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x101100, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'pimreg\x00'})
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1a0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x32d800, 0x182)
renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', r6, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r7, &(0x7f0000000100)={0x20000014})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000000a0a0104d700000000000000020000012500010073797a30000000000900020073797a3100000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x20000000)
socket(0x10, 0x803, 0x0)
r9 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="06000000040000000200000000ffff54fc57e830abb9bdf491c4095dd951ffffffff00", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
quotactl_fd$Q_GETINFO(r6, 0xffffffff80000502, 0x0, &(0x7f00000001c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e20, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x655f}}, 0x5, 0x0, 0x3fc, 0x8a}, 0x9c)

44.537309ms ago: executing program 4 (id=2460):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1efedf05c33332b6be6f318631d4b74b000000ff", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRESDEC=r2, @ANYRES16=0x0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20092b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r4, 0x0, 0x4ab}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
acct(0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000000), 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r7, 0x29, 0xd4, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r5, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020005000000140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

16.29043ms ago: executing program 1 (id=2461):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x84}, 0x1, 0x0, 0x0, 0x801}, 0x0)

0s ago: executing program 1 (id=2462):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_create1(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r2, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r3}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x1c}}, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_emit_ethernet(0x96, &(0x7f00000002c0)={@multicast, @remote, @val={@val={0x88a8, 0x0, 0x0, 0x4}, {0x8100, 0x4, 0x1, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x58, 0x3a, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[@routing={0xa2, 0x8, 0x0, 0x5, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @empty}, @mcast1, @private1]}], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0xfffd}}}}}}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
recvmmsg(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0}, 0x275a}], 0x1, 0x60010020, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5eb, &(0x7f00000018c0)="$eJzs3c9vVNUeAPDvnZkWSuG1j7y893BhGg2BRGlpAYM/YmBPCKg7N1ZaCFJ+hNZokcSS4MZE3bggcaWJuPNPUKJbVyYuXLhxZUjQGDYao2PudO4wDDPtFGa4tffzSaY9556ZOd8L/c65c+85MwEU1lj6oxSxIyIuJBEjTW2VqDeOLd/v9q+XT6S3JKrVF39JIqlvy+6b1B83XN/w50jEt18lsb18b7/zi5fOTM/NzV6s1ycWzl6YmF+8tOf02elTs6dmz009NXXwwP4DByf3PtD+lZrKR66+9sbIu0df/vSjP5LJz344msSh+Pnkclu2H700FmPxW7X6duv29N/qYK87y0m58XdyR9K6oebY1ocTEWtRqefIYET8L0ai3PS/ORLvHM81OKCvqklEFSioRP5DQWXHAdl7+y7eBx+/+cnz/T8wAfru1uH050Cb/K8snxuM0RiIiJ0tj2tzSu++pH188/XRq+kt+nQeDmhv6cqmeqk1/5Nabo7G5lpty+3SXed5SxFxrP473f5C913e9dIx1tIo/+HhWboSEf9vd/y/ev6/0pT/r95n//IfAAAAAAAAeufG4Yh4st31v1L92tzmeKx2/S9Zvv733Z0Vgod60P/q1/9KN3vQDdDGrcMRz7Wd/9tYOTtarte2Lc8GTE6enpvdGxH/iojdMbAprU+u0Mee97Zf69TWPP8vvZXi8olsLmB8XovjZmXT3Y+ZmV6YftD9BiJuXYl4pNJ5/k86/ifN439d+npwocs+tu+8fqxTW2v+p/038h/oq+rHEbvajv9J4z7Jyp/PMVE7HpjIjgru9ehbH3zRqX/5D/lJx/8tK+f/aNL8eT3za3v+wYjYt1ipdmpfPf/bH/8PJi+Vs+dPvTm9sHBxMmIwOVJOWrdPrS1m2KiyfMjyJc3/3Y+vfP6vcfzflIdDEbHUZZ///Wv4x05txn/IT5r/M2sa/9demLo++mWn/rsb//fXxvrd9S3O/8HKuk3QvOMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH+iUkRsjaQ03iiXSuPjEcMR8Z/YUpo7P7/wxMnzr5+bSdtq3/9fyr7pd2S5nmTf/z/aVJ9qqe+LiH9HxIfloVp9/MT5uZm8dx4AAAAAAAAAAAAAAAAAAADWieEO6/9TP5Xzjg7ou0r9t3yH4qnkHQCQG/kPxSX/objkPxSX/Ifius/8d7kANgDjPxTVQHd329zvOIA8GP8BAAAAAGBDufHs09eSiFh6Zqh2Sw3W2xoXBofyig7op1LeAQC5MYcXisvUHyiuLif/AhtY0ij9Xm3X3nn2f9KfgAAAAAAAAAAAAACAe+zaceP7Vdf/AxuS9f9QXNb/Q3FZ/w/Flb3Hf39bzoEAuVltFb/1/wAAAAAAAAAAAACQv/nFS2em5+ZmLz54oXpnNWFvnvDMdDa3uEcRrttCNrt6vcSzTgoDEbEOwsihMNj79FxrIYcXIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoK2/AwAA//+iBxxY")
fcntl$notify(0xffffffffffffffff, 0x402, 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c"], 0x140}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0}, 0x18)

kernel console output (not intermixed with test programs):

] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.062443][ T8881] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1666'.
[  134.071532][ T8881] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1666'.
[  134.085663][ T8873] loop2: detected capacity change from 0 to 1024
[  134.092210][ T8881] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1666'.
[  134.103190][ T8883] loop4: detected capacity change from 0 to 128
[  134.109924][ T8883] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  134.137918][ T8873] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  134.149000][ T8873] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  134.149585][ T8881] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1666'.
[  134.162930][ T8873] JBD2: no valid journal superblock found
[  134.167730][ T8881] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1666'.
[  134.173492][ T8873] EXT4-fs (loop2): Could not load journal inode
[  134.233518][ T8890] FAULT_INJECTION: forcing a failure.
[  134.233518][ T8890] name failslab, interval 1, probability 0, space 0, times 0
[  134.246234][ T8890] CPU: 1 UID: 0 PID: 8890 Comm: syz.4.1667 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  134.246259][ T8890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.246269][ T8890] Call Trace:
[  134.246275][ T8890]  <TASK>
[  134.246283][ T8890]  __dump_stack+0x1d/0x30
[  134.246306][ T8890]  dump_stack_lvl+0xe8/0x140
[  134.246357][ T8890]  dump_stack+0x15/0x1b
[  134.246371][ T8890]  should_fail_ex+0x265/0x280
[  134.246396][ T8890]  ? show_partition_start+0x43/0x130
[  134.246417][ T8890]  should_failslab+0x8c/0xb0
[  134.246441][ T8890]  __kmalloc_cache_noprof+0x4c/0x320
[  134.246531][ T8890]  show_partition_start+0x43/0x130
[  134.246552][ T8890]  seq_read_iter+0x279/0x940
[  134.246583][ T8890]  proc_reg_read_iter+0x110/0x180
[  134.246649][ T8890]  copy_splice_read+0x3c4/0x5f0
[  134.246679][ T8890]  ? __pfx_copy_splice_read+0x10/0x10
[  134.246773][ T8890]  splice_direct_to_actor+0x26f/0x680
[  134.246798][ T8890]  ? __pfx_direct_splice_actor+0x10/0x10
[  134.246829][ T8890]  do_splice_direct+0xda/0x150
[  134.246930][ T8890]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  134.247008][ T8890]  do_sendfile+0x380/0x650
[  134.247036][ T8890]  __x64_sys_sendfile64+0x105/0x150
[  134.247111][ T8890]  x64_sys_call+0xb39/0x2fb0
[  134.247131][ T8890]  do_syscall_64+0xd2/0x200
[  134.247194][ T8890]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.247269][ T8890]  ? clear_bhb_loop+0x40/0x90
[  134.247291][ T8890]  ? clear_bhb_loop+0x40/0x90
[  134.247309][ T8890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.247355][ T8890] RIP: 0033:0x7f42096ce929
[  134.247371][ T8890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.247389][ T8890] RSP: 002b:00007f4207d16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  134.247409][ T8890] RAX: ffffffffffffffda RBX: 00007f42098f6080 RCX: 00007f42096ce929
[  134.247419][ T8890] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  134.247430][ T8890] RBP: 00007f4207d16090 R08: 0000000000000000 R09: 0000000000000000
[  134.247441][ T8890] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  134.247465][ T8890] R13: 0000000000000000 R14: 00007f42098f6080 R15: 00007ffd9bc2fb68
[  134.247486][ T8890]  </TASK>
[  134.497468][ T8887] loop4: detected capacity change from 0 to 2048
[  134.809275][ T8912] loop5: detected capacity change from 0 to 8192
[  134.952829][ T8914] loop1: detected capacity change from 0 to 1024
[  134.979389][ T8914] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.022849][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.098649][ T8923] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  135.169267][ T8925] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  135.254736][ T8925] loop1: detected capacity change from 0 to 1024
[  135.268660][ T8925] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  135.279665][ T8925] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  135.290377][ T8925] JBD2: no valid journal superblock found
[  135.296236][ T8925] EXT4-fs (loop1): Could not load journal inode
[  135.463243][ T8936] loop1: detected capacity change from 0 to 2048
[  135.611782][ T8937] lo speed is unknown, defaulting to 1000
[  135.910695][ T8941] loop2: detected capacity change from 0 to 1024
[  135.931737][ T8941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.955958][ T8936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.019384][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.042339][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.179623][ T8955] loop5: detected capacity change from 0 to 128
[  136.189845][ T8956] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.199574][ T8955] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  136.208557][ T8956] bond0 (unregistering): Released all slaves
[  136.244311][ T8959] loop5: detected capacity change from 0 to 1024
[  136.271439][ T8959] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.323288][ T8959] veth0_vlan: entered allmulticast mode
[  136.386738][ T8965] syz_tun: left allmulticast mode
[  136.391860][ T8965] syz_tun: left promiscuous mode
[  136.397081][ T8965] bridge0: port 3(syz_tun) entered disabled state
[  136.419592][ T8968] netlink: 'syz.0.1694': attribute type 21 has an invalid length.
[  136.427515][ T8968] IPv6: NLM_F_CREATE should be specified when creating new route
[  136.455042][ T8965] bridge_slave_0: left promiscuous mode
[  136.460931][ T8965] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.507997][ T8970] SELinux: failed to load policy
[  136.521985][ T8965] bridge_slave_1: left allmulticast mode
[  136.527716][ T8965] bridge_slave_1: left promiscuous mode
[  136.533453][ T8965] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.552974][ T8965] team0: Port device team_slave_0 removed
[  136.560498][ T8965] team0: Port device team_slave_1 removed
[  136.567607][ T8967] ÿÿÿÿÿÿ: renamed from vlan1
[  136.584867][ T8973] team0: Mode changed to "loadbalance"
[  136.595827][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.754520][ T8983] loop1: detected capacity change from 0 to 512
[  136.770302][ T8983] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  137.157301][ T8979] loop5: detected capacity change from 0 to 2048
[  137.198953][ T8979] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.227011][ T8992] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  137.389101][   T29] kauditd_printk_skb: 84 callbacks suppressed
[  137.389129][   T29] audit: type=1326 audit(1751024307.453:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.436522][ T8992] loop4: detected capacity change from 0 to 1024
[  137.482453][ T8992] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  137.493407][ T8992] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  137.579854][   T29] audit: type=1326 audit(1751024307.483:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.603335][   T29] audit: type=1326 audit(1751024307.493:5164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.626730][   T29] audit: type=1326 audit(1751024307.493:5165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.650207][   T29] audit: type=1326 audit(1751024307.493:5166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.673591][   T29] audit: type=1326 audit(1751024307.493:5167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.696987][   T29] audit: type=1326 audit(1751024307.493:5168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.720463][   T29] audit: type=1326 audit(1751024307.493:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.743916][   T29] audit: type=1326 audit(1751024307.503:5170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.767309][   T29] audit: type=1326 audit(1751024307.503:5171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8995 comm="syz.2.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  137.793683][ T8983] EXT4-fs (loop1): orphan cleanup on readonly fs
[  137.801359][ T8983] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1696: Failed to acquire dquot type 1
[  137.814109][ T8989] netlink: 'syz.0.1699': attribute type 39 has an invalid length.
[  137.853886][ T8992] JBD2: no valid journal superblock found
[  137.859746][ T8992] EXT4-fs (loop4): Could not load journal inode
[  137.868829][ T8979] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.915681][ T8983] EXT4-fs (loop1): 1 truncate cleaned up
[  137.926109][ T8983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.011353][ T8983] lo speed is unknown, defaulting to 1000
[  138.141801][ T9001] loop4: detected capacity change from 0 to 512
[  138.161221][ T8979] geneve2: entered promiscuous mode
[  138.198018][ T9001] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.211938][ T9001] ext4 filesystem being mounted at /337/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  138.307916][ T3387] Process accounting resumed
[  138.337495][   T41] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  138.358028][   T41] EXT4-fs (loop5): Remounting filesystem read-only
[  138.386270][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.399221][ T9009] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  138.439248][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.503003][ T9009] loop2: detected capacity change from 0 to 1024
[  138.511143][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.520807][ T9009] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  138.531812][ T9009] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  138.543873][ T9015] SELinux: failed to load policy
[  138.578718][ T9009] JBD2: no valid journal superblock found
[  138.584468][ T9009] EXT4-fs (loop2): Could not load journal inode
[  138.596952][ T9009] __nla_validate_parse: 9 callbacks suppressed
[  138.596964][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.612368][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.621659][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.642670][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.651939][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.661107][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.670432][ T9013] loop1: detected capacity change from 0 to 2048
[  138.677241][ T9013] EXT4-fs: Ignoring removed mblk_io_submit option
[  138.689351][ T9013] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.692961][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.710512][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.719571][ T9009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1704'.
[  138.740641][ T1037] Process accounting resumed
[  138.745729][   T41] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  138.776649][   T41] EXT4-fs (loop1): Remounting filesystem read-only
[  138.785672][ T9032] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  138.826531][ T9035] bridge0: port 1(gretap0) entered blocking state
[  138.833135][ T9035] bridge0: port 1(gretap0) entered disabled state
[  138.839915][ T9035] gretap0: entered allmulticast mode
[  138.845589][ T9035] gretap0: left allmulticast mode
[  138.859000][ T9032] loop5: detected capacity change from 0 to 1024
[  138.866061][ T9032] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  138.877127][ T9032] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  138.898879][ T9032] JBD2: no valid journal superblock found
[  138.904961][ T9032] EXT4-fs (loop5): Could not load journal inode
[  138.912053][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.931980][ T9041] bridge0: port 1(syz_tun) entered blocking state
[  138.938489][ T9041] bridge0: port 1(syz_tun) entered disabled state
[  138.946802][ T9041] syz_tun: entered allmulticast mode
[  138.953631][ T9041] syz_tun: entered promiscuous mode
[  138.966945][ T9041] bridge0: port 1(syz_tun) entered blocking state
[  138.973599][ T9041] bridge0: port 1(syz_tun) entered forwarding state
[  139.039493][ T9041] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1718'.
[  139.101846][ T9054] loop1: detected capacity change from 0 to 1024
[  139.114955][ T9054] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  139.126022][ T9054] EXT4-fs (loop1): group descriptors corrupted!
[  139.132984][ T9046] loop5: detected capacity change from 0 to 2048
[  139.134360][ T9057] netlink: 'syz.0.1721': attribute type 1 has an invalid length.
[  139.150379][ T9054] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  139.160630][ T9046] EXT4-fs: Ignoring removed mblk_io_submit option
[  139.182248][ T9046] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.225588][ T9067] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  139.245404][ T9045] Process accounting resumed
[  139.277327][   T31] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  139.292434][   T31] EXT4-fs (loop5): Remounting filesystem read-only
[  139.299578][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.319151][ T9067] loop1: detected capacity change from 0 to 1024
[  139.326969][ T9067] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  139.338069][ T9067] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  139.354976][ T9067] JBD2: no valid journal superblock found
[  139.360789][ T9067] EXT4-fs (loop1): Could not load journal inode
[  139.411992][ T9079] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  139.485726][ T9079] loop5: detected capacity change from 0 to 1024
[  139.493034][ T9079] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  139.504042][ T9079] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  139.514816][ T9079] JBD2: no valid journal superblock found
[  139.520643][ T9079] EXT4-fs (loop5): Could not load journal inode
[  139.565031][ T9098] loop5: detected capacity change from 0 to 2048
[  139.580072][ T9098] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.714671][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.739298][ T9104] loop4: detected capacity change from 0 to 1024
[  139.765396][ T9121] loop5: detected capacity change from 0 to 1024
[  139.783384][ T9104] ext4 filesystem being mounted at /341/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.783559][ T9125] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  139.836152][ T9131] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  139.863605][ T9135] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  139.902720][ T9139] loop1: detected capacity change from 0 to 1024
[  139.924049][ T9139] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  139.935092][ T9139] EXT4-fs (loop1): group descriptors corrupted!
[  139.946044][ T9135] loop5: detected capacity change from 0 to 1024
[  139.959410][ T9135] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  139.970360][ T9135] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  139.988079][ T9135] JBD2: no valid journal superblock found
[  139.993843][ T9135] EXT4-fs (loop5): Could not load journal inode
[  140.042363][ T9145] loop1: detected capacity change from 0 to 2048
[  140.119016][ T9152] loop5: detected capacity change from 0 to 1024
[  140.128749][ T9152] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1752: Failed to acquire dquot type 0
[  140.141202][ T9152] EXT4-fs (loop5): 1 truncate cleaned up
[  140.148920][ T9152] siw: device registration error -23
[  140.620942][ T9159] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  140.724399][ T9159] loop2: detected capacity change from 0 to 1024
[  140.761362][ T9159] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  140.772349][ T9159] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  140.810997][ T9159] JBD2: no valid journal superblock found
[  140.816804][ T9159] EXT4-fs (loop2): Could not load journal inode
[  140.926126][ T9169] loop2: detected capacity change from 0 to 1024
[  140.991709][ T9178] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  141.072217][ T9177] xt_hashlimit: max too large, truncated to 1048576
[  141.089245][ T9182] loop1: detected capacity change from 0 to 1024
[  141.105213][ T9182] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  141.116328][ T9182] EXT4-fs (loop1): group descriptors corrupted!
[  141.142569][ T9190] loop5: detected capacity change from 0 to 512
[  141.158750][ T9190] EXT4-fs: Ignoring removed oldalloc option
[  141.164927][ T9190] ext4: Bad value for 'resgid'
[  141.169762][ T9190] ext4: Bad value for 'resgid'
[  141.197908][ T9195] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  141.282967][ T9195] loop5: detected capacity change from 0 to 1024
[  141.298754][ T9195] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  141.309757][ T9195] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  141.357540][ T9195] JBD2: no valid journal superblock found
[  141.363339][ T9195] EXT4-fs (loop5): Could not load journal inode
[  141.518232][ T9210] loop5: detected capacity change from 0 to 8192
[  141.622128][ T9213] loop5: detected capacity change from 0 to 1024
[  141.829353][ T9230] loop4: detected capacity change from 0 to 128
[  141.836140][ T9230] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  141.844351][ T9221] loop5: detected capacity change from 0 to 2048
[  141.851150][ T9221] EXT4-fs: Ignoring removed mblk_io_submit option
[  141.871097][    T9] Process accounting resumed
[  141.876441][  T151] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  141.898194][  T151] EXT4-fs (loop5): Remounting filesystem read-only
[  141.946984][ T9241] loop2: detected capacity change from 0 to 512
[  141.957357][ T9241] EXT4-fs: Ignoring removed oldalloc option
[  141.963382][ T9241] ext4: Bad value for 'resgid'
[  141.968277][ T9241] ext4: Bad value for 'resgid'
[  142.189713][ T9254] loop2: detected capacity change from 0 to 256
[  142.198714][ T9254] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  142.441604][ T9256] loop1: detected capacity change from 0 to 2048
[  142.448904][ T9256] EXT4-fs: Ignoring removed mblk_io_submit option
[  142.468845][ T9264] loop5: detected capacity change from 0 to 1024
[  142.478640][ T3387] Process accounting resumed
[  142.483861][  T192] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 234: padding at end of block bitmap is not set
[  142.499274][ T9264] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  142.510202][ T9264] EXT4-fs (loop5): group descriptors corrupted!
[  142.510289][  T192] EXT4-fs (loop1): Remounting filesystem read-only
[  142.641041][ T9274] loop5: detected capacity change from 0 to 512
[  142.655365][ T9270] loop1: detected capacity change from 0 to 8192
[  142.657699][ T9274] EXT4-fs: Ignoring removed oldalloc option
[  142.669395][ T9274] ext4: Bad value for 'resgid'
[  142.674303][ T9274] ext4: Bad value for 'resgid'
[  142.761167][ T9283] siw: device registration error -23
[  142.773607][   T29] kauditd_printk_skb: 307 callbacks suppressed
[  142.773620][   T29] audit: type=1326 audit(1751024312.833:5475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.804085][ T9278] loop5: detected capacity change from 0 to 1024
[  142.811844][ T9278] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  142.822856][ T9278] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  142.824631][   T29] audit: type=1326 audit(1751024312.833:5476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.852127][ T9278] JBD2: no valid journal superblock found
[  142.855881][   T29] audit: type=1326 audit(1751024312.833:5477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.861712][ T9278] EXT4-fs (loop5): Could not load journal inode
[  142.884963][   T29] audit: type=1326 audit(1751024312.833:5478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.884992][   T29] audit: type=1326 audit(1751024312.833:5479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.938287][   T29] audit: type=1326 audit(1751024312.833:5480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.961672][   T29] audit: type=1326 audit(1751024312.833:5481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  142.985189][   T29] audit: type=1326 audit(1751024312.833:5482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  143.008577][   T29] audit: type=1326 audit(1751024312.843:5483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  143.031968][   T29] audit: type=1326 audit(1751024312.843:5484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9285 comm="syz.4.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  143.122359][ T9292] loop5: detected capacity change from 0 to 512
[  143.129297][ T9292] EXT4-fs: Ignoring removed oldalloc option
[  143.135303][ T9292] ext4: Bad value for 'resgid'
[  143.135526][ T9294] loop4: detected capacity change from 0 to 1024
[  143.140336][ T9292] ext4: Bad value for 'resgid'
[  143.158876][ T9294] ext4 filesystem being mounted at /353/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.172721][ T9294] netlink: 'syz.4.1806': attribute type 1 has an invalid length.
[  143.191137][ T9298] loop5: detected capacity change from 0 to 1024
[  143.198588][ T9298] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  143.209516][ T9298] EXT4-fs (loop5): group descriptors corrupted!
[  143.329798][ T9304] loop5: detected capacity change from 0 to 1024
[  143.336833][ T9304] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  143.347803][ T9304] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  143.357788][ T9300] loop4: detected capacity change from 0 to 2048
[  143.358522][ T9304] JBD2: no valid journal superblock found
[  143.364837][ T9300] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.369916][ T9304] EXT4-fs (loop5): Could not load journal inode
[  143.407124][ T9315] loop5: detected capacity change from 0 to 512
[  143.413821][ T9315] EXT4-fs: Ignoring removed oldalloc option
[  143.419974][ T9315] ext4: Bad value for 'resgid'
[  143.424819][ T9315] ext4: Bad value for 'resgid'
[  143.441345][    T9] Process accounting resumed
[  143.446468][  T192] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 234: padding at end of block bitmap is not set
[  143.465220][  T192] EXT4-fs (loop4): Remounting filesystem read-only
[  143.528947][ T9313] loop2: detected capacity change from 0 to 1024
[  143.569804][ T9322] net_ratelimit: 4 callbacks suppressed
[  143.569819][ T9322] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  143.604457][ T9324] __nla_validate_parse: 86 callbacks suppressed
[  143.604472][ T9324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1816'.
[  143.627193][ T9324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1816'.
[  143.645491][ T9324] xt_hashlimit: max too large, truncated to 1048576
[  143.654241][ T9313] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.670335][ T9322] loop4: detected capacity change from 0 to 1024
[  143.684184][ T9322] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  143.695198][ T9322] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  143.707499][ T9331] loop1: detected capacity change from 0 to 512
[  143.715516][ T9331] EXT4-fs: Ignoring removed oldalloc option
[  143.721819][ T9331] ext4: Bad value for 'resgid'
[  143.726618][ T9331] ext4: Bad value for 'resgid'
[  143.767649][ T9322] JBD2: no valid journal superblock found
[  143.773417][ T9322] EXT4-fs (loop4): Could not load journal inode
[  143.818570][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.827694][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.836802][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.862936][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.872041][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.881189][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.921436][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.930557][ T9322] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1815'.
[  143.984790][ T9345] loop4: detected capacity change from 0 to 1024
[  144.259337][ T9349] loop4: detected capacity change from 0 to 2048
[  144.266266][ T9349] EXT4-fs: Ignoring removed mblk_io_submit option
[  144.323101][ T2961] Process accounting resumed
[  144.328319][  T151] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  144.372392][ T9356] loop5: detected capacity change from 0 to 1024
[  144.383905][  T151] EXT4-fs (loop4): Remounting filesystem read-only
[  144.413021][ T9356] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.437706][ T9356] netlink: 'syz.5.1825': attribute type 1 has an invalid length.
[  144.549486][ T9365] SELinux: ebitmap: truncated map
[  144.554771][ T9365] SELinux: failed to load policy
[  144.703883][ T9379] loop1: detected capacity change from 0 to 1024
[  144.711109][ T9379] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  144.722110][ T9379] EXT4-fs (loop1): group descriptors corrupted!
[  144.747726][ T9381] loop1: detected capacity change from 0 to 2048
[  144.779575][ T9385] loop1: detected capacity change from 0 to 1024
[  144.819252][ T9389] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  144.890580][ T9389] loop1: detected capacity change from 0 to 1024
[  144.897690][ T9389] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  144.908777][ T9389] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  144.919250][ T9389] JBD2: no valid journal superblock found
[  144.924970][ T9389] EXT4-fs (loop1): Could not load journal inode
[  145.069358][ T9394] loop4: detected capacity change from 0 to 2048
[  145.076275][ T9394] EXT4-fs: Ignoring removed mblk_io_submit option
[  145.100540][ T1037] Process accounting resumed
[  145.105804][  T151] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  145.135041][  T151] EXT4-fs (loop4): Remounting filesystem read-only
[  145.363044][ T9413] FAULT_INJECTION: forcing a failure.
[  145.363044][ T9413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.376212][ T9413] CPU: 0 UID: 0 PID: 9413 Comm: syz.0.1843 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  145.376242][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.376255][ T9413] Call Trace:
[  145.376261][ T9413]  <TASK>
[  145.376270][ T9413]  __dump_stack+0x1d/0x30
[  145.376299][ T9413]  dump_stack_lvl+0xe8/0x140
[  145.376352][ T9413]  dump_stack+0x15/0x1b
[  145.376370][ T9413]  should_fail_ex+0x265/0x280
[  145.376402][ T9413]  should_fail+0xb/0x20
[  145.376429][ T9413]  should_fail_usercopy+0x1a/0x20
[  145.376539][ T9413]  _copy_from_iter+0xcf/0xe40
[  145.376645][ T9413]  ? __build_skb_around+0x1a0/0x200
[  145.376674][ T9413]  ? __alloc_skb+0x223/0x320
[  145.376748][ T9413]  netlink_sendmsg+0x471/0x6b0
[  145.376770][ T9413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.376786][ T9413]  __sock_sendmsg+0x142/0x180
[  145.376806][ T9413]  ____sys_sendmsg+0x31e/0x4e0
[  145.376911][ T9413]  ___sys_sendmsg+0x17b/0x1d0
[  145.377024][ T9413]  __x64_sys_sendmsg+0xd4/0x160
[  145.377059][ T9413]  x64_sys_call+0x2999/0x2fb0
[  145.377079][ T9413]  do_syscall_64+0xd2/0x200
[  145.377096][ T9413]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.377121][ T9413]  ? clear_bhb_loop+0x40/0x90
[  145.377177][ T9413]  ? clear_bhb_loop+0x40/0x90
[  145.377199][ T9413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.377314][ T9413] RIP: 0033:0x7f4d3ff3e929
[  145.377327][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.377341][ T9413] RSP: 002b:00007f4d3e5a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.377357][ T9413] RAX: ffffffffffffffda RBX: 00007f4d40165fa0 RCX: 00007f4d3ff3e929
[  145.377370][ T9413] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000007
[  145.377383][ T9413] RBP: 00007f4d3e5a7090 R08: 0000000000000000 R09: 0000000000000000
[  145.377395][ T9413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.377408][ T9413] R13: 0000000000000000 R14: 00007f4d40165fa0 R15: 00007ffebf3abc78
[  145.377473][ T9413]  </TASK>
[  145.597886][ T9413] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  145.597886][ T9413]    program syz.0.1843 not setting count and/or reply_len properly
[  145.673552][ T9416] hsr_slave_0: left promiscuous mode
[  145.686303][ T9411] loop1: detected capacity change from 0 to 1024
[  145.707938][ T9416] hsr_slave_1: left promiscuous mode
[  145.716940][ T9411] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.733787][ T9421] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  145.733787][ T9421]    program +}[@ not setting count and/or reply_len properly
[  145.792483][ T9427] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  145.866242][ T9427] loop2: detected capacity change from 0 to 1024
[  145.873370][ T9427] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  145.884344][ T9427] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  145.894912][ T9427] JBD2: no valid journal superblock found
[  145.900946][ T9427] EXT4-fs (loop2): Could not load journal inode
[  145.941724][ T9432] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  146.017081][ T9432] loop2: detected capacity change from 0 to 1024
[  146.033816][ T9432] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  146.044911][ T9432] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  146.067208][ T9432] JBD2: no valid journal superblock found
[  146.073025][ T9432] EXT4-fs (loop2): Could not load journal inode
[  146.146164][ T9438] loop4: detected capacity change from 0 to 1024
[  146.168513][ T9438] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  146.179506][ T9438] EXT4-fs (loop4): group descriptors corrupted!
[  146.209380][ T9438] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  146.253127][ T9442] loop4: detected capacity change from 0 to 512
[  146.276799][ T9442] EXT4-fs: Ignoring removed oldalloc option
[  146.306540][ T9442] ext4: Bad value for 'resgid'
[  146.311434][ T9442] ext4: Bad value for 'resgid'
[  146.422385][ T9440] loop2: detected capacity change from 0 to 2048
[  146.447323][ T9440] EXT4-fs: Ignoring removed mblk_io_submit option
[  146.479100][ T2961] Process accounting resumed
[  146.484381][  T151] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  146.501143][  T151] EXT4-fs (loop2): Remounting filesystem read-only
[  146.952714][ T9467] xt_hashlimit: max too large, truncated to 1048576
[  146.968496][ T9456] loop1: detected capacity change from 0 to 2048
[  146.975298][ T9456] EXT4-fs: Ignoring removed mblk_io_submit option
[  146.989711][ T9471] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  147.004138][ T9465] netlink: 'syz.0.1862': attribute type 1 has an invalid length.
[  147.018606][ T9455] Process accounting resumed
[  147.050027][   T41] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  147.065207][   T41] EXT4-fs (loop1): Remounting filesystem read-only
[  147.110284][ T9481] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  147.142112][ T9477] loop2: detected capacity change from 0 to 1024
[  147.150014][ T9477] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  147.160952][ T9477] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  147.171170][ T9477] JBD2: no valid journal superblock found
[  147.176957][ T9477] EXT4-fs (loop2): Could not load journal inode
[  147.263118][ T9491] loop1: detected capacity change from 0 to 1024
[  147.319165][ T9491] EXT4-fs: Ignoring removed i_version option
[  147.335875][ T9496] xt_hashlimit: max too large, truncated to 1048576
[  147.353159][ T9491] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  147.409256][ T9491] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1869: Invalid block bitmap block 0 in block_group 0
[  147.435441][ T9499] xt_hashlimit: max too large, truncated to 1048576
[  147.466802][ T9491] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1869: Failed to acquire dquot type 0
[  147.501344][ T9488] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  147.507899][ T9488] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  147.515621][ T9488] vhci_hcd vhci_hcd.0: Device attached
[  147.521643][ T9491] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.1869: Freeing blocks not in datazone - block = 0, count = 4096
[  147.536786][ T9491] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1869: Invalid inode bitmap blk 0 in block_group 0
[  147.550608][  T151] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  147.562563][ T9491] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  147.565163][ T9497] vhci_hcd: connection closed
[  147.571357][ T9491] EXT4-fs (loop1): 1 orphan inode deleted
[  147.592208][  T192] vhci_hcd: stop threads
[  147.596617][  T192] vhci_hcd: release socket
[  147.601076][  T192] vhci_hcd: disconnect device
[  147.611081][ T9506] loop5: detected capacity change from 0 to 512
[  147.626813][ T9506] EXT4-fs: Ignoring removed oldalloc option
[  147.632899][ T9506] ext4: Bad value for 'resgid'
[  147.637703][ T9506] ext4: Bad value for 'resgid'
[  147.714704][ T9508] loop5: detected capacity change from 0 to 1024
[  147.740151][ T9508] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.771840][ T9508] netlink: 'syz.5.1877': attribute type 1 has an invalid length.
[  147.783923][   T29] kauditd_printk_skb: 477 callbacks suppressed
[  147.783938][   T29] audit: type=1326 audit(1751024317.844:5959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.813622][   T29] audit: type=1326 audit(1751024317.844:5960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.837018][   T29] audit: type=1326 audit(1751024317.844:5961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.860478][   T29] audit: type=1326 audit(1751024317.844:5962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.883979][   T29] audit: type=1326 audit(1751024317.844:5963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.907453][   T29] audit: type=1326 audit(1751024317.844:5964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.961716][   T29] audit: type=1326 audit(1751024317.844:5965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  147.985705][   T29] audit: type=1326 audit(1751024317.844:5966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  148.009184][   T29] audit: type=1326 audit(1751024317.844:5967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  148.032675][   T29] audit: type=1326 audit(1751024317.844:5968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9507 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  148.119218][ T9519] loop5: detected capacity change from 0 to 1024
[  148.168196][ T9519] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.189904][ T9519] netlink: 'syz.5.1880': attribute type 1 has an invalid length.
[  148.233243][ T9525] loop4: detected capacity change from 0 to 1024
[  148.262895][ T9525] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.290903][ T9525] netlink: 'syz.4.1882': attribute type 1 has an invalid length.
[  148.349251][ T9534] xt_hashlimit: max too large, truncated to 1048576
[  148.405998][ T9540] loop4: detected capacity change from 0 to 128
[  148.413277][ T9540] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  148.424456][ T9540] ext2 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.555997][ T9548] loop2: detected capacity change from 0 to 2048
[  148.563333][ T9548] EXT4-fs: Ignoring removed mblk_io_submit option
[  148.636594][ T3387] Process accounting resumed
[  148.641782][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  148.682095][   T51] EXT4-fs (loop2): Remounting filesystem read-only
[  148.831239][ T9557] loop2: detected capacity change from 0 to 512
[  148.848639][ T9557] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  148.878512][ T9557] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  148.893311][ T9557] System zones: 0-2, 18-18, 34-34
[  148.904269][ T9557] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.040989][ T9565] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  149.047586][ T9565] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  149.055214][ T9565] vhci_hcd vhci_hcd.0: Device attached
[  149.063162][ T9566] vhci_hcd: connection closed
[  149.063340][   T51] vhci_hcd: stop threads
[  149.072368][   T51] vhci_hcd: release socket
[  149.076789][   T51] vhci_hcd: disconnect device
[  149.111527][ T9572] __nla_validate_parse: 27 callbacks suppressed
[  149.111543][ T9572] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1897'.
[  149.530236][ T9572] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1897'.
[  149.564448][ T9586] loop1: detected capacity change from 0 to 1024
[  149.571642][ T9586] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  149.582553][ T9586] EXT4-fs (loop1): group descriptors corrupted!
[  149.642403][ T9595] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1906'.
[  149.651681][ T9590] loop1: detected capacity change from 0 to 128
[  149.652202][ T9595] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1906'.
[  149.659652][ T9590] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  149.672727][ T9595] xt_hashlimit: max too large, truncated to 1048576
[  149.677355][ T9590] ext2 filesystem being mounted at /386/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.758470][ T9602] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  149.765097][ T9602] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  149.772889][ T9602] vhci_hcd vhci_hcd.0: Device attached
[  149.779348][ T9602] netlink: 'syz.0.1909': attribute type 4 has an invalid length.
[  149.788607][ T9603] vhci_hcd: connection closed
[  149.788805][   T51] vhci_hcd: stop threads
[  149.797931][   T51] vhci_hcd: release socket
[  149.797941][   T51] vhci_hcd: disconnect device
[  149.817922][ T9600] loop4: detected capacity change from 0 to 2048
[  149.818286][ T9600] EXT4-fs: Ignoring removed mblk_io_submit option
[  149.841526][ T3394] Process accounting resumed
[  149.847090][  T192] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 234: padding at end of block bitmap is not set
[  149.861897][  T192] EXT4-fs (loop4): Remounting filesystem read-only
[  149.894090][ T9607] loop1: detected capacity change from 0 to 1024
[  149.901427][ T9607] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  149.912424][ T9607] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  149.923124][ T9607] JBD2: no valid journal superblock found
[  149.928920][ T9607] EXT4-fs (loop1): Could not load journal inode
[  149.961209][ T9614] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  149.995793][ T9616] loop5: detected capacity change from 0 to 1024
[  150.009129][ T9618] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1913'.
[  150.009778][ T9616] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.042647][ T9616] netlink: 'syz.5.1923': attribute type 1 has an invalid length.
[  150.050493][ T9616] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1923'.
[  150.303850][ T9626] loop4: detected capacity change from 0 to 1024
[  150.337171][ T9628] loop2: detected capacity change from 0 to 1024
[  150.345732][ T9626] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  150.356800][ T9626] EXT4-fs (loop4): group descriptors corrupted!
[  150.390365][ T9628] ext4 filesystem being mounted at /372/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.413587][ T9634] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1919'.
[  150.445271][ T9628] netlink: 'syz.2.1917': attribute type 1 has an invalid length.
[  150.453079][ T9628] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1917'.
[  150.480145][ T9634] xt_hashlimit: max too large, truncated to 1048576
[  150.670111][ T9645] loop2: detected capacity change from 0 to 1024
[  150.700514][ T9650] loop4: detected capacity change from 0 to 512
[  150.707312][ T9650] EXT4-fs: Ignoring removed oldalloc option
[  150.715313][ T9645] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  150.724573][ T9650] ext4: Bad value for 'resgid'
[  150.726394][ T9645] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  150.731135][ T9650] ext4: Bad value for 'resgid'
[  150.773444][ T9645] JBD2: no valid journal superblock found
[  150.779259][ T9645] EXT4-fs (loop2): Could not load journal inode
[  150.936984][ T9665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1933'.
[  150.960016][ T9665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1933'.
[  150.971047][ T9668] loop5: detected capacity change from 0 to 2048
[  150.978747][ T9668] EXT4-fs: Ignoring removed mblk_io_submit option
[  150.988630][ T9665] xt_hashlimit: max too large, truncated to 1048576
[  151.010209][ T3387] Process accounting resumed
[  151.015379][   T51] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  151.072488][   T51] EXT4-fs (loop5): Remounting filesystem read-only
[  151.245263][ T9682] loop5: detected capacity change from 0 to 1024
[  151.280822][ T9682] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.298650][ T9682] netlink: 'syz.5.1941': attribute type 1 has an invalid length.
[  151.387738][ T9692] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  151.494501][ T9688] loop2: detected capacity change from 0 to 2048
[  151.506004][ T9688] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.541297][ T9700] xt_hashlimit: max too large, truncated to 1048576
[  151.574089][ T9686] loop4: detected capacity change from 0 to 2048
[  151.582348][    T9] Process accounting resumed
[  151.587583][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  151.587779][ T9686] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.609468][   T51] EXT4-fs (loop2): Remounting filesystem read-only
[  151.633328][ T9705] loop5: detected capacity change from 0 to 1024
[  151.647603][ T9705] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1948: Failed to acquire dquot type 0
[  151.686303][ T9705] EXT4-fs (loop5): 1 truncate cleaned up
[  151.691764][ T3387] Process accounting resumed
[  151.694421][ T9705] siw: device registration error -23
[  151.702843][  T151] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  151.726135][  T151] EXT4-fs (loop4): Remounting filesystem read-only
[  151.869063][ T9722] loop4: detected capacity change from 0 to 1024
[  151.876367][ T9722] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  151.887273][ T9722] EXT4-fs (loop4): group descriptors corrupted!
[  151.917642][ T9724] loop2: detected capacity change from 0 to 1024
[  151.947222][ T9724] ext4 filesystem being mounted at /384/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.000164][ T9728] loop4: detected capacity change from 0 to 1024
[  152.026258][ T9728] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  152.037279][ T9728] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  152.056077][ T9728] JBD2: no valid journal superblock found
[  152.061841][ T9728] EXT4-fs (loop4): Could not load journal inode
[  152.213911][ T9732] loop2: detected capacity change from 0 to 2048
[  152.222471][ T9732] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.257173][ T3387] Process accounting resumed
[  152.265001][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  152.303197][   T51] EXT4-fs (loop2): Remounting filesystem read-only
[  152.330874][ T9753] loop4: detected capacity change from 0 to 1024
[  152.543322][ T9774] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  152.673653][ T9774] loop2: detected capacity change from 0 to 1024
[  152.685792][ T9774] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  152.696721][ T9774] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  152.717224][ T9774] JBD2: no valid journal superblock found
[  152.723016][ T9774] EXT4-fs (loop2): Could not load journal inode
[  152.748343][ T9767] loop5: detected capacity change from 0 to 2048
[  152.775306][ T9767] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.785949][   T29] kauditd_printk_skb: 659 callbacks suppressed
[  152.785964][   T29] audit: type=1326 audit(1751024322.855:6626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9778 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  152.815828][   T29] audit: type=1326 audit(1751024322.855:6627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9778 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  152.840405][   T29] audit: type=1326 audit(1751024322.905:6628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9778 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  152.863705][   T29] audit: type=1326 audit(1751024322.905:6629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9778 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  152.887202][   T29] audit: type=1326 audit(1751024322.905:6630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9778 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  152.943222][ T9791] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  152.990893][   T29] audit: type=1326 audit(1751024323.005:6631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9788 comm="syz.4.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  153.014422][   T29] audit: type=1326 audit(1751024323.005:6632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9788 comm="syz.4.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  153.038151][   T29] audit: type=1326 audit(1751024323.005:6633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9788 comm="syz.4.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  153.061695][   T29] audit: type=1326 audit(1751024323.005:6634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9788 comm="syz.4.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  153.085372][   T29] audit: type=1326 audit(1751024323.005:6635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9788 comm="syz.4.1978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42096ce929 code=0x7ffc0000
[  153.117177][ T9795] devtmpfs: Unknown parameter 'èuge'
[  153.117296][ T9797] loop4: detected capacity change from 0 to 1024
[  153.133312][ T9791] loop2: detected capacity change from 0 to 1024
[  153.141373][ T9791] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  153.152439][ T9791] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  153.164115][ T9791] JBD2: no valid journal superblock found
[  153.169917][ T9791] EXT4-fs (loop2): Could not load journal inode
[  153.198333][ T9767] Process accounting resumed
[  153.241837][   T51] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  153.274636][   T51] EXT4-fs (loop5): Remounting filesystem read-only
[  153.318499][ T9820] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  153.432967][ T9832] loop5: detected capacity change from 0 to 1024
[  153.594219][ T9839] loop1: detected capacity change from 0 to 2048
[  153.616477][ T9839] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.620233][ T9851] SELinux: ebitmap: truncated map
[  153.635015][ T9851] SELinux: failed to load policy
[  153.652425][ T9854] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  153.714919][ T9858] loop5: detected capacity change from 0 to 2048
[  153.748888][ T9864] xt_hashlimit: max too large, truncated to 1048576
[  153.778004][ T9854] loop2: detected capacity change from 0 to 1024
[  153.797301][ T9854] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  153.808248][ T9854] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  153.829107][ T9854] JBD2: no valid journal superblock found
[  153.834860][ T9854] EXT4-fs (loop2): Could not load journal inode
[  153.844055][ T9880] loop1: detected capacity change from 0 to 512
[  153.851223][ T9880] EXT4-fs: Ignoring removed oldalloc option
[  153.859042][ T9880] ext4: Bad value for 'resgid'
[  153.863869][ T9880] ext4: Bad value for 'resgid'
[  153.948102][ T9907] loop2: detected capacity change from 0 to 1024
[  154.030113][ T9914] loop5: detected capacity change from 0 to 2048
[  154.126468][ T9939] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  154.227551][ T9950] loop2: detected capacity change from 0 to 1024
[  154.355311][ T9967] __nla_validate_parse: 36 callbacks suppressed
[  154.355335][ T9967] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2029'.
[  154.399455][ T9967] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2029'.
[  154.493092][ T9969] loop1: detected capacity change from 0 to 2048
[  154.499940][ T9969] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.529964][ T3387] Process accounting resumed
[  154.535060][   T51] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  154.566074][   T51] EXT4-fs (loop1): Remounting filesystem read-only
[  154.607434][ T9979] loop5: detected capacity change from 0 to 2048
[  154.622911][ T9979] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.659371][ T9997] loop4: detected capacity change from 0 to 1024
[  154.672611][    T9] Process accounting resumed
[  154.695438][  T192] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 234: padding at end of block bitmap is not set
[  154.724512][  T192] EXT4-fs (loop5): Remounting filesystem read-only
[  154.834668][T10014] loop4: detected capacity change from 0 to 2048
[  154.841786][T10014] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.864247][T10021] loop5: detected capacity change from 0 to 1024
[  154.882587][    T9] Process accounting resumed
[  154.896443][   T41] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  154.911538][   T41] EXT4-fs (loop4): Remounting filesystem read-only
[  154.912297][T10021] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.078759][T10041] syzkaller0: entered promiscuous mode
[  155.084296][T10041] syzkaller0: entered allmulticast mode
[  155.091842][T10032] lo speed is unknown, defaulting to 1000
[  155.246336][T10032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.253836][T10032] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.286595][T10032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.294025][T10032] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.328543][T10072] loop2: detected capacity change from 0 to 2048
[  155.335424][T10072] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.369552][ T3387] Process accounting resumed
[  155.377598][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  155.392963][   T51] EXT4-fs (loop2): Remounting filesystem read-only
[  155.400674][T10097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2052'.
[  155.412682][T10097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2052'.
[  155.424347][T10097] xt_hashlimit: max too large, truncated to 1048576
[  155.484614][T10103] loop2: detected capacity change from 0 to 1024
[  155.500297][T10103] ext4 filesystem being mounted at /403/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.550081][T10110] loop5: detected capacity change from 0 to 2048
[  155.557615][T10110] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.605588][    T9] Process accounting resumed
[  155.611489][   T41] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  155.636065][   T41] EXT4-fs (loop5): Remounting filesystem read-only
[  155.732901][T10125] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  155.739584][T10125] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  155.747454][T10125] vhci_hcd vhci_hcd.0: Device attached
[  155.776991][T10125] netlink: 'syz.5.2058': attribute type 4 has an invalid length.
[  155.798537][T10126] vhci_hcd: connection closed
[  155.798624][   T41] vhci_hcd: stop threads
[  155.807694][   T41] vhci_hcd: release socket
[  155.812114][   T41] vhci_hcd: disconnect device
[  156.172735][T10158] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2069'.
[  156.182379][T10158] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2069'.
[  156.248520][T10169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2072'.
[  156.261606][T10169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2072'.
[  156.278126][T10169] xt_hashlimit: max too large, truncated to 1048576
[  156.658191][T10200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2084'.
[  156.668389][T10200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2084'.
[  156.680231][T10200] xt_hashlimit: max too large, truncated to 1048576
[  156.682946][T10194] loop2: detected capacity change from 0 to 1024
[  156.716306][T10194] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  156.727280][T10194] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  156.740171][T10204] xt_hashlimit: max too large, truncated to 1048576
[  156.768512][T10194] JBD2: no valid journal superblock found
[  156.774332][T10194] EXT4-fs (loop2): Could not load journal inode
[  156.783186][T10208] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  157.004041][T10226] loop5: detected capacity change from 0 to 1024
[  157.011349][T10226] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  157.016213][T10228] xt_hashlimit: max too large, truncated to 1048576
[  157.022307][T10226] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  157.055675][T10226] JBD2: no valid journal superblock found
[  157.061430][T10226] EXT4-fs (loop5): Could not load journal inode
[  157.170420][T10245] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  157.192981][T10249] FAULT_INJECTION: forcing a failure.
[  157.192981][T10249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.206208][T10249] CPU: 1 UID: 0 PID: 10249 Comm: syz.0.2102 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  157.206233][T10249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.206246][T10249] Call Trace:
[  157.206252][T10249]  <TASK>
[  157.206261][T10249]  __dump_stack+0x1d/0x30
[  157.206359][T10249]  dump_stack_lvl+0xe8/0x140
[  157.206375][T10249]  dump_stack+0x15/0x1b
[  157.206392][T10249]  should_fail_ex+0x265/0x280
[  157.206441][T10249]  should_fail+0xb/0x20
[  157.206537][T10249]  should_fail_usercopy+0x1a/0x20
[  157.206566][T10249]  _copy_from_user+0x1c/0xb0
[  157.206588][T10249]  do_ipv6_setsockopt+0x220/0x22e0
[  157.206613][T10249]  ? kstrtoull+0x111/0x140
[  157.206634][T10249]  ? __rcu_read_unlock+0x4f/0x70
[  157.206688][T10249]  ? avc_has_perm_noaudit+0x1b1/0x200
[  157.206717][T10249]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  157.206809][T10249]  ipv6_setsockopt+0x59/0x130
[  157.206833][T10249]  tcp_setsockopt+0x98/0xb0
[  157.206895][T10249]  sock_common_setsockopt+0x66/0x80
[  157.206920][T10249]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  157.206946][T10249]  __sys_setsockopt+0x181/0x200
[  157.207036][T10249]  __x64_sys_setsockopt+0x64/0x80
[  157.207061][T10249]  x64_sys_call+0x2bd5/0x2fb0
[  157.207086][T10249]  do_syscall_64+0xd2/0x200
[  157.207101][T10249]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  157.207136][T10249]  ? clear_bhb_loop+0x40/0x90
[  157.207156][T10249]  ? clear_bhb_loop+0x40/0x90
[  157.207176][T10249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.207196][T10249] RIP: 0033:0x7f4d3ff3e929
[  157.207253][T10249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.207270][T10249] RSP: 002b:00007f4d3e5a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  157.207289][T10249] RAX: ffffffffffffffda RBX: 00007f4d40165fa0 RCX: 00007f4d3ff3e929
[  157.207301][T10249] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[  157.207313][T10249] RBP: 00007f4d3e5a7090 R08: 0000000000000570 R09: 0000000000000000
[  157.207333][T10249] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.207346][T10249] R13: 0000000000000000 R14: 00007f4d40165fa0 R15: 00007ffebf3abc78
[  157.207366][T10249]  </TASK>
[  157.216317][T10251] loop1: detected capacity change from 0 to 1024
[  157.353423][T10262] xt_hashlimit: max too large, truncated to 1048576
[  157.355252][T10251] EXT4-fs: Mount option(s) incompatible with ext2
[  157.470990][T10276] loop5: detected capacity change from 0 to 512
[  157.477789][T10276] EXT4-fs: Ignoring removed oldalloc option
[  157.483701][T10276] ext4: Bad value for 'resgid'
[  157.488653][T10276] ext4: Bad value for 'resgid'
[  157.540975][T10288] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  157.588748][T10300] FAULT_INJECTION: forcing a failure.
[  157.588748][T10300] name failslab, interval 1, probability 0, space 0, times 0
[  157.601565][T10300] CPU: 1 UID: 0 PID: 10300 Comm: syz.0.2117 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  157.601642][T10300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.601654][T10300] Call Trace:
[  157.601660][T10300]  <TASK>
[  157.601667][T10300]  __dump_stack+0x1d/0x30
[  157.601688][T10300]  dump_stack_lvl+0xe8/0x140
[  157.601706][T10300]  dump_stack+0x15/0x1b
[  157.601720][T10300]  should_fail_ex+0x265/0x280
[  157.601788][T10300]  ? ftrace_profile_set_filter+0xc2/0x190
[  157.601879][T10300]  should_failslab+0x8c/0xb0
[  157.601901][T10300]  __kmalloc_cache_noprof+0x4c/0x320
[  157.601930][T10300]  ftrace_profile_set_filter+0xc2/0x190
[  157.601990][T10300]  perf_ioctl+0x7b3/0x12e0
[  157.602017][T10300]  ? ioctl_has_perm+0x289/0x2a0
[  157.602042][T10300]  ? do_vfs_ioctl+0xd1e/0x11d0
[  157.602107][T10300]  ? selinux_file_ioctl+0x2e3/0x370
[  157.602208][T10300]  ? __fget_files+0x184/0x1c0
[  157.602228][T10300]  ? __pfx_perf_ioctl+0x10/0x10
[  157.602255][T10300]  __se_sys_ioctl+0xce/0x140
[  157.602296][T10300]  __x64_sys_ioctl+0x43/0x50
[  157.602321][T10300]  x64_sys_call+0x19a8/0x2fb0
[  157.602341][T10300]  do_syscall_64+0xd2/0x200
[  157.602356][T10300]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  157.602377][T10300]  ? clear_bhb_loop+0x40/0x90
[  157.602424][T10300]  ? clear_bhb_loop+0x40/0x90
[  157.602443][T10300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.602464][T10300] RIP: 0033:0x7f4d3ff3e929
[  157.602480][T10300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.602521][T10300] RSP: 002b:00007f4d3e5a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.602539][T10300] RAX: ffffffffffffffda RBX: 00007f4d40165fa0 RCX: 00007f4d3ff3e929
[  157.602552][T10300] RDX: 00002000000001c0 RSI: 0000000040082406 RDI: 0000000000000005
[  157.602563][T10300] RBP: 00007f4d3e5a7090 R08: 0000000000000000 R09: 0000000000000000
[  157.602574][T10300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.602595][T10300] R13: 0000000000000000 R14: 00007f4d40165fa0 R15: 00007ffebf3abc78
[  157.602614][T10300]  </TASK>
[  157.824834][T10304] loop1: detected capacity change from 0 to 1024
[  157.866885][T10308] bridge0: port 2(gretap0) entered blocking state
[  157.873514][T10308] bridge0: port 2(gretap0) entered disabled state
[  157.880203][T10308] gretap0: entered allmulticast mode
[  157.886141][T10308] gretap0: left allmulticast mode
[  157.906508][T10304] EXT4-fs mount: 110 callbacks suppressed
[  157.906522][T10304] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.957263][   T29] kauditd_printk_skb: 537 callbacks suppressed
[  157.957279][   T29] audit: type=1326 audit(1751024328.025:7173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10314 comm="syz.0.2125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.007122][   T29] audit: type=1326 audit(1751024328.055:7174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10314 comm="syz.0.2125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.007967][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.030629][   T29] audit: type=1326 audit(1751024328.055:7175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10314 comm="syz.0.2125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.063196][   T29] audit: type=1326 audit(1751024328.055:7176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10314 comm="syz.0.2125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.086763][   T29] audit: type=1326 audit(1751024328.055:7177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10314 comm="syz.0.2125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.175652][T10327] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  158.223431][   T29] audit: type=1326 audit(1751024328.285:7178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.247106][   T29] audit: type=1326 audit(1751024328.285:7179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.269045][T10333] loop2: detected capacity change from 0 to 1024
[  158.270717][   T29] audit: type=1326 audit(1751024328.285:7180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.300562][   T29] audit: type=1326 audit(1751024328.285:7181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.324093][   T29] audit: type=1326 audit(1751024328.285:7182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ff3e929 code=0x7ffc0000
[  158.357250][T10335] xt_hashlimit: max too large, truncated to 1048576
[  158.358382][T10333] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  158.374869][T10333] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  158.393436][T10333] JBD2: no valid journal superblock found
[  158.399296][T10333] EXT4-fs (loop2): Could not load journal inode
[  158.431740][T10345] loop4: detected capacity change from 0 to 2048
[  158.451236][T10345] EXT4-fs (loop4): failed to initialize system zone (-117)
[  158.458874][T10345] EXT4-fs (loop4): mount failed
[  158.617480][T10376] loop4: detected capacity change from 0 to 512
[  158.627404][T10376] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  158.675284][T10376] EXT4-fs (loop4): 1 truncate cleaned up
[  158.681396][T10376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.706383][T10376] tipc: Trying to set illegal importance in message
[  158.732024][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.794323][T10379] loop1: detected capacity change from 0 to 2048
[  158.835597][T10379] EXT4-fs: Ignoring removed mblk_io_submit option
[  158.890053][T10384] loop5: detected capacity change from 0 to 2048
[  158.896867][T10384] EXT4-fs: Ignoring removed mblk_io_submit option
[  158.962609][T10379] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.976408][T10384] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.997196][    T9] Process accounting resumed
[  159.006941][   T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  159.041881][T10393] Process accounting resumed
[  159.055114][   T31] EXT4-fs (loop1): Remounting filesystem read-only
[  159.233129][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.299345][   T41] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  159.321960][   T41] EXT4-fs (loop5): Remounting filesystem read-only
[  159.357228][T10422] __nla_validate_parse: 26 callbacks suppressed
[  159.357267][T10422] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2158'.
[  159.373692][T10422] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2158'.
[  159.383559][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.421740][T10422] xt_hashlimit: max too large, truncated to 1048576
[  159.500110][T10432] loop4: detected capacity change from 0 to 1024
[  159.522776][T10414] loop1: detected capacity change from 0 to 2048
[  159.530549][T10414] EXT4-fs: Ignoring removed mblk_io_submit option
[  159.537218][T10436] loop5: detected capacity change from 0 to 1024
[  159.544742][T10436] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  159.555727][T10436] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  159.565769][T10432] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  159.566841][T10436] JBD2: no valid journal superblock found
[  159.576800][T10432] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  159.582463][T10436] EXT4-fs (loop5): Could not load journal inode
[  159.608179][T10414] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.608489][T10432] JBD2: no valid journal superblock found
[  159.626111][T10432] EXT4-fs (loop4): Could not load journal inode
[  159.633436][    T9] Process accounting resumed
[  159.639314][   T41] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  159.649090][T10436] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2163'.
[  159.654275][   T41] EXT4-fs (loop1): Remounting filesystem read-only
[  159.662892][T10436] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2163'.
[  159.678626][T10436] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2163'.
[  159.692972][T10432] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2161'.
[  159.702135][T10432] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2161'.
[  159.711264][T10432] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2161'.
[  159.725089][T10436] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2163'.
[  159.734197][T10436] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2163'.
[  159.782549][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.884222][T10472] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  159.949302][T10476] loop5: detected capacity change from 0 to 512
[  159.959932][T10476] EXT4-fs: Ignoring removed oldalloc option
[  159.966478][T10476] ext4: Bad value for 'resgid'
[  159.971314][T10476] ext4: Bad value for 'resgid'
[  159.990956][T10478] xt_hashlimit: max too large, truncated to 1048576
[  160.014705][T10472] loop4: detected capacity change from 0 to 1024
[  160.022420][T10472] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  160.033350][T10472] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  160.051707][T10472] JBD2: no valid journal superblock found
[  160.057682][T10472] EXT4-fs (loop4): Could not load journal inode
[  160.083484][T10489] loop1: detected capacity change from 0 to 2048
[  160.115301][T10489] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.153273][T10489] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.165707][T10490] loop2: detected capacity change from 0 to 1024
[  160.173499][T10490] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  160.184503][T10490] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  160.200608][T10490] JBD2: no valid journal superblock found
[  160.206404][T10490] EXT4-fs (loop2): Could not load journal inode
[  160.230439][T10487] loop5: detected capacity change from 0 to 2048
[  160.237800][T10487] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.253695][T10466] Process accounting resumed
[  160.259841][T10487] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.276074][ T2961] Process accounting resumed
[  160.281379][   T31] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  160.306414][   T31] EXT4-fs (loop5): Remounting filesystem read-only
[  160.344982][   T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  160.382439][   T31] EXT4-fs (loop1): Remounting filesystem read-only
[  160.405346][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.435896][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.512406][T10527] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  160.608728][T10536] xt_hashlimit: max too large, truncated to 1048576
[  160.633975][T10529] lo speed is unknown, defaulting to 1000
[  160.692377][T10514] loop2: detected capacity change from 0 to 2048
[  160.700909][T10514] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.737539][T10514] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.753880][    T9] Process accounting resumed
[  160.760313][  T151] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 234: padding at end of block bitmap is not set
[  160.783434][T10563] loop1: detected capacity change from 0 to 1024
[  160.786236][  T151] EXT4-fs (loop2): Remounting filesystem read-only
[  160.797649][T10563] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  160.808641][T10563] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  160.819352][T10563] JBD2: no valid journal superblock found
[  160.825210][T10563] EXT4-fs (loop1): Could not load journal inode
[  160.905993][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.988546][T10595] loop4: detected capacity change from 0 to 512
[  161.025470][T10595] EXT4-fs: Ignoring removed oldalloc option
[  161.070235][T10595] ext4: Bad value for 'resgid'
[  161.075074][T10595] ext4: Bad value for 'resgid'
[  161.174850][T10608] loop2: detected capacity change from 0 to 512
[  161.181772][T10608] EXT4-fs: dax option not supported
[  161.246093][T10611] netlink: 'syz.2.2193': attribute type 13 has an invalid length.
[  161.267879][T10611] bridge0: port 4(gretap0) entered disabled state
[  161.293374][T10611] bridge0: port 3(syz_tun) entered disabled state
[  161.308202][T10611] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.315368][T10611] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.386343][T10611] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.395323][T10611] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.404232][T10611] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.413663][T10611] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.511490][T10609] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.519094][T10609] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.529332][T10617] loop4: detected capacity change from 0 to 512
[  161.544970][T10617] EXT4-fs: Ignoring removed oldalloc option
[  161.552253][T10609] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.559734][T10609] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.564741][T10617] ext4: Bad value for 'resgid'
[  161.571619][T10617] ext4: Bad value for 'resgid'
[  161.594599][T10593] lo speed is unknown, defaulting to 1000
[  161.666056][T10650] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.673490][T10650] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.685305][T10650] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.692793][T10650] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.924201][T10661] loop2: detected capacity change from 0 to 1024
[  161.938922][T10661] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  161.949878][T10661] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  161.972126][T10661] JBD2: no valid journal superblock found
[  161.978001][T10661] EXT4-fs (loop2): Could not load journal inode
[  161.988862][T10656] loop5: detected capacity change from 0 to 2048
[  162.000794][T10656] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.071791][T10656] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.122514][ T3394] Process accounting resumed
[  162.126874][T10674] lo speed is unknown, defaulting to 1000
[  162.133460][ T1768] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 234: padding at end of block bitmap is not set
[  162.188863][ T1768] EXT4-fs (loop5): Remounting filesystem read-only
[  162.197155][T10670] loop1: detected capacity change from 0 to 2048
[  162.203961][T10670] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.243053][T10670] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.266063][ T2961] Process accounting resumed
[  162.271835][ T1768] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 234: padding at end of block bitmap is not set
[  162.287298][ T1768] EXT4-fs (loop1): Remounting filesystem read-only
[  162.294371][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.407102][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.477419][T10749] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  162.552237][T10749] loop5: detected capacity change from 0 to 1024
[  162.559805][T10749] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  162.571037][T10749] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  162.588944][T10749] JBD2: no valid journal superblock found
[  162.594795][T10749] EXT4-fs (loop5): Could not load journal inode
[  162.816098][T10772] lo speed is unknown, defaulting to 1000
[  162.905354][T10779] lo speed is unknown, defaulting to 1000
[  162.931865][T10815] loop4: detected capacity change from 0 to 1024
[  162.948088][T10815] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2234: Failed to acquire dquot type 0
[  162.972597][T10775] loop1: detected capacity change from 0 to 2048
[  162.995200][T10815] EXT4-fs (loop4): 1 truncate cleaned up
[  163.001277][T10815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.002412][T10775] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.060085][T10775] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.061392][T10815] siw: device registration error -23
[  163.080511][ T2961] Process accounting resumed
[  163.085889][   T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  163.129129][   T31] EXT4-fs (loop1): Remounting filesystem read-only
[  163.153217][   T29] kauditd_printk_skb: 354 callbacks suppressed
[  163.153230][   T29] audit: type=1326 audit(1751024333.216:7535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.186404][   T29] audit: type=1326 audit(1751024333.256:7536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.209970][   T29] audit: type=1326 audit(1751024333.256:7537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.233618][   T29] audit: type=1326 audit(1751024333.256:7538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.257224][   T29] audit: type=1326 audit(1751024333.256:7539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.271993][T10845] xt_hashlimit: max too large, truncated to 1048576
[  163.280899][   T29] audit: type=1326 audit(1751024333.256:7540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.311083][   T29] audit: type=1326 audit(1751024333.256:7541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.316920][T10847] loop2: detected capacity change from 0 to 1024
[  163.334676][   T29] audit: type=1326 audit(1751024333.256:7542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.364089][T10847] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  163.364441][   T29] audit: type=1326 audit(1751024333.256:7543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.375267][T10847] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  163.399286][   T29] audit: type=1326 audit(1751024333.256:7544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.5.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f46ac16e929 code=0x7ffc0000
[  163.435758][T10847] JBD2: no valid journal superblock found
[  163.441526][T10847] EXT4-fs (loop2): Could not load journal inode
[  163.450241][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.479836][T10853] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  163.572357][T10853] loop5: detected capacity change from 0 to 1024
[  163.580398][T10853] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  163.591417][T10853] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  163.613557][T10853] JBD2: no valid journal superblock found
[  163.619413][T10853] EXT4-fs (loop5): Could not load journal inode
[  163.673505][T10859] loop1: detected capacity change from 0 to 2048
[  163.690358][T10859] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.705559][T10859] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.759368][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.827331][T10878] Process accounting resumed
[  163.845557][T10892] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  163.907087][ T1768] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 234: padding at end of block bitmap is not set
[  163.927520][ T1768] EXT4-fs (loop1): Remounting filesystem read-only
[  163.940327][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.941796][T10900] loop2: detected capacity change from 0 to 1024
[  163.960198][T10900] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  163.971139][T10900] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  164.005076][T10900] JBD2: no valid journal superblock found
[  164.010820][T10900] EXT4-fs (loop2): Could not load journal inode
[  164.046108][T10898] lo speed is unknown, defaulting to 1000
[  164.256882][T10909] loop1: detected capacity change from 0 to 2048
[  164.272632][T10909] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.286846][T10909] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.324569][ T3394] Process accounting resumed
[  164.329824][   T51] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  164.454737][   T51] EXT4-fs (loop1): Remounting filesystem read-only
[  164.556586][T10974] __nla_validate_parse: 64 callbacks suppressed
[  164.556601][T10974] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2265'.
[  164.583274][T10974] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2265'.
[  164.645575][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.661438][T10974] xt_hashlimit: max too large, truncated to 1048576
[  164.674408][T10975] loop2: detected capacity change from 0 to 1024
[  164.682079][T10975] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  164.693060][T10975] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  164.696345][T10966] loop5: detected capacity change from 0 to 2048
[  164.709298][T10975] JBD2: no valid journal superblock found
[  164.715377][T10975] EXT4-fs (loop2): Could not load journal inode
[  164.727994][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.736502][T10966] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.737132][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.752564][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.756215][T10966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.807116][T10997] netlink: 'syz.0.2270': attribute type 13 has an invalid length.
[  164.820011][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.829109][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.838168][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.869329][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.878535][T10975] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2264'.
[  164.918301][T11016] netlink: 'syz.2.2278': attribute type 13 has an invalid length.
[  164.927094][T10997] bridge0: port 1(syz_tun) entered disabled state
[  164.964067][T10964] Process accounting resumed
[  164.991901][T11026] xt_hashlimit: max too large, truncated to 1048576
[  165.020970][T11028] bridge0: port 2(gretap0) entered blocking state
[  165.027708][T11028] bridge0: port 2(gretap0) entered disabled state
[  165.034372][T11028] gretap0: entered allmulticast mode
[  165.040152][T11028] gretap0: left allmulticast mode
[  165.105615][   T51] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  165.132268][T11041] siw: device registration error -23
[  165.148846][   T51] EXT4-fs (loop5): Remounting filesystem read-only
[  165.158066][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.167284][T11044] loop2: detected capacity change from 0 to 1024
[  165.188400][T11044] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.211580][T11055] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  165.249792][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.294274][T11061] netlink: 'syz.5.2293': attribute type 13 has an invalid length.
[  165.303721][T11047] loop4: detected capacity change from 0 to 2048
[  165.312461][T11047] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.323089][T11062] xt_hashlimit: max too large, truncated to 1048576
[  165.333192][T11047] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.354808][T11064] FAULT_INJECTION: forcing a failure.
[  165.354808][T11064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.368093][T11064] CPU: 1 UID: 0 PID: 11064 Comm: syz.1.2294 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  165.368184][T11064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.368195][T11064] Call Trace:
[  165.368260][T11064]  <TASK>
[  165.368267][T11064]  __dump_stack+0x1d/0x30
[  165.368295][T11064]  dump_stack_lvl+0xe8/0x140
[  165.368316][T11064]  dump_stack+0x15/0x1b
[  165.368332][T11064]  should_fail_ex+0x265/0x280
[  165.368374][T11064]  should_fail+0xb/0x20
[  165.368397][T11064]  should_fail_usercopy+0x1a/0x20
[  165.368425][T11064]  _copy_from_user+0x1c/0xb0
[  165.368500][T11064]  do_ipv6_setsockopt+0x220/0x22e0
[  165.368525][T11064]  ? kstrtoull+0x111/0x140
[  165.368630][T11064]  ? avc_has_perm_noaudit+0x1b1/0x200
[  165.368660][T11064]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  165.368688][T11064]  ipv6_setsockopt+0x59/0x130
[  165.368714][T11064]  udpv6_setsockopt+0x99/0xb0
[  165.368737][T11064]  sock_common_setsockopt+0x66/0x80
[  165.368834][T11064]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  165.368858][T11064]  __sys_setsockopt+0x181/0x200
[  165.368889][T11064]  __x64_sys_setsockopt+0x64/0x80
[  165.368935][T11064]  x64_sys_call+0x2bd5/0x2fb0
[  165.369024][T11064]  do_syscall_64+0xd2/0x200
[  165.369041][T11064]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  165.369159][T11064]  ? clear_bhb_loop+0x40/0x90
[  165.369186][T11064]  ? clear_bhb_loop+0x40/0x90
[  165.369208][T11064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.369231][T11064] RIP: 0033:0x7fcd6c87e929
[  165.369291][T11064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.369305][T11064] RSP: 002b:00007fcd6aee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  165.369374][T11064] RAX: ffffffffffffffda RBX: 00007fcd6caa5fa0 RCX: 00007fcd6c87e929
[  165.369386][T11064] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  165.369398][T11064] RBP: 00007fcd6aee7090 R08: 0000000000000020 R09: 0000000000000000
[  165.369411][T11064] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[  165.369481][T11064] R13: 0000000000000000 R14: 00007fcd6caa5fa0 R15: 00007fff61316ea8
[  165.369502][T11064]  </TASK>
[  165.373127][T11061] bridge0: port 4(gretap0) entered disabled state
[  165.484565][ T3387] Process accounting resumed
[  165.614497][   T51] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  165.631948][   T51] EXT4-fs (loop4): Remounting filesystem read-only
[  165.708648][T11083] loop1: detected capacity change from 0 to 2048
[  165.724559][T11061] bridge0: port 3(syz_tun) entered disabled state
[  165.724647][T11083] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.747490][T11083] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.760277][T11061] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.767635][T11061] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.891897][T11061] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  165.901221][T11061] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  165.910324][T11061] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  165.919574][T11061] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  166.009465][T11088] Process accounting resumed
[  166.053793][T11115] loop2: detected capacity change from 0 to 2048
[  166.065731][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.105470][   T41] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  166.125245][T11115] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.138816][   T41] EXT4-fs (loop1): Remounting filesystem read-only
[  166.147226][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.175391][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.438676][T11154] loop1: detected capacity change from 0 to 2048
[  166.444735][T11164] lo speed is unknown, defaulting to 1000
[  166.451101][T11173] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  166.468294][T11154] EXT4-fs: Ignoring removed mblk_io_submit option
[  166.485523][T11154] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.516220][T11106] Process accounting resumed
[  166.521465][   T41] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  166.543034][T11173] loop5: detected capacity change from 0 to 1024
[  166.549579][   T41] EXT4-fs (loop1): Remounting filesystem read-only
[  166.554732][T11160] loop2: detected capacity change from 0 to 2048
[  166.563002][T11173] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  166.574178][T11173] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  166.574409][T11160] EXT4-fs: Ignoring removed mblk_io_submit option
[  166.591429][T11173] JBD2: no valid journal superblock found
[  166.597302][T11173] EXT4-fs (loop5): Could not load journal inode
[  166.606015][T11160] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.656789][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.684859][T11159] Process accounting resumed
[  166.729370][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  166.755074][   T51] EXT4-fs (loop2): Remounting filesystem read-only
[  166.775450][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.802024][T11229] loop5: detected capacity change from 0 to 512
[  166.818928][T11229] EXT4-fs: Ignoring removed oldalloc option
[  166.832017][T11229] ext4: Bad value for 'resgid'
[  166.836927][T11229] ext4: Bad value for 'resgid'
[  166.940519][T11247] xt_hashlimit: max too large, truncated to 1048576
[  166.987256][T11245] loop5: detected capacity change from 0 to 2048
[  166.994292][T11245] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.005148][T11245] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.019684][T11105] Process accounting resumed
[  167.024726][   T41] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  167.041400][   T41] EXT4-fs (loop5): Remounting filesystem read-only
[  167.111911][T11269] FAULT_INJECTION: forcing a failure.
[  167.111911][T11269] name failslab, interval 1, probability 0, space 0, times 0
[  167.124737][T11269] CPU: 0 UID: 0 PID: 11269 Comm: syz.4.2345 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  167.124836][T11269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.124847][T11269] Call Trace:
[  167.124852][T11269]  <TASK>
[  167.124861][T11269]  __dump_stack+0x1d/0x30
[  167.124883][T11269]  dump_stack_lvl+0xe8/0x140
[  167.124941][T11269]  dump_stack+0x15/0x1b
[  167.124955][T11269]  should_fail_ex+0x265/0x280
[  167.124985][T11269]  should_failslab+0x8c/0xb0
[  167.125006][T11269]  kmem_cache_alloc_node_noprof+0x57/0x320
[  167.125054][T11269]  ? __alloc_skb+0x101/0x320
[  167.125081][T11269]  __alloc_skb+0x101/0x320
[  167.125111][T11269]  netlink_alloc_large_skb+0xba/0xf0
[  167.125175][T11269]  netlink_sendmsg+0x3cf/0x6b0
[  167.125194][T11269]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.125210][T11269]  __sock_sendmsg+0x142/0x180
[  167.125232][T11269]  ____sys_sendmsg+0x31e/0x4e0
[  167.125278][T11269]  ___sys_sendmsg+0x17b/0x1d0
[  167.125324][T11269]  __x64_sys_sendmsg+0xd4/0x160
[  167.125360][T11269]  x64_sys_call+0x2999/0x2fb0
[  167.125406][T11269]  do_syscall_64+0xd2/0x200
[  167.125424][T11269]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  167.125493][T11269]  ? clear_bhb_loop+0x40/0x90
[  167.125513][T11269]  ? clear_bhb_loop+0x40/0x90
[  167.125531][T11269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.125549][T11269] RIP: 0033:0x7f42096ce929
[  167.125562][T11269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.125576][T11269] RSP: 002b:00007f4207d37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.125604][T11269] RAX: ffffffffffffffda RBX: 00007f42098f5fa0 RCX: 00007f42096ce929
[  167.125617][T11269] RDX: 0000000000000004 RSI: 0000200000000000 RDI: 0000000000000003
[  167.125631][T11269] RBP: 00007f4207d37090 R08: 0000000000000000 R09: 0000000000000000
[  167.125643][T11269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.125655][T11269] R13: 0000000000000000 R14: 00007f42098f5fa0 R15: 00007ffd9bc2fb68
[  167.125712][T11269]  </TASK>
[  167.127278][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.178695][T11278] loop2: detected capacity change from 0 to 512
[  167.227619][T11280] xt_hashlimit: max too large, truncated to 1048576
[  167.964618][T11319] loop5: detected capacity change from 0 to 1024
[  167.973997][T11319] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2357: Failed to acquire dquot type 0
[  167.985944][T11319] EXT4-fs (loop5): 1 truncate cleaned up
[  167.988235][T11322] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11322 comm=syz.0.2360
[  167.992186][T11319] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.021292][T11319] siw: device registration error -23
[  168.154289][   T29] kauditd_printk_skb: 604 callbacks suppressed
[  168.154306][   T29] audit: type=1326 audit(1751024338.227:8147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.184211][   T29] audit: type=1326 audit(1751024338.227:8148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.207909][   T29] audit: type=1326 audit(1751024338.227:8149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.231386][   T29] audit: type=1326 audit(1751024338.257:8150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.254938][   T29] audit: type=1326 audit(1751024338.257:8151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.279046][   T29] audit: type=1326 audit(1751024338.257:8152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.302622][   T29] audit: type=1326 audit(1751024338.257:8153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.326217][   T29] audit: type=1326 audit(1751024338.257:8154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.334897][T11326] xt_hashlimit: max too large, truncated to 1048576
[  168.349844][   T29] audit: type=1326 audit(1751024338.257:8155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.379891][   T29] audit: type=1326 audit(1751024338.257:8156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11323 comm="syz.2.2361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9cbce929 code=0x7ffc0000
[  168.468086][T11337] loop4: detected capacity change from 0 to 2048
[  168.485286][T11337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.499470][T11337] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.2367: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  168.516137][T11337] EXT4-fs (loop4): Remounting filesystem read-only
[  168.570052][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.717582][T11346] loop4: detected capacity change from 0 to 2048
[  168.724340][T11346] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.731378][T11351] loop2: detected capacity change from 0 to 1024
[  168.750782][T11346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.751724][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.776796][ T1037] Process accounting resumed
[  168.785343][T11351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.800271][   T41] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  168.816145][   T41] EXT4-fs (loop4): Remounting filesystem read-only
[  168.824371][T11361] 9p: Unknown access argument 18446744073709551615: -34
[  168.872999][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.887689][T11365] xt_hashlimit: max too large, truncated to 1048576
[  168.902444][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.084212][T11398] loop5: detected capacity change from 0 to 1024
[  169.099450][T11399] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11399 comm=syz.2.2383
[  169.130094][T11398] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.188624][T11383] loop4: detected capacity change from 0 to 2048
[  169.195487][T11383] EXT4-fs: Ignoring removed mblk_io_submit option
[  169.225867][ T8130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.253439][T11383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.273119][T11416] loop5: detected capacity change from 0 to 512
[  169.284323][T11403] loop1: detected capacity change from 0 to 2048
[  169.291102][T11403] EXT4-fs: Ignoring removed mblk_io_submit option
[  169.294106][T11416] EXT4-fs: Ignoring removed oldalloc option
[  169.306180][T11096] Process accounting resumed
[  169.311505][   T41] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  169.327497][   T41] EXT4-fs (loop4): Remounting filesystem read-only
[  169.334527][T11416] ext4: Bad value for 'resgid'
[  169.339395][T11416] ext4: Bad value for 'resgid'
[  169.358948][T11403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.394818][T11096] Process accounting resumed
[  169.401108][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.410545][   T31] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  169.432800][T11430] gretap0: left allmulticast mode
[  169.433927][   T31] EXT4-fs (loop1): Remounting filesystem read-only
[  169.437918][T11430] gretap0: left promiscuous mode
[  169.449691][T11430] bridge0: port 4(gretap0) entered disabled state
[  169.461587][T11430] syz_tun: left allmulticast mode
[  169.466771][T11430] syz_tun: left promiscuous mode
[  169.471935][T11430] bridge0: port 3(syz_tun) entered disabled state
[  169.483857][T11430] bridge_slave_1: left allmulticast mode
[  169.489567][T11430] bridge_slave_1: left promiscuous mode
[  169.495428][T11430] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.515029][T11430] bridge_slave_0: left allmulticast mode
[  169.520787][T11430] bridge_slave_0: left promiscuous mode
[  169.526755][T11430] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.535092][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.544290][T11442] loop4: detected capacity change from 0 to 164
[  169.553168][T11442] FAULT_INJECTION: forcing a failure.
[  169.553168][T11442] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.564693][T11447] loop1: detected capacity change from 0 to 1024
[  169.566348][T11442] CPU: 1 UID: 0 PID: 11442 Comm: syz.4.2392 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  169.566375][T11442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.566402][T11442] Call Trace:
[  169.566410][T11442]  <TASK>
[  169.566418][T11442]  __dump_stack+0x1d/0x30
[  169.566445][T11442]  dump_stack_lvl+0xe8/0x140
[  169.566465][T11442]  dump_stack+0x15/0x1b
[  169.566482][T11442]  should_fail_ex+0x265/0x280
[  169.566512][T11442]  should_fail+0xb/0x20
[  169.566614][T11442]  should_fail_usercopy+0x1a/0x20
[  169.566645][T11442]  _copy_from_user+0x1c/0xb0
[  169.566665][T11442]  memdup_user+0x5e/0xd0
[  169.566696][T11442]  strndup_user+0x68/0xb0
[  169.566719][T11442]  __se_sys_add_key+0x128/0x350
[  169.566747][T11442]  __x64_sys_add_key+0x67/0x80
[  169.566771][T11442]  x64_sys_call+0x1d0d/0x2fb0
[  169.566869][T11442]  do_syscall_64+0xd2/0x200
[  169.566955][T11442]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.567054][T11442]  ? clear_bhb_loop+0x40/0x90
[  169.567091][T11442]  ? clear_bhb_loop+0x40/0x90
[  169.567182][T11442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.567203][T11442] RIP: 0033:0x7f42096ce929
[  169.567231][T11442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.567248][T11442] RSP: 002b:00007f4207d16038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  169.567399][T11442] RAX: ffffffffffffffda RBX: 00007f42098f6080 RCX: 00007f42096ce929
[  169.567412][T11442] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000200000000000
[  169.567425][T11442] RBP: 00007f4207d16090 R08: ffffffffffffffff R09: 0000000000000000
[  169.567505][T11442] R10: 0000000000000048 R11: 0000000000000246 R12: 0000000000000001
[  169.567518][T11442] R13: 0000000000000000 R14: 00007f42098f6080 R15: 00007ffd9bc2fb68
[  169.567538][T11442]  </TASK>
[  169.765267][T11447] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.778963][T11440] bridge0: port 2(gretap0) entered blocking state
[  169.785571][T11440] bridge0: port 2(gretap0) entered disabled state
[  169.795118][T11440] gretap0: entered allmulticast mode
[  169.801010][T11440] gretap0: left allmulticast mode
[  169.803735][ T3308] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.806092][T11441] lo speed is unknown, defaulting to 1000
[  169.821223][T11441] lo speed is unknown, defaulting to 1000
[  169.828365][T11441] lo speed is unknown, defaulting to 1000
[  169.855851][T11441] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  169.887307][T11441] lo speed is unknown, defaulting to 1000
[  169.896074][T11441] lo speed is unknown, defaulting to 1000
[  169.902288][T11441] lo speed is unknown, defaulting to 1000
[  169.911101][T11441] lo speed is unknown, defaulting to 1000
[  169.917749][T11441] lo speed is unknown, defaulting to 1000
[  169.924252][T11441] lo speed is unknown, defaulting to 1000
[  170.012975][T11465] lo speed is unknown, defaulting to 1000
[  170.054661][T11514] loop2: detected capacity change from 0 to 1024
[  170.062522][T11514] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  170.073535][T11514] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  170.084178][T11514] JBD2: no valid journal superblock found
[  170.089962][T11514] EXT4-fs (loop2): Could not load journal inode
[  170.096466][T11472] loop4: detected capacity change from 0 to 2048
[  170.103407][T11472] EXT4-fs: Ignoring removed mblk_io_submit option
[  170.109474][T11514] __nla_validate_parse: 19 callbacks suppressed
[  170.109490][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.125298][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.125980][T11472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.134398][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.163724][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.165026][T11096] Process accounting resumed
[  170.172764][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.172782][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.207670][   T51] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  170.230494][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.239730][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.249108][T11514] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2404'.
[  170.249381][   T51] EXT4-fs (loop4): Remounting filesystem read-only
[  170.327956][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.337216][T11538] loop5: detected capacity change from 0 to 2048
[  170.366486][T11538] EXT4-fs (loop5): failed to initialize system zone (-117)
[  170.379217][T11538] EXT4-fs (loop5): mount failed
[  170.390448][T11549] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  170.467996][T11549] loop1: detected capacity change from 0 to 1024
[  170.475399][T11549] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  170.486390][T11549] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  170.496399][T11547] loop4: detected capacity change from 0 to 2048
[  170.497711][T11549] JBD2: no valid journal superblock found
[  170.503165][T11547] EXT4-fs: Ignoring removed mblk_io_submit option
[  170.508530][T11549] EXT4-fs (loop1): Could not load journal inode
[  170.525733][T11547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.559331][T11547] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  170.619268][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.664060][T11571] loop4: detected capacity change from 0 to 2048
[  170.689942][T11571] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2416'.
[  170.760137][T11587] lo speed is unknown, defaulting to 1000
[  170.766676][T11587] lo speed is unknown, defaulting to 1000
[  170.966567][T11617] loop2: detected capacity change from 0 to 2048
[  170.974279][T11617] EXT4-fs: Ignoring removed mblk_io_submit option
[  170.986872][ T1037] Process accounting resumed
[  170.992104][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 234: padding at end of block bitmap is not set
[  171.006683][   T51] EXT4-fs (loop2): Remounting filesystem read-only
[  171.122762][T11639] loop2: detected capacity change from 0 to 1024
[  171.246753][T11650] lo speed is unknown, defaulting to 1000
[  171.263229][T11650] lo speed is unknown, defaulting to 1000
[  171.294131][T11633] loop4: detected capacity change from 0 to 2048
[  171.303979][T11633] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.329664][ T1037] Process accounting resumed
[  171.335578][   T41] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 234: padding at end of block bitmap is not set
[  171.350779][   T41] EXT4-fs (loop4): Remounting filesystem read-only
[  171.351258][T11655] loop2: detected capacity change from 0 to 2048
[  171.364643][T11655] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.394924][T11096] Process accounting resumed
[  171.400248][ T1768] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 234: padding at end of block bitmap is not set
[  171.415168][ T1768] EXT4-fs (loop2): Remounting filesystem read-only
[  171.539557][T11707] loop5: detected capacity change from 0 to 1024
[  171.572921][T11709] loop4: detected capacity change from 0 to 2048
[  171.600101][T11709] EXT4-fs (loop4): failed to initialize system zone (-117)
[  171.610174][T11709] EXT4-fs (loop4): mount failed
[  171.638137][T11723] loop1: detected capacity change from 0 to 2048
[  171.649719][T11723] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.673794][T11096] Process accounting resumed
[  171.678978][ T1768] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 234: padding at end of block bitmap is not set
[  171.702350][T11732] loop5: detected capacity change from 0 to 2048
[  171.732075][ T1768] EXT4-fs (loop1): Remounting filesystem read-only
[  171.743879][T11732] EXT4-fs (loop5): failed to initialize system zone (-117)
[  171.782094][T11732] EXT4-fs (loop5): mount failed
[  171.911137][T11725] loop2: detected capacity change from 0 to 2048
[  171.918179][T11725] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.962074][T11725] Process accounting resumed
[  172.006796][   T31] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 234: padding at end of block bitmap is not set
[  172.025870][   T31] EXT4-fs (loop2): Remounting filesystem read-only
[  172.217396][T11768] lo speed is unknown, defaulting to 1000
[  172.223452][T11768] lo speed is unknown, defaulting to 1000
[  172.291556][T11798] loop2: detected capacity change from 0 to 1024
[  172.536072][T11828] loop4: detected capacity change from 0 to 2048
[  172.632049][T11844] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  172.632122][T11824] ==================================================================
[  172.632150][T11824] BUG: KCSAN: data-race in data_alloc / prb_reserve
[  172.662377][T11824] 
[  172.664695][T11824] write to 0xffffffff8686c248 of 8 bytes by task 11844 on cpu 0:
[  172.672491][T11824]  data_alloc+0x27d/0x2b0
[  172.676831][T11824]  prb_reserve+0x808/0xaf0
[  172.681253][T11824]  vprintk_store+0x56d/0x860
[  172.685835][T11824]  vprintk_emit+0x178/0x650
[  172.690333][T11824]  vprintk_default+0x26/0x30
[  172.694919][T11824]  vprintk+0x1d/0x30
[  172.698810][T11824]  _printk+0x79/0xa0
[  172.702709][T11824]  do_setlink+0xb3b/0x2810
[  172.707130][T11824]  rtnl_newlink+0xd8b/0x12d0
[  172.711713][T11824]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  172.716647][T11824]  netlink_rcv_skb+0x120/0x220
[  172.721413][T11824]  rtnetlink_rcv+0x1c/0x30
[  172.725824][T11824]  netlink_unicast+0x5a1/0x670
[  172.730597][T11824]  netlink_sendmsg+0x58b/0x6b0
[  172.735787][T11824]  __sock_sendmsg+0x142/0x180
[  172.740465][T11824]  ____sys_sendmsg+0x31e/0x4e0
[  172.745242][T11824]  ___sys_sendmsg+0x17b/0x1d0
[  172.749928][T11824]  __x64_sys_sendmsg+0xd4/0x160
[  172.754779][T11824]  x64_sys_call+0x2999/0x2fb0
[  172.759449][T11824]  do_syscall_64+0xd2/0x200
[  172.763943][T11824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.769921][T11824] 
[  172.772238][T11824] read to 0xffffffff8686c248 of 8 bytes by task 11824 on cpu 1:
[  172.779856][T11824]  prb_reserve+0x221/0xaf0
[  172.784272][T11824]  vprintk_store+0x56d/0x860
[  172.788856][T11824]  vprintk_emit+0x178/0x650
[  172.793353][T11824]  vprintk_default+0x26/0x30
[  172.797938][T11824]  vprintk+0x1d/0x30
[  172.801855][T11824]  _printk+0x79/0xa0
[  172.805747][T11824]  set_capacity_and_notify+0x14c/0x1f0
[  172.811208][T11824]  loop_set_size+0x2e/0x70
[  172.815612][T11824]  loop_configure+0x8d3/0xa50
[  172.820289][T11824]  lo_ioctl+0x559/0x15d0
[  172.824529][T11824]  blkdev_ioctl+0x34f/0x440
[  172.829032][T11824]  __se_sys_ioctl+0xce/0x140
[  172.833637][T11824]  __x64_sys_ioctl+0x43/0x50
[  172.838227][T11824]  x64_sys_call+0x19a8/0x2fb0
[  172.842898][T11824]  do_syscall_64+0xd2/0x200
[  172.847392][T11824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.853277][T11824] 
[  172.855589][T11824] value changed: 0xfffffffffffc88c0 -> 0x0000000000067d68
[  172.862683][T11824] 
[  172.864998][T11824] Reported by Kernel Concurrency Sanitizer on:
[  172.871138][T11824] CPU: 1 UID: 0 PID: 11824 Comm: syz.5.2458 Not tainted 6.16.0-rc3-syzkaller-00121-gf02769e7f272 #0 PREEMPT(voluntary) 
[  172.883631][T11824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  172.893683][T11824] ==================================================================
[  172.631992][T11824] loop5: detected capacity change from 0 to 2048
[  172.911487][T11824] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.918087][T11844] loop1: detected capacity change from 0 to 1024
[  172.933755][T11844] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  172.944734][T11844] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  172.964676][T11844] JBD2: no valid journal superblock found
[  172.970436][T11844] EXT4-fs (loop1): Could not load journal inode
[  172.991104][T11096] Process accounting resumed
[  172.996553][ T1768] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 234: padding at end of block bitmap is not set
[  173.011421][ T1768] EXT4-fs (loop5): Remounting filesystem read-only