last executing test programs:

3m37.768363473s ago: executing program 0 (id=1034):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r3}, 0x18)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@private=0xa010102, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e23, 0x0, 0x2, 0x0, 0x0, 0xc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x1, 0x6}, 0x7af, 0x1, 0x1}, [@mark={0xc, 0x15, {0x350759, 0xffff}}]}, 0xc4}}, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x4)
openat(r5, &(0x7f0000000080)='./file0\x00', 0x462102, 0x100)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8"], 0xb8}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r4}, 0x8)
socket$tipc(0x1e, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x2, 0xfffffefc, 0x6}, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000160001f47efde4be701161000a000000040000800400", @ANYRES32=r7], 0x1c}}, 0x804)

3m37.702128734s ago: executing program 0 (id=1036):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1e000000000000000500000006", @ANYRES16], 0x48)
r0 = socket(0x10, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x40, 0xd94, 0x2, 0xa4, 0x3, 0x3000}}}}]}, 0x4c}}, 0x44080)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_usb_connect(0x6, 0x36, &(0x7f0000000280)=ANY=[], 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x0)

3m37.075145282s ago: executing program 0 (id=1052):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)

3m37.048545403s ago: executing program 0 (id=1054):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x400)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e24, @multicast1}, 0x10)
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x19, 0xf, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000178500000085000000b70000000000000095f49c68939303f26cb82a1988133665e603fcec07d4c64884dce5f5b9dac8eaaf63690daf9a33c823c0a629d0e4410692cca8890fd333cd980d5ced86b520f922ea132c25b019d1719077d9510560d9065b4b059c211e3234118e1f178432bf8ac63d3332f386db5b102253196b24bfca8c3c4a7f5c1038b67c9bff54f3b83d4e99d33c3a7e751bd62b8f88995c371a3edd7d3028545f173021d06627e89dbc6ebf093435c04c81ce715f361ebbff690a29e8677553d7dc87c03cafe00b4e"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000300)={0x84, @remote, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'sh\x00'}, 0x2c)

3m36.947005384s ago: executing program 0 (id=1059):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtaction={0x88c, 0x30, 0xffff, 0x3, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x7, 0x0, 0x0, 0xfffffffe, {0x3, 0x0, 0x0, 0x0, 0xb, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x3, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 0x1, 0x25d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x8]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x88c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x400008a, 0x0)
pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
dup(r7)
timer_create(0x5, &(0x7f0000000300)={0x0, 0x20, 0x0, @tid=r0}, &(0x7f0000000340))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)

3m35.997679566s ago: executing program 0 (id=1075):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$netlink(0x10, 0x3, 0xe)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d3cd1b0f200002000fdf700071400"})
r4 = syz_open_pts(r3, 0x0)
r5 = dup3(r4, r3, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
io_submit(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8000, r2, 0x0}])
fsync(r1)

3m20.975029492s ago: executing program 32 (id=1075):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$netlink(0x10, 0x3, 0xe)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d3cd1b0f200002000fdf700071400"})
r4 = syz_open_pts(r3, 0x0)
r5 = dup3(r4, r3, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
io_submit(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8000, r2, 0x0}])
fsync(r1)

1m30.876422153s ago: executing program 2 (id=3586):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000001811000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454da, &(0x7f0000000140)={'batadv0\x00'})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000140)=ANY=[@ANYBLOB='c 1:23'], 0xa)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x109141, 0xdf)
pwrite64(r6, 0x0, 0x0, 0x7ff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
mmap(&(0x7f000091c000/0x1000)=nil, 0x1000, 0x2000003, 0x28012, r7, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r9}, 0x10)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r10}, 0x18)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11}, 0x10)

1m30.664180716s ago: executing program 2 (id=3587):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x400)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r2, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x19, 0xf, &(0x7f0000000ac0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b702000014000000b7030000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000300)={0x84, @remote, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'sh\x00'}, 0x2c)

1m30.028880694s ago: executing program 2 (id=3589):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x304e29ea162c174f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000180)={0x3, 'netpci0\x00', {0x1}, 0x4})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x3, 0xf00, 0x10000)
r3 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0xe4, 0x1, 0x8, 0xf85, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xd}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x19}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x317000}, @CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0xfffffff7}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x32a}, @CTA_TIMEOUT_DCCP_OPEN={0x8, 0x4, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0xcb56}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8, 0x2, 0x1, 0x0, 0x10}, @CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0xf92beead}]}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xf}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1a}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0x100}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0x101}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8, 0x2, 0x1, 0x0, 0x25000000}, @CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0xa681}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x10}, 0x80)

1m29.650621899s ago: executing program 2 (id=3595):
r0 = syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup/syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0x1218088, &(0x7f00000005c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d14fb20e5127150de"], 0xa, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZHOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZndk1uyayWXH382n24Xl+33meJxmySZEnH74823+Qx6OnX/wSWZZEbxzjOExiFL1ofBUnjL8JAOD/7LAo4vdiYZ1cEhHZ5pYFAGzQav//+23zp0tZFgCwQffffe/tnd3du+9kkcW92dcHk/KTffl3Mb7zKD6OaTyM12IYRxHV+4T6g3/ZvlcUxbyfl0ZxazY/mJTJ2QfP6uvv/BZR5bdjGKPjWPVuo8q/tXt3u4rng05+Xq7j+Xr+cZm/E8N48Th8In9nkc+7+Zik8eornfXfjmH8/FF8EtN4UC2izX+5nedvFt/+8fn75fLKfDI/mAyqulaxdZnPCwAAAAAAAAAAAAAAAAAAAAAAV9vtvDl8J78Zt2ZlV33+ztZRWtfUJaM2VY4vWknT1TkfqDQv4vvOkYJ5URe25/v046V+92BBAAAAAAAAAAAAAAAAAAAAuL6efPrZ/t50+vDxhTSa0wD6EfHn/Yh/e51xp+dmnF88qOfcm057dfNEzbO02xNbTU0Sce4yyk1c0MPyT43nTq+5afzwY7nBdS6YdXpeX77BG5vfV3N37e8ly+caRNOT1TfJd2lEW5PGinOlZw0Vsc7tly4dGq699/SFqjE/s6Y5B+Os67zx62K87klO7yKtHtWls9+oG534qXtjpec9skX8768VSXVax2BDr0QAAAAAAAAAAAAAAAAAAED77d8lg0/PjfYKXwUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ipof/9/jca8Dq9QnMbjJ//xFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgG/goAAP///CFRHg==")
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2000007ff)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = syz_open_procfs(r3, &(0x7f0000000400)='ns\x00')
readlinkat(r5, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3)
write$cgroup_pid(r2, &(0x7f00000005c0)=r0, 0x12)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
pread64(r1, &(0x7f00000001c0)=""/254, 0xfe, 0x100)
r7 = openat$cgroup_ro(r6, &(0x7f0000000540)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x1, 0x12)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000900000027000000ff00000000400000", @ANYRES32=r8, @ANYBLOB="010000ff0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000000000000020000000d00"/28], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x18)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r11, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
r12 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r10, 0x8933, &(0x7f00000002c0)={'vxcan0\x00', <r13=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r12, 0x89f8, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000480)={'syztnl1\x00', r13, 0x5708075a3a8d76b7, 0x25, 0x6, 0xf, {{0x5, 0x4, 0x0, 0x7, 0x53, 0x67, 0x0, 0x1, 0x29, 0x0, @empty, @multicast1}}}})

1m29.427058123s ago: executing program 2 (id=3600):
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f00000001c0)={@dev, <r4=>0x0}, &(0x7f0000000200)=0x14)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)={0x138, r3, 0xaf666ae45fe6664f, 0x70bd29, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x1c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x2c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xc}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010102}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x40, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xd}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7f}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x60, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x810}, 0x8041)
syz_io_uring_setup(0x1944, &(0x7f0000000000)={0x0, 0xf628, 0x4000, 0x2, 0x58}, &(0x7f0000000080), &(0x7f00000000c0))

1m28.81345822s ago: executing program 2 (id=3607):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0))
ioprio_set$pid(0x2, 0x0, 0x0)

1m28.759529411s ago: executing program 33 (id=3607):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0))
ioprio_set$pid(0x2, 0x0, 0x0)

54.078357642s ago: executing program 6 (id=4318):
r0 = io_uring_setup(0x6b3, &(0x7f0000000000)={0x0, 0xf324, 0x100, 0xfffffefe, 0xb9})
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000300)={&(0x7f0000002000)={[{0x0, 0x0, 0x2}, {0x0}, {0x0, 0x0, 0x3}, {0x0}]}, 0x4, 0x1}, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f00000075c0)={0x0, 0x0, 0x1}, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{r3}, &(0x7f0000000580), &(0x7f0000000080)='%-5lx  \x00'}, 0x20)
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000740)={'ip6gre0\x00', &(0x7f00000006c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x0, 0x3, 0x1ff, 0x8, @local, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9, 0x1ffe1, 0x7, 0x2}})
umount2(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x1)

53.272596262s ago: executing program 6 (id=4327):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000040))

53.184909423s ago: executing program 6 (id=4330):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000200000046000000000000809500007b0000000085000000aa00000095000000000000003419f1b7080d1b2f983cb434a2129e2cda43b4b9dcfe3579804437504eb9a9e77051c37f69b04b0c522ff681aae8087b519af85cde069edbf71e8eb71fa35e414bc94f84919604955ea6ac27f560c574bfd16b6599e14f30152d19eb17ab51df91fbb7fb31e941e540c2f4837ccf4b6c962505c2c19147585467719ba080e77a94e520c036bf9b6c6ab4877c86c0305a7ff8b263236a70ee59e00b1cc5bf95f6f871e6fe3d3d"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000007c0)={'vxcan1\x00', <r2=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @random="4910075ad2b9", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x1c, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x2, 0x0, 0x0, {[@window={0x3, 0x3, 0x35}, @mss={0x2, 0x4}]}}}}}}}}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r5, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x200000007})
fcntl$lock(r5, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})
write$binfmt_misc(r5, &(0x7f0000000900)="9bb8083e2ba8a02e4e9eaf97bd5f82ec55ecbace8edf2a68098591dfa0a9fdb4a8793e", 0x23)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r7}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000306010100000000000000000100000005000100fa"], 0x1c}}, 0x20000000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='timer_start\x00', r9}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080), 0x81)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x5}, 0x18)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)=@gettfilter={0x54, 0x2e, 0x800, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x3, 0x6}, {0xffe0, 0x8}, {0x1, 0xffe0}}, [{0x8, 0xb, 0x6}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x8ce4}, {0x8, 0xb, 0x10}, {0x8, 0xb, 0x7}, {0x8, 0xb, 0xf04}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
pwritev2(r0, &(0x7f0000000700)=[{&(0x7f0000000100)="fd9fa2e319d6adef752fafe9f8325c1869163adeeffcb33f28b003360c6dd744a27a59a871d1fed74521326e87af32603340f93d4a81da13f5d99683608b33927ac4b9a6126db8f38bdbba1fdf9dad71f5bd28d04a475aabdee0e2e8816e581062cf4088591f8b1ab8645d9c680f12a182bd889ad694185aa9526179229fb6248ddeb3069a72d054024d4d5f518f208f932aca727e41930a59", 0x99}, {&(0x7f0000000280)="a0556f1f52d1d7595d2c6cfd2f42d5d82d478ac5fe54f1d264e823c1a5e1b9d8d2282243eb34ce4d5cefc1bae70a7f5dea21be84bc34a8d917b02b45ae31a49866429c0f25135ec44ee82225a3903ab25e2f1cc9cd77fe40a59822ba5188b263dfa6b1f52547a77fc0759ef294533200e61fda5efee6f26ca494d548c29910860ffecf8024766d9eb13671e88e7e531d870ce8194683230bc4e3f96a2b2377c369764cf77b94c2bf8e3f0b6dbd016b1c5111bda604d7a8c7d0b97bff280bbb1f", 0xc0}, {&(0x7f0000000400)="6ed54b4a6ade41478a8b32ec2235b1ffe7571a7c3955d53c89fc3a1b6ae250a1063b10d74c1afc21c8391d462d20c755f532c2f8a4bea27feb849b890194f3a2bfbb6e6e7e2b5a3fc883daa72810ee0f1807c3229bd8c6ddb8098171cc5ad73093414feee92f42efc19c9d00488ff1cb808437fd1dd1ed86c65046b02c84df8184f87b06133fb1927a75c35fbd847dedeeee", 0x92}, {&(0x7f0000000340)="bf80d2640be3522e36daff6736649d030267296a12a6", 0x16}, {&(0x7f00000004c0)="7f26996fb92dc740f735395ffe08b97c6ddf0bb97ddea4d0c7ff46361c791ce19679b31f651efa46684f7b0b1c1470e247a1df12b869214802297c9788a59d809851b093b3afe6a2ffb9558be32c22f6f3aaba45a6bbc19d7da8f02ed8f4b35297a0fc841029396691806f3a8f68f8900cf5a261b0c3ed0a53ad81ab2fa8a31915b1d547344d22cef40f16a2d0a0a6b95459cfb9eb680a1176960bc73fbb699f4164977de33eb9c686061ea965c2289769ff71e8474b7bba63e1961c661ed9db6c79b351c9eac57e489d9814fe1622e74516595f373d988fa14289149da602bca56e15aec2ed8454d2bbebdd6684ff13f49d40bfc5106b422c7d02a6e0bb7f", 0xff}, {&(0x7f00000005c0)="fdbc283701ec2628cf4bcc7ec24c21c212cd3d068ab702b21c43de5cf2da3bf19b406157f655fb0dad78dab4e05e7da59fc67d296de3698ef20c45cf729ffe106e5610f80eb96abc7b044aec8544318d76f83a336f5c40f24da9bde41341d152a8a137125f5673c66b8a3f5e03b22117c572f2afda70d87a0eee8eacf00478263c2584bb87d004bed8a522f2121a660d2c6909f4db61d962cd180eedf2b876fa", 0xa0}, {&(0x7f0000000680)="b238c48d75bf17825ef5f032af3ae3c74e1cfa0d1091519588f8da9650578c6581a151f6edddd038d0012a7d72b4c3291504c19f10d6b55a2c37ea3c3b481b58dbfb3a0e8dc7249e9f3af55e652a831d4119df949b3ec5848f95ee220da403e160", 0x61}, {&(0x7f0000000380)="e4868417ad1557a654e14daa126644dbe7c46c4b150eb417a24749ca5bd8773d", 0x20}], 0x8, 0x8, 0x7ff, 0xc)

52.933915417s ago: executing program 6 (id=4333):
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x10, 0x0)
fchown(r0, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c020000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084010500ff010000000000000000000000000001400000006c0000000000000000000000000000000000ffff000000000000000000000000000000000000000000000000fc020000000000000000000000000000000000003200000000000000ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000003c00000002000000ac1414bb0000000000000000000000000000000001000000000000000000000000000000e0000002000000000000000000000000000000003300000002000000fe800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003300000002"], 0x23c}}, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x891018, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r3=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000140)={'gre0\x00', &(0x7f00000000c0)={'tunl0\x00', <r4=>0x0, 0xe, 0x40, 0x9, 0x3, {{0x16, 0x4, 0x0, 0x9, 0x58, 0x67, 0x0, 0x43, 0x29, 0x0, @rand_addr=0x64010101, @loopback, {[@timestamp_prespec={0x44, 0x44, 0xf7, 0x3, 0x4, [{@dev={0xac, 0x14, 0x14, 0x21}, 0xfffffff8}, {@multicast1, 0x1}, {@remote, 0xa}, {@multicast2, 0xa6d}, {@multicast2}, {@loopback, 0x4}, {@loopback, 0x9}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x9}]}]}}}}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x40, &(0x7f0000000280)=[{}, {}], 0x10, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0xc, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x74, r2, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x48081}, 0x4000)

52.920169437s ago: executing program 6 (id=4334):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xff58)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d90000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
r2 = socket$inet(0x2, 0x6, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x4, 0x0, 0x0)

52.67554226s ago: executing program 6 (id=4337):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

52.67536208s ago: executing program 34 (id=4337):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

6.902091658s ago: executing program 3 (id=5349):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendfile(r0, r0, 0x0, 0x7a680000)
truncate(&(0x7f0000000200)='./file2\x00', 0x7)

5.817203232s ago: executing program 3 (id=5373):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r1}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

5.331338129s ago: executing program 3 (id=5381):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x304e29ea162c174f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000180)={0x3, 'netpci0\x00', {0x1}, 0x4})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)
r3 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r3, 0x0, 0x0, 0x1001f0)
fallocate(r3, 0x3, 0xf00, 0x10000)
r4 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
pwritev2(r4, &(0x7f0000000240)=[{0x0}], 0x1, 0x7800, 0x0, 0x3)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0xe4, 0x1, 0x8, 0xf85, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xd}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x19}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x317000}, @CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0xfffffff7}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x32a}, @CTA_TIMEOUT_DCCP_OPEN={0x8, 0x4, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0xcb56}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8, 0x2, 0x1, 0x0, 0x10}, @CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0xf92beead}]}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xf}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1a}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0x100}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0x101}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8, 0x2, 0x1, 0x0, 0x25000000}, @CTA_TIMEOUT_SCTP_CLOSED={0x8, 0x1, 0x1, 0x0, 0xa681}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x10}, 0x80)

4.448695881s ago: executing program 3 (id=5398):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[], 0x2c}], 0x1}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x19, 0x109880})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
lsm_set_self_attr(0x67, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

3.403742845s ago: executing program 3 (id=5419):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, 0x0)

2.604197705s ago: executing program 3 (id=5442):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r4, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xcb}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)

2.187491561s ago: executing program 4 (id=5451):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

2.119310622s ago: executing program 4 (id=5453):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendfile(r0, r0, 0x0, 0x7a680000)
truncate(&(0x7f0000000200)='./file2\x00', 0x7)

1.885762495s ago: executing program 4 (id=5456):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r1}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

1.827459876s ago: executing program 4 (id=5458):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x44)

1.772113377s ago: executing program 4 (id=5460):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000bc0)={[{@nobh}, {@data_writeback}], [{@dont_hash}, {@audit}]}, 0x1, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_unlink(&(0x7f0000000340)='eth0\x00')

1.717872257s ago: executing program 4 (id=5465):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r0, 0x0, r4, 0x0, 0x400000, 0x0)

1.470016741s ago: executing program 5 (id=5475):
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x3abe, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

1.419421811s ago: executing program 5 (id=5478):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32], 0x2c}], 0x1}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x19, 0x109880})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
lsm_set_self_attr(0x67, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

1.339047622s ago: executing program 5 (id=5481):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendfile(r0, r0, 0x0, 0x7a680000)
truncate(&(0x7f0000000200)='./file2\x00', 0x7)

990.794457ms ago: executing program 1 (id=5484):
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x8c08, &(0x7f0000000cc0)=ANY=[], 0x1, 0x5c2, &(0x7f0000000e00)="$eJzs3M1u3MYdAPChLMULpXULBI0dx0AYJwf3YGV3VcsQ0oO3FCUx2V0uSCqQT0VQy6lQKS3qFmh88yVt0BY99Vzk2ifoG/Rp8gwquB+2vteKY29b/H6ANMPlf2b+QxEciFgyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhStaazVYUull/azs+W7JW5L1z9k/6+1f43r+HxUkLh36HKISo/gmNRrg2+ujaG89if1T/uhmujrauhkZdNMLj19/84YdvzM/VDReiKJyT0Cvx6IvHv/p0b2/nt7NO5DtwEF28zUbaz8o863U20jgr83h1ZaX5weZ6Ga9n3bS8X1ZpL06KtFPlRXwruRdCWF2O06X7+VZ/Y63TTeNbyY/j1urq3dvtZnMl/mhpkHaKMu9/8NFSmWxm3e4P5kKoY+rdt9vvhLv1ifhxVsVV2unF8cPdvZ3laUnWQa3nCWpPC2o32+1Wq91urdxZvXO32WyMz9anH8w3jwnHm8zP/qTllXstNP5cnyjDjck17rXv+loOF3WQ/G3WKQAAAAAvWTS8xx4N78tfG9bWs27aPBJzEJ3WsvGqUgQAAABe0PBf+6vjGwAhXAvRyf//AQAAgP9tfzr3GbsQRaEcXI4mj6oMtt+P9jt1rbN/afTRpeM9VuvXoyvjTobFyvx4K0lvRG+Ngt6aRH8zLh5OyyMqioXoyXMnMB9COJFA+Eu4Poq5/mBUPpjsGY2yuJ5106Uk737YCp3Olbkq3a5+//nuH0IoioNLX/V7V6LwcHdvZ+kXv957MMzlSd3Lk/3xNyROfFHi6MG4HA7l8runzz2OZ3zv6IwXhjdi6ll/1e8tjsZtHp7/3LD1wYk/6dl/gPBleHsU8/biqFw8Ov9GPWZr6ZTZH86iNdh+//J4sPHMFy6WxY1RzI1b79XFe7fGexYOZdGelkX78PEfHYswd4Ests7K4vCxWD4ni4Owu7ez/IJZAMzKw+Or0GjdDc/W/xPr7re4yk1Z3eslfOrq/supo3wZ3h3FvHt9/tlafOyK3py2rjSfc10P4fQs/hlu/uPvIWyFm5Pgs9bYety/HllVo/2v6wZfnxh38mXLstuO6o1Ll/d/E9589MXj27v7n36289nO5+328krzJ83mnXZYGE5jXFh7ADhFWnwTLVZ/jIoiG/y8tbra6lSbaVzkycdxka1tpHHWr9Ii2ez0N9J4UORVnuTduvJJtpaWcbk1GORFFa/nRTzIy2x7+OaXePzqlzLtdfpVlpSDbtop0zjJ+1UnqeK1rEziwdbPulm5mRbDxuUgTbL1LOlUWd6Py3yrSNKlOC7T9FBgtpb2q2w9q6v9eFBkvU5xP/4k72710ngtLZMiG1T5qMPJWFl/PS96w26XZn2wAeC/xKMwfoPd01fZXbgSGlNiThv3xN0DAOCVOb5KX551QgAAAAAAAAAAAAAAwAmHH9f76fihvBd+IvDcSiO8rJ7HlXuvn7brnZc76EUrIYT5lzrE5MVJM5/p/0elUVfmwqzTmLxn8dv2E4UQpgd/v46Z1RUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM72nwAAAP//TqmPYw==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x178}, 0x18)
mount(0x0, &(0x7f0000000380)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x200002, 0x0)

966.372198ms ago: executing program 7 (id=5485):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
mknod$loop(0x0, 0x100000000000600d, 0x1) (fail_nth: 5)

965.895858ms ago: executing program 1 (id=5486):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000000206030000000000fffff000000000000900020073797a32000100000500040000000000050005000200000010000300686173683a69702c6d61630005000100070000001400078008001340000000000800124009"], 0x5c}}, 0x0)

862.360239ms ago: executing program 1 (id=5487):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d000000"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/48}, 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001640)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffffc2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x18)
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000280)=0x4)
pwritev(r4, &(0x7f0000000180)=[{&(0x7f00000007c0)='\x00!', 0x2}], 0x1, 0x6ad6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESHEX], 0x5c}}, 0x0)

703.667591ms ago: executing program 5 (id=5488):
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x3abe, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

630.616522ms ago: executing program 7 (id=5489):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
truncate(&(0x7f0000000200)='./file2\x00', 0x7)

479.989554ms ago: executing program 5 (id=5490):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000bc0)={[{@nobh}, {@data_writeback}], [{@dont_hash}, {@audit}]}, 0x1, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_unlink(&(0x7f0000000340)='eth0\x00')

315.914936ms ago: executing program 5 (id=5491):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendfile(r0, r0, 0x0, 0x7a680000)
truncate(&(0x7f0000000200)='./file2\x00', 0x7)

315.603836ms ago: executing program 1 (id=5492):
mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x425, 0x8, 0x9, 0x80000000}, 0x10)
socket$packet(0x11, 0x2, 0x300)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0x13}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x25, &(0x7f00000003c0)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r2, 0x25, &(0x7f00000000c0)={0x1, 0x2, 0x0, 0x80000000})
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, 0x0, 0x0, 0x7ffffffff000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0xa, &(0x7f0000000080)=[{0x1, 0x7, 0x7, 0x80f7}, {0x5, 0xa, 0xf, 0x10000}, {0x4, 0x7f, 0x8, 0x6}, {0x401, 0x7, 0xed, 0xb}, {0xd, 0xfc, 0xb, 0xe0e}, {0xa, 0xf, 0x4, 0x5}, {0x8000, 0x6, 0x5}, {0x4, 0x0, 0x3, 0x6}, {0x4, 0x3, 0xf7, 0x1}, {0x6, 0x3, 0x3, 0x7}]})
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x10, r3, 0xa0172000)

300.941056ms ago: executing program 7 (id=5493):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x10383c, 0xffffffff, 0x6, 0x6, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r0 = fsopen(&(0x7f0000000080)='bpf\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
r1 = io_uring_setup(0xf10, &(0x7f000000c480)={0x0, 0xeb9e, 0x1000, 0x1, 0x10000003})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x4f}, './file1/../file0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380100001800800010000000000040003"], 0x44}}, 0x0)

184.619088ms ago: executing program 7 (id=5494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

131.955538ms ago: executing program 1 (id=5495):
r0 = socket(0x23, 0x80805, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
socket(0x2, 0x80805, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x300, 0x0, 0x1, 0x1}, 0x21)

87.675099ms ago: executing program 1 (id=5496):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='rss_stat\x00', r1}, 0x18)
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=")
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_PLIMIT={0x8, 0x800e}]}}]}, 0x38}}, 0x0)

60.148979ms ago: executing program 7 (id=5497):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000000206030000000000fffff000000000000900020073797a32000100000500040000000000050005000200000010000300686173683a69702c6d61630005000100070000001400078008001340000000000800124009"], 0x5c}}, 0x0)

0s ago: executing program 7 (id=5498):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB], 0x2c}], 0x1}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x19, 0x109880})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
lsm_set_self_attr(0x67, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

kernel console output (not intermixed with test programs):

audit: type=1326 audit(1748792735.168:27059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.245316][   T29] audit: type=1326 audit(1748792735.168:27060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.269327][   T29] audit: type=1326 audit(1748792735.168:27061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.293010][   T29] audit: type=1326 audit(1748792735.168:27062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.316598][   T29] audit: type=1326 audit(1748792735.168:27063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.340207][   T29] audit: type=1326 audit(1748792735.178:27064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.363922][   T29] audit: type=1326 audit(1748792735.178:27065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.1.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  266.389385][T18141] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4657: bg 0: block 393: padding at end of block bitmap is not set
[  266.422183][T18141] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117
[  266.434809][T18141] EXT4-fs (loop7): This should not happen!! Data will be lost
[  266.434809][T18141] 
[  266.451980][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.477402][T18139] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.486778][T18139] 8021q: adding VLAN 0 to HW filter on device team0
[  266.504088][T18146] loop5: detected capacity change from 0 to 512
[  266.511123][T18139] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  266.528189][T18140] 
@ÿ: renamed from bond_slave_0
[  266.538126][T18146] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  266.559382][T18146] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.573032][T18146] FAULT_INJECTION: forcing a failure.
[  266.573032][T18146] name failslab, interval 1, probability 0, space 0, times 0
[  266.585873][T18146] CPU: 0 UID: 0 PID: 18146 Comm: syz.5.4659 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  266.585966][T18146] Tainted: [W]=WARN
[  266.585972][T18146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  266.585984][T18146] Call Trace:
[  266.585989][T18146]  <TASK>
[  266.585996][T18146]  __dump_stack+0x1d/0x30
[  266.586022][T18146]  dump_stack_lvl+0xe8/0x140
[  266.586082][T18146]  dump_stack+0x15/0x1b
[  266.586103][T18146]  should_fail_ex+0x265/0x280
[  266.586177][T18146]  should_failslab+0x8c/0xb0
[  266.586210][T18146]  kmem_cache_alloc_noprof+0x50/0x310
[  266.586284][T18146]  ? dquot_alloc+0x26/0x30
[  266.586324][T18146]  dquot_alloc+0x26/0x30
[  266.586351][T18146]  dqget+0x2b2/0x8d0
[  266.586383][T18146]  __dquot_initialize+0x27f/0x7c0
[  266.586446][T18146]  dquot_initialize+0x1a/0x30
[  266.586476][T18146]  ext4_setattr+0x1c0/0xfe0
[  266.586508][T18146]  ? __pfx_ext4_setattr+0x10/0x10
[  266.586539][T18146]  notify_change+0x806/0x890
[  266.586569][T18146]  chown_common+0x29f/0x3c0
[  266.586615][T18146]  ksys_fchown+0xc0/0x110
[  266.586653][T18146]  __x64_sys_fchown+0x3f/0x50
[  266.586756][T18146]  x64_sys_call+0x27f7/0x2fb0
[  266.586782][T18146]  do_syscall_64+0xd0/0x1a0
[  266.586810][T18146]  ? clear_bhb_loop+0x25/0x80
[  266.586866][T18146]  ? clear_bhb_loop+0x25/0x80
[  266.586913][T18146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.586940][T18146] RIP: 0033:0x7f71acfbe969
[  266.586959][T18146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.586981][T18146] RSP: 002b:00007f71ab627038 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[  266.587004][T18146] RAX: ffffffffffffffda RBX: 00007f71ad1e5fa0 RCX: 00007f71acfbe969
[  266.587094][T18146] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000004
[  266.587158][T18146] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  266.587174][T18146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.587189][T18146] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  266.587216][T18146]  </TASK>
[  266.805265][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.816494][T18146] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  266.845007][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.920214][T18161] loop3: detected capacity change from 0 to 1764
[  266.927937][T18161] iso9660: Unknown parameter 'mask'
[  267.004998][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.389112][T18188] loop4: detected capacity change from 0 to 1764
[  267.396505][T18188] iso9660: Unknown parameter 'mask'
[  267.504276][T18193] loop7: detected capacity change from 0 to 512
[  267.530276][T18193] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  267.534013][T18200] serio: Serial port ptm1
[  267.582518][T18193] EXT4-fs (loop7): 1 truncate cleaned up
[  267.603424][T18193] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.633148][T18211] loop4: detected capacity change from 0 to 164
[  267.663496][T18211] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  267.675294][T18217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.685490][T18217] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.703906][T18211] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  267.720947][T18211] Symlink component flag not implemented
[  267.726759][T18211] Symlink component flag not implemented
[  267.732945][T18211] Symlink component flag not implemented (7)
[  267.739080][T18211] Symlink component flag not implemented (116)
[  267.769711][T18233] netlink: 'syz.4.4678': attribute type 27 has an invalid length.
[  267.850834][T18233] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.859090][T18233] 8021q: adding VLAN 0 to HW filter on device team0
[  267.874958][T18233] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  267.910304][T18239] FAULT_INJECTION: forcing a failure.
[  267.910304][T18239] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.923458][T18239] CPU: 0 UID: 0 PID: 18239 Comm: syz.5.4680 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  267.923576][T18239] Tainted: [W]=WARN
[  267.923585][T18239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  267.923598][T18239] Call Trace:
[  267.923605][T18239]  <TASK>
[  267.923615][T18239]  __dump_stack+0x1d/0x30
[  267.923641][T18239]  dump_stack_lvl+0xe8/0x140
[  267.923740][T18239]  dump_stack+0x15/0x1b
[  267.923763][T18239]  should_fail_ex+0x265/0x280
[  267.923807][T18239]  should_fail+0xb/0x20
[  267.923844][T18239]  should_fail_usercopy+0x1a/0x20
[  267.923868][T18239]  _copy_from_user+0x1c/0xb0
[  267.923935][T18239]  kstrtouint_from_user+0x69/0xf0
[  267.923981][T18239]  ? avc_policy_seqno+0x15/0x30
[  267.924024][T18239]  proc_fail_nth_write+0x50/0x160
[  267.924057][T18239]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  267.924157][T18239]  vfs_write+0x266/0x8d0
[  267.924187][T18239]  ? vfs_read+0x47f/0x6f0
[  267.924216][T18239]  ? __rcu_read_unlock+0x4f/0x70
[  267.924277][T18239]  ? __fget_files+0x184/0x1c0
[  267.924379][T18239]  ksys_write+0xda/0x1a0
[  267.924413][T18239]  __x64_sys_write+0x40/0x50
[  267.924445][T18239]  x64_sys_call+0x2cdd/0x2fb0
[  267.924487][T18239]  do_syscall_64+0xd0/0x1a0
[  267.924514][T18239]  ? clear_bhb_loop+0x25/0x80
[  267.924541][T18239]  ? clear_bhb_loop+0x25/0x80
[  267.924566][T18239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.924590][T18239] RIP: 0033:0x7f71acfbd41f
[  267.924621][T18239] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  267.924643][T18239] RSP: 002b:00007f71ab627030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  267.924666][T18239] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f71acfbd41f
[  267.924681][T18239] RDX: 0000000000000001 RSI: 00007f71ab6270a0 RDI: 0000000000000004
[  267.924694][T18239] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  267.924705][T18239] R10: 0000200000000440 R11: 0000000000000293 R12: 0000000000000001
[  267.924717][T18239] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  267.924837][T18239]  </TASK>
[  268.187856][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.348864][T18256] loop3: detected capacity change from 0 to 1764
[  268.355893][T18256] iso9660: Unknown parameter 'mask'
[  268.603000][T18265] FAULT_INJECTION: forcing a failure.
[  268.603000][T18265] name failslab, interval 1, probability 0, space 0, times 0
[  268.615791][T18265] CPU: 1 UID: 0 PID: 18265 Comm: syz.3.4688 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  268.615859][T18265] Tainted: [W]=WARN
[  268.615868][T18265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  268.615901][T18265] Call Trace:
[  268.615908][T18265]  <TASK>
[  268.615919][T18265]  __dump_stack+0x1d/0x30
[  268.615941][T18265]  dump_stack_lvl+0xe8/0x140
[  268.615960][T18265]  dump_stack+0x15/0x1b
[  268.616051][T18265]  should_fail_ex+0x265/0x280
[  268.616149][T18265]  ? slip_open+0x501/0x920
[  268.616170][T18265]  should_failslab+0x8c/0xb0
[  268.616202][T18265]  __kmalloc_cache_noprof+0x4c/0x320
[  268.616230][T18265]  slip_open+0x501/0x920
[  268.616300][T18265]  tty_ldisc_open+0x5a/0xb0
[  268.616359][T18265]  tty_set_ldisc+0x1db/0x380
[  268.616393][T18265]  tiocsetd+0x51/0x60
[  268.616420][T18265]  tty_ioctl+0xa7f/0xb80
[  268.616442][T18265]  ? __pfx_tty_ioctl+0x10/0x10
[  268.616464][T18265]  __se_sys_ioctl+0xcb/0x140
[  268.616531][T18265]  __x64_sys_ioctl+0x43/0x50
[  268.616552][T18265]  x64_sys_call+0x19a8/0x2fb0
[  268.616597][T18265]  do_syscall_64+0xd0/0x1a0
[  268.616619][T18265]  ? clear_bhb_loop+0x25/0x80
[  268.616666][T18265]  ? clear_bhb_loop+0x25/0x80
[  268.616693][T18265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.616719][T18265] RIP: 0033:0x7faad5ade969
[  268.616733][T18265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.616790][T18265] RSP: 002b:00007faad4147038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.616813][T18265] RAX: ffffffffffffffda RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  268.616830][T18265] RDX: 00002000000002c0 RSI: 0000000000005423 RDI: 0000000000000003
[  268.616910][T18265] RBP: 00007faad4147090 R08: 0000000000000000 R09: 0000000000000000
[  268.616926][T18265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.616980][T18265] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  268.616998][T18265]  </TASK>
[  268.853457][T18267] loop3: detected capacity change from 0 to 2048
[  268.887856][T18267]  loop3: p1 < > p4
[  268.892223][T18267] loop3: p4 size 8388608 extends beyond EOD, truncated
[  269.008945][T18281] FAULT_INJECTION: forcing a failure.
[  269.008945][T18281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.022216][T18281] CPU: 0 UID: 0 PID: 18281 Comm: syz.3.4692 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  269.022297][T18281] Tainted: [W]=WARN
[  269.022306][T18281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  269.022321][T18281] Call Trace:
[  269.022326][T18281]  <TASK>
[  269.022333][T18281]  __dump_stack+0x1d/0x30
[  269.022354][T18281]  dump_stack_lvl+0xe8/0x140
[  269.022428][T18281]  dump_stack+0x15/0x1b
[  269.022499][T18281]  should_fail_ex+0x265/0x280
[  269.022531][T18281]  should_fail+0xb/0x20
[  269.022649][T18281]  should_fail_usercopy+0x1a/0x20
[  269.022672][T18281]  _copy_to_user+0x20/0xa0
[  269.022700][T18281]  simple_read_from_buffer+0xb5/0x130
[  269.022736][T18281]  proc_fail_nth_read+0x100/0x140
[  269.022817][T18281]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.022849][T18281]  vfs_read+0x19d/0x6f0
[  269.022878][T18281]  ? __rcu_read_unlock+0x4f/0x70
[  269.022948][T18281]  ? __fget_files+0x184/0x1c0
[  269.022985][T18281]  ksys_read+0xda/0x1a0
[  269.023017][T18281]  __x64_sys_read+0x40/0x50
[  269.023118][T18281]  x64_sys_call+0x2d77/0x2fb0
[  269.023145][T18281]  do_syscall_64+0xd0/0x1a0
[  269.023246][T18281]  ? clear_bhb_loop+0x25/0x80
[  269.023273][T18281]  ? clear_bhb_loop+0x25/0x80
[  269.023299][T18281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.023324][T18281] RIP: 0033:0x7faad5add37c
[  269.023341][T18281] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  269.023400][T18281] RSP: 002b:00007faad4147030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.023418][T18281] RAX: ffffffffffffffda RBX: 00007faad5d05fa0 RCX: 00007faad5add37c
[  269.023430][T18281] RDX: 000000000000000f RSI: 00007faad41470a0 RDI: 0000000000000003
[  269.023442][T18281] RBP: 00007faad4147090 R08: 0000000000000000 R09: 0000000000000000
[  269.023453][T18281] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  269.023477][T18281] R13: 0000000000000001 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  269.023500][T18281]  </TASK>
[  269.332267][T18294] loop7: detected capacity change from 0 to 2048
[  269.363075][T18303] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.390060][T18303] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.414525][T18309] loop3: detected capacity change from 0 to 1024
[  269.443651][T18309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.475764][T18294]  loop7: p1 < > p4
[  269.487408][T18294] loop7: p4 size 8388608 extends beyond EOD, truncated
[  269.516170][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.589123][T18339] random: crng reseeded on system resumption
[  269.672208][T18347] loop7: detected capacity change from 0 to 128
[  269.681117][T18347] syz.7.4707: attempt to access beyond end of device
[  269.681117][T18347] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128
[  270.425289][T18367] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4714'.
[  270.459362][T18371] loop4: detected capacity change from 0 to 1024
[  270.479262][T18371] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.508843][T18385] loop7: detected capacity change from 0 to 2048
[  270.519961][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.537867][T18388] loop5: detected capacity change from 0 to 512
[  270.545102][T18388] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  270.556158][T18393] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  270.557947][T18385]  loop7: p1 < > p4
[  270.569677][T18393] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  270.575542][T18385] loop7: p4 size 8388608 extends beyond EOD, truncated
[  270.586142][T18388] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.599947][T18388] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.614035][T18388] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4719: bg 0: block 304: padding at end of block bitmap is not set
[  270.633723][T18388] EXT4-fs (loop5): Remounting filesystem read-only
[  270.658672][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.777341][T18432] loop3: detected capacity change from 0 to 736
[  270.797325][T18432] rock: directory entry would overflow storage
[  270.803520][T18432] rock: sig=0x5850, size=36, remaining=14
[  270.818787][T11766] rock: directory entry would overflow storage
[  270.825019][T11766] rock: sig=0x5850, size=36, remaining=14
[  270.840410][T18437] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4728'.
[  270.853362][T18437] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  270.870120][T18437] loop3: detected capacity change from 0 to 1024
[  270.887568][T18437] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  270.898138][T18437] bridge_slave_1: left allmulticast mode
[  270.903849][T18437] bridge_slave_1: left promiscuous mode
[  270.909780][T18437] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.917962][T18437] bridge_slave_0: left allmulticast mode
[  270.923787][T18437] bridge_slave_0: left promiscuous mode
[  270.929740][T18437] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.304643][T18457] loop4: detected capacity change from 0 to 1024
[  271.311410][T18457] EXT4-fs: Ignoring removed nobh option
[  271.317222][T18457] ext2: Unknown parameter 'dont_hash'
[  271.325615][   T29] kauditd_printk_skb: 153 callbacks suppressed
[  271.325631][   T29] audit: type=1326 audit(1748792740.298:27217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18455 comm="syz.4.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04916e969 code=0x7ffc0000
[  271.385000][   T29] audit: type=1326 audit(1748792740.338:27218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18455 comm="syz.4.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7ff04916e969 code=0x7ffc0000
[  271.408938][   T29] audit: type=1326 audit(1748792740.338:27219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18455 comm="syz.4.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff04916e969 code=0x7ffc0000
[  271.730581][T18476] loop7: detected capacity change from 0 to 1024
[  271.764670][T18479] loop3: detected capacity change from 0 to 1024
[  271.772045][T18479] EXT4-fs: Ignoring removed nobh option
[  271.778007][T18479] ext2: Unknown parameter 'dont_hash'
[  271.786472][T18476] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.801958][   T29] audit: type=1326 audit(1748792740.788:27220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18477 comm="syz.3.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  271.825843][   T29] audit: type=1326 audit(1748792740.788:27221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18477 comm="syz.3.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  271.849649][   T29] audit: type=1326 audit(1748792740.788:27222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18477 comm="syz.3.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  271.873828][   T29] audit: type=1326 audit(1748792740.788:27223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18477 comm="syz.3.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  271.897536][   T29] audit: type=1326 audit(1748792740.788:27224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18477 comm="syz.3.4741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  271.927088][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.976935][   T29] audit: type=1326 audit(1748792740.948:27225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18496 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  272.000602][   T29] audit: type=1326 audit(1748792740.948:27226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18496 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  272.036925][T18507] FAULT_INJECTION: forcing a failure.
[  272.036925][T18507] name failslab, interval 1, probability 0, space 0, times 0
[  272.049656][T18507] CPU: 1 UID: 0 PID: 18507 Comm: syz.5.4751 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  272.049698][T18507] Tainted: [W]=WARN
[  272.049707][T18507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  272.049724][T18507] Call Trace:
[  272.049731][T18507]  <TASK>
[  272.049741][T18507]  __dump_stack+0x1d/0x30
[  272.049767][T18507]  dump_stack_lvl+0xe8/0x140
[  272.049805][T18507]  dump_stack+0x15/0x1b
[  272.049825][T18507]  should_fail_ex+0x265/0x280
[  272.049866][T18507]  should_failslab+0x8c/0xb0
[  272.049945][T18507]  kmem_cache_alloc_noprof+0x50/0x310
[  272.050027][T18507]  ? radix_tree_node_alloc+0x8a/0x1f0
[  272.050054][T18507]  radix_tree_node_alloc+0x8a/0x1f0
[  272.050119][T18507]  idr_get_free+0x1fa/0x550
[  272.050160][T18507]  idr_alloc_u32+0xca/0x180
[  272.050192][T18507]  tcf_idr_check_alloc+0x193/0x240
[  272.050221][T18507]  tunnel_key_init+0x1b7/0xe20
[  272.050301][T18507]  ? __nla_validate_parse+0x1652/0x1d00
[  272.050337][T18507]  tcf_action_init_1+0x367/0x4a0
[  272.050372][T18507]  tcf_action_init+0x1be/0x5f0
[  272.050513][T18507]  tc_ctl_action+0x291/0x830
[  272.050559][T18507]  ? __pfx_tc_ctl_action+0x10/0x10
[  272.050668][T18507]  rtnetlink_rcv_msg+0x657/0x6d0
[  272.050703][T18507]  netlink_rcv_skb+0x120/0x220
[  272.050754][T18507]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  272.050791][T18507]  rtnetlink_rcv+0x1c/0x30
[  272.050817][T18507]  netlink_unicast+0x59e/0x670
[  272.050874][T18507]  netlink_sendmsg+0x58b/0x6b0
[  272.050925][T18507]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.050968][T18507]  __sock_sendmsg+0x142/0x180
[  272.051006][T18507]  ____sys_sendmsg+0x31e/0x4e0
[  272.051032][T18507]  ___sys_sendmsg+0x17b/0x1d0
[  272.051074][T18507]  __x64_sys_sendmsg+0xd4/0x160
[  272.051104][T18507]  x64_sys_call+0x2999/0x2fb0
[  272.051166][T18507]  do_syscall_64+0xd0/0x1a0
[  272.051187][T18507]  ? clear_bhb_loop+0x25/0x80
[  272.051208][T18507]  ? clear_bhb_loop+0x25/0x80
[  272.051284][T18507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.051323][T18507] RIP: 0033:0x7f71acfbe969
[  272.051342][T18507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.051364][T18507] RSP: 002b:00007f71ab627038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.051388][T18507] RAX: ffffffffffffffda RBX: 00007f71ad1e5fa0 RCX: 00007f71acfbe969
[  272.051404][T18507] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000006
[  272.051418][T18507] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  272.051432][T18507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.051448][T18507] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  272.051488][T18507]  </TASK>
[  272.328069][T18509] FAULT_INJECTION: forcing a failure.
[  272.328069][T18509] name failslab, interval 1, probability 0, space 0, times 0
[  272.340875][T18509] CPU: 0 UID: 0 PID: 18509 Comm: syz.7.4752 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  272.340915][T18509] Tainted: [W]=WARN
[  272.340924][T18509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  272.340940][T18509] Call Trace:
[  272.340949][T18509]  <TASK>
[  272.341028][T18509]  __dump_stack+0x1d/0x30
[  272.341053][T18509]  dump_stack_lvl+0xe8/0x140
[  272.341077][T18509]  dump_stack+0x15/0x1b
[  272.341117][T18509]  should_fail_ex+0x265/0x280
[  272.341172][T18509]  should_failslab+0x8c/0xb0
[  272.341210][T18509]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  272.341236][T18509]  ? sidtab_sid2str_get+0xa0/0x130
[  272.341301][T18509]  kmemdup_noprof+0x2b/0x70
[  272.341324][T18509]  sidtab_sid2str_get+0xa0/0x130
[  272.341352][T18509]  security_sid_to_context_core+0x1eb/0x2e0
[  272.341412][T18509]  security_sid_to_context+0x27/0x40
[  272.341453][T18509]  avc_audit_post_callback+0x10f/0x520
[  272.341574][T18509]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  272.341611][T18509]  common_lsm_audit+0x1b8/0x230
[  272.341642][T18509]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  272.341705][T18509]  slow_avc_audit+0x104/0x140
[  272.341852][T18509]  avc_has_perm+0x128/0x150
[  272.341886][T18509]  selinux_socket_recvmsg+0x175/0x1b0
[  272.341913][T18509]  security_socket_recvmsg+0x50/0x90
[  272.341940][T18509]  sock_recvmsg+0x38/0x170
[  272.341973][T18509]  __sys_recvfrom+0x122/0x1f0
[  272.342039][T18509]  __x64_sys_recvfrom+0x76/0x90
[  272.342079][T18509]  x64_sys_call+0x1a52/0x2fb0
[  272.342105][T18509]  do_syscall_64+0xd0/0x1a0
[  272.342131][T18509]  ? clear_bhb_loop+0x25/0x80
[  272.342172][T18509]  ? clear_bhb_loop+0x25/0x80
[  272.342273][T18509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.342295][T18509] RIP: 0033:0x7f821d47e969
[  272.342310][T18509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.342357][T18509] RSP: 002b:00007f821bae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  272.342474][T18509] RAX: ffffffffffffffda RBX: 00007f821d6a5fa0 RCX: 00007f821d47e969
[  272.342559][T18509] RDX: 000000000001ffd4 RSI: 0000200000000140 RDI: 0000000000000008
[  272.342575][T18509] RBP: 00007f821bae7090 R08: 0000000000000000 R09: 0000000000000000
[  272.342590][T18509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.342604][T18509] R13: 0000000000000000 R14: 00007f821d6a5fa0 R15: 00007fffc09f8b88
[  272.342623][T18509]  </TASK>
[  272.674735][T18520] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4756'.
[  272.756854][T18540] netlink: 'syz.5.4764': attribute type 27 has an invalid length.
[  272.765020][T18537] loop3: detected capacity change from 0 to 2048
[  272.808087][T18537]  loop3: p1 < > p4
[  272.815923][T18537] loop3: p4 size 8388608 extends beyond EOD, truncated
[  272.827453][T18546] FAULT_INJECTION: forcing a failure.
[  272.827453][T18546] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  272.840788][T18546] CPU: 1 UID: 0 PID: 18546 Comm: syz.1.4765 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  272.840848][T18546] Tainted: [W]=WARN
[  272.840854][T18546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  272.840867][T18546] Call Trace:
[  272.840874][T18546]  <TASK>
[  272.840882][T18546]  __dump_stack+0x1d/0x30
[  272.840904][T18546]  dump_stack_lvl+0xe8/0x140
[  272.840923][T18546]  dump_stack+0x15/0x1b
[  272.840946][T18546]  should_fail_ex+0x265/0x280
[  272.840979][T18546]  should_fail_alloc_page+0xf2/0x100
[  272.841011][T18546]  __alloc_frozen_pages_noprof+0xff/0x360
[  272.841047][T18546]  alloc_pages_mpol+0xb3/0x250
[  272.841070][T18546]  alloc_pages_noprof+0x90/0x130
[  272.841158][T18546]  pgd_alloc+0x4f/0x2b0
[  272.841256][T18546]  mm_init+0x34b/0x810
[  272.841321][T18546]  ? kmem_cache_alloc_noprof+0x220/0x310
[  272.841381][T18546]  ? copy_mm+0xdf/0x1310
[  272.841406][T18546]  copy_mm+0x11b/0x1310
[  272.841433][T18546]  ? __hrtimer_setup+0x144/0x170
[  272.841493][T18546]  ? __pfx_it_real_fn+0x10/0x10
[  272.841594][T18546]  ? __pfx_it_real_fn+0x10/0x10
[  272.841619][T18546]  ? tty_audit_fork+0x4b/0x60
[  272.841640][T18546]  ? __init_rwsem+0x5d/0x70
[  272.841777][T18546]  copy_process+0xcf1/0x1f90
[  272.841809][T18546]  kernel_clone+0x16c/0x5b0
[  272.841835][T18546]  ? vfs_write+0x75e/0x8d0
[  272.841862][T18546]  __x64_sys_clone+0xe6/0x120
[  272.841938][T18546]  x64_sys_call+0x2c59/0x2fb0
[  272.841960][T18546]  do_syscall_64+0xd0/0x1a0
[  272.841982][T18546]  ? clear_bhb_loop+0x25/0x80
[  272.842062][T18546]  ? clear_bhb_loop+0x25/0x80
[  272.842084][T18546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.842105][T18546] RIP: 0033:0x7f3529dbe969
[  272.842122][T18546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.842164][T18546] RSP: 002b:00007f3528426fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  272.842205][T18546] RAX: ffffffffffffffda RBX: 00007f3529fe5fa0 RCX: 00007f3529dbe969
[  272.842218][T18546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[  272.842230][T18546] RBP: 00007f3528427090 R08: 0000000000000000 R09: 0000000000000000
[  272.842243][T18546] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  272.842255][T18546] R13: 0000000000000000 R14: 00007f3529fe5fa0 R15: 00007ffd813ab048
[  272.842273][T18546]  </TASK>
[  273.096217][T18540] 8021q: adding VLAN 0 to HW filter on device bond0
[  273.125179][T18540] 8021q: adding VLAN 0 to HW filter on device team0
[  273.162551][T18552] loop4: detected capacity change from 0 to 1024
[  273.173573][T18552] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869)
[  273.183238][T18540] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  273.216845][T18552] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002]
[  273.225133][T18552] System zones: 0-1, 3-36
[  273.230085][T18552] EXT4-fs (loop4): orphan cleanup on readonly fs
[  273.268203][T18552] EXT4-fs (loop4): 1 orphan inode deleted
[  273.350906][T18565] loop5: detected capacity change from 0 to 1024
[  273.373344][T18565] EXT4-fs: Ignoring removed nobh option
[  273.396050][T18565] ext2: Unknown parameter 'dont_hash'
[  273.658009][T18552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  273.774033][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.786699][T18582] loop5: detected capacity change from 0 to 512
[  273.802911][T18582] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  273.825364][T18596] loop7: detected capacity change from 0 to 512
[  273.833077][T18596] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  273.850947][T18582] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4776: Failed to acquire dquot type 0
[  273.866707][T18582] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  273.881930][T18582] EXT4-fs (loop5): 1 truncate cleaned up
[  273.888472][T18582] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.906347][T18582] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.4776: Failed to acquire dquot type 0
[  273.908219][T18607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=18607 comm=syz.4.4785
[  273.930511][T18607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=18607 comm=syz.4.4785
[  273.931463][T18596] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.4782: Failed to acquire dquot type 0
[  273.943227][T18607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2580 sclass=netlink_route_socket pid=18607 comm=syz.4.4785
[  273.956561][T18596] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  273.967272][T18607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2568 sclass=netlink_route_socket pid=18607 comm=syz.4.4785
[  273.994563][T18607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2562 sclass=netlink_route_socket pid=18607 comm=syz.4.4785
[  273.998902][T18596] EXT4-fs (loop7): 1 truncate cleaned up
[  274.014645][T18596] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.032015][T18607] netlink: 'syz.4.4785': attribute type 1 has an invalid length.
[  274.041883][T18596] FAULT_INJECTION: forcing a failure.
[  274.041883][T18596] name failslab, interval 1, probability 0, space 0, times 0
[  274.054739][T18596] CPU: 0 UID: 0 PID: 18596 Comm: syz.7.4782 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  274.054777][T18596] Tainted: [W]=WARN
[  274.054785][T18596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  274.054801][T18596] Call Trace:
[  274.054808][T18596]  <TASK>
[  274.054818][T18596]  __dump_stack+0x1d/0x30
[  274.054919][T18596]  dump_stack_lvl+0xe8/0x140
[  274.054941][T18596]  dump_stack+0x15/0x1b
[  274.054963][T18596]  should_fail_ex+0x265/0x280
[  274.055054][T18596]  should_failslab+0x8c/0xb0
[  274.055090][T18596]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  274.055149][T18596]  ? __d_alloc+0x3d/0x350
[  274.055199][T18596]  __d_alloc+0x3d/0x350
[  274.055277][T18596]  d_alloc+0x2e/0x100
[  274.055315][T18596]  lookup_one_qstr_excl_raw+0x95/0x1b0
[  274.055374][T18596]  do_renameat2+0x3e0/0xab0
[  274.055415][T18596]  __x64_sys_rename+0x58/0x70
[  274.055449][T18596]  x64_sys_call+0x2aee/0x2fb0
[  274.055476][T18596]  do_syscall_64+0xd0/0x1a0
[  274.055535][T18596]  ? clear_bhb_loop+0x25/0x80
[  274.055560][T18596]  ? clear_bhb_loop+0x25/0x80
[  274.055648][T18596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.055668][T18596] RIP: 0033:0x7f821d47e969
[  274.055685][T18596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.055707][T18596] RSP: 002b:00007f821bae7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  274.055731][T18596] RAX: ffffffffffffffda RBX: 00007f821d6a5fa0 RCX: 00007f821d47e969
[  274.055747][T18596] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000200000000180
[  274.055838][T18596] RBP: 00007f821bae7090 R08: 0000000000000000 R09: 0000000000000000
[  274.055850][T18596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.055862][T18596] R13: 0000000000000000 R14: 00007f821d6a5fa0 R15: 00007fffc09f8b88
[  274.055881][T18596]  </TASK>
[  274.057593][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.094467][T18607] 8021q: adding VLAN 0 to HW filter on device bond1
[  274.094866][T18608] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4785'.
[  274.273243][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.274183][T18608] bond1 (unregistering): Released all slaves
[  274.295759][T18609] lo: entered promiscuous mode
[  274.324880][T18688] loop5: detected capacity change from 0 to 1024
[  274.336068][T18608] lo: left promiscuous mode
[  274.362016][T18688] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.403552][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.422275][T18707] FAULT_INJECTION: forcing a failure.
[  274.422275][T18707] name failslab, interval 1, probability 0, space 0, times 0
[  274.435149][T18707] CPU: 0 UID: 0 PID: 18707 Comm: syz.4.4795 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  274.435190][T18707] Tainted: [W]=WARN
[  274.435199][T18707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  274.435290][T18707] Call Trace:
[  274.435298][T18707]  <TASK>
[  274.435347][T18707]  __dump_stack+0x1d/0x30
[  274.435374][T18707]  dump_stack_lvl+0xe8/0x140
[  274.435398][T18707]  dump_stack+0x15/0x1b
[  274.435425][T18707]  should_fail_ex+0x265/0x280
[  274.435464][T18707]  ? genl_start+0x117/0x390
[  274.435492][T18707]  should_failslab+0x8c/0xb0
[  274.435564][T18707]  __kmalloc_cache_noprof+0x4c/0x320
[  274.435592][T18707]  genl_start+0x117/0x390
[  274.435622][T18707]  __netlink_dump_start+0x331/0x520
[  274.435696][T18707]  genl_family_rcv_msg_dumpit+0x115/0x180
[  274.435727][T18707]  ? __pfx_genl_start+0x10/0x10
[  274.435754][T18707]  ? __pfx_genl_dumpit+0x10/0x10
[  274.435780][T18707]  ? __pfx_genl_done+0x10/0x10
[  274.435894][T18707]  genl_rcv_msg+0x3f0/0x460
[  274.435923][T18707]  ? __pfx_ethnl_rss_dump_start+0x10/0x10
[  274.435951][T18707]  ? __pfx_ethnl_rss_dumpit+0x10/0x10
[  274.436020][T18707]  netlink_rcv_skb+0x120/0x220
[  274.436134][T18707]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.436171][T18707]  genl_rcv+0x28/0x40
[  274.436196][T18707]  netlink_unicast+0x59e/0x670
[  274.436234][T18707]  netlink_sendmsg+0x58b/0x6b0
[  274.436338][T18707]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.436379][T18707]  __sock_sendmsg+0x142/0x180
[  274.436410][T18707]  ____sys_sendmsg+0x31e/0x4e0
[  274.436458][T18707]  ___sys_sendmsg+0x17b/0x1d0
[  274.436497][T18707]  __x64_sys_sendmsg+0xd4/0x160
[  274.436532][T18707]  x64_sys_call+0x2999/0x2fb0
[  274.436552][T18707]  do_syscall_64+0xd0/0x1a0
[  274.436682][T18707]  ? clear_bhb_loop+0x25/0x80
[  274.436703][T18707]  ? clear_bhb_loop+0x25/0x80
[  274.436725][T18707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.436752][T18707] RIP: 0033:0x7ff04916e969
[  274.436771][T18707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.436827][T18707] RSP: 002b:00007ff0477d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.436851][T18707] RAX: ffffffffffffffda RBX: 00007ff049395fa0 RCX: 00007ff04916e969
[  274.436868][T18707] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  274.436883][T18707] RBP: 00007ff0477d7090 R08: 0000000000000000 R09: 0000000000000000
[  274.436899][T18707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.436929][T18707] R13: 0000000000000000 R14: 00007ff049395fa0 R15: 00007ffc0f77bb88
[  274.436953][T18707]  </TASK>
[  274.447584][T18709] loop7: detected capacity change from 0 to 2048
[  274.496624][T18711] loop4: detected capacity change from 0 to 1024
[  274.541711][T18709] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.543709][T18711] EXT4-fs: Ignoring removed nobh option
[  274.727445][T18711] ext2: Unknown parameter 'dont_hash'
[  274.791856][T18731] loop5: detected capacity change from 0 to 164
[  274.855420][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.993536][T18774] loop7: detected capacity change from 0 to 736
[  275.032811][T16486] rock: directory entry would overflow storage
[  275.039095][T16486] rock: sig=0x5850, size=36, remaining=14
[  275.058072][T18779] loop5: detected capacity change from 0 to 1024
[  275.070000][T18773] program syz.1.4820 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  275.093532][T18779] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.110868][T18786] FAULT_INJECTION: forcing a failure.
[  275.110868][T18786] name failslab, interval 1, probability 0, space 0, times 0
[  275.126071][T18786] CPU: 1 UID: 0 PID: 18786 Comm: syz.7.4822 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  275.126252][T18786] Tainted: [W]=WARN
[  275.126341][T18786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  275.126357][T18786] Call Trace:
[  275.126365][T18786]  <TASK>
[  275.126374][T18786]  __dump_stack+0x1d/0x30
[  275.126396][T18786]  dump_stack_lvl+0xe8/0x140
[  275.126415][T18786]  dump_stack+0x15/0x1b
[  275.126431][T18786]  should_fail_ex+0x265/0x280
[  275.126531][T18786]  should_failslab+0x8c/0xb0
[  275.126569][T18786]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  275.126612][T18786]  ? shmem_alloc_inode+0x34/0x50
[  275.126730][T18786]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  275.126825][T18786]  shmem_alloc_inode+0x34/0x50
[  275.126869][T18786]  alloc_inode+0x3d/0x170
[  275.126900][T18786]  new_inode+0x1d/0xe0
[  275.126934][T18786]  shmem_get_inode+0x244/0x750
[  275.126996][T18786]  __shmem_file_setup+0x122/0x1f0
[  275.127029][T18786]  shmem_file_setup+0x3b/0x50
[  275.127058][T18786]  __se_sys_memfd_create+0x2c3/0x590
[  275.127086][T18786]  __x64_sys_memfd_create+0x31/0x40
[  275.127175][T18786]  x64_sys_call+0x122f/0x2fb0
[  275.127260][T18786]  do_syscall_64+0xd0/0x1a0
[  275.127368][T18786]  ? clear_bhb_loop+0x25/0x80
[  275.127396][T18786]  ? clear_bhb_loop+0x25/0x80
[  275.127424][T18786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.127449][T18786] RIP: 0033:0x7f821d47e969
[  275.127468][T18786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.127486][T18786] RSP: 002b:00007f821bae6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  275.127584][T18786] RAX: ffffffffffffffda RBX: 00000000000005fc RCX: 00007f821d47e969
[  275.127599][T18786] RDX: 00007f821bae6ef0 RSI: 0000000000000000 RDI: 00007f821d501444
[  275.127615][T18786] RBP: 0000200000000600 R08: 00007f821bae6bb7 R09: 00007f821bae6e40
[  275.127630][T18786] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  275.127657][T18786] R13: 00007f821bae6ef0 R14: 00007f821bae6eb0 R15: 00002000000004c0
[  275.127682][T18786]  </TASK>
[  275.363649][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.435487][T18800] loop7: detected capacity change from 0 to 1024
[  275.442493][T18800] EXT4-fs: Ignoring removed nobh option
[  275.449015][T18800] ext2: Unknown parameter 'dont_hash'
[  275.500220][T18814] xt_hashlimit: overflow, try lower: 18446744073709551615/7
[  275.589996][T18822] FAULT_INJECTION: forcing a failure.
[  275.589996][T18822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.603346][T18822] CPU: 1 UID: 0 PID: 18822 Comm: syz.1.4838 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  275.603421][T18822] Tainted: [W]=WARN
[  275.603442][T18822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  275.603458][T18822] Call Trace:
[  275.603466][T18822]  <TASK>
[  275.603536][T18822]  __dump_stack+0x1d/0x30
[  275.603571][T18822]  dump_stack_lvl+0xe8/0x140
[  275.603596][T18822]  dump_stack+0x15/0x1b
[  275.603650][T18822]  should_fail_ex+0x265/0x280
[  275.603699][T18822]  should_fail+0xb/0x20
[  275.603749][T18822]  should_fail_usercopy+0x1a/0x20
[  275.603771][T18822]  _copy_from_iter+0xcf/0xdd0
[  275.603791][T18822]  ? __build_skb_around+0x1a0/0x200
[  275.603825][T18822]  ? __alloc_skb+0x223/0x320
[  275.603937][T18822]  netlink_sendmsg+0x471/0x6b0
[  275.603983][T18822]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.604023][T18822]  __sock_sendmsg+0x142/0x180
[  275.604055][T18822]  ____sys_sendmsg+0x31e/0x4e0
[  275.604115][T18822]  ___sys_sendmsg+0x17b/0x1d0
[  275.604170][T18822]  __x64_sys_sendmsg+0xd4/0x160
[  275.604197][T18822]  x64_sys_call+0x2999/0x2fb0
[  275.604358][T18822]  do_syscall_64+0xd0/0x1a0
[  275.604385][T18822]  ? clear_bhb_loop+0x25/0x80
[  275.604437][T18822]  ? clear_bhb_loop+0x25/0x80
[  275.604457][T18822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.604477][T18822] RIP: 0033:0x7f3529dbe969
[  275.604492][T18822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.604587][T18822] RSP: 002b:00007f3528427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  275.604672][T18822] RAX: ffffffffffffffda RBX: 00007f3529fe5fa0 RCX: 00007f3529dbe969
[  275.604689][T18822] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000004
[  275.604705][T18822] RBP: 00007f3528427090 R08: 0000000000000000 R09: 0000000000000000
[  275.604720][T18822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.604803][T18822] R13: 0000000000000000 R14: 00007f3529fe5fa0 R15: 00007ffd813ab048
[  275.604826][T18822]  </TASK>
[  275.905510][T18837] loop5: detected capacity change from 0 to 1024
[  275.927973][T18837] EXT4-fs: Ignoring removed nobh option
[  275.933627][T18837] ext2: Unknown parameter 'dont_hash'
[  275.936370][T18847] netlink: 'syz.7.4847': attribute type 27 has an invalid length.
[  275.958359][T18844] loop4: detected capacity change from 0 to 2048
[  275.969489][T18844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.039846][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.058101][T18862] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.081432][T18862] 8021q: adding VLAN 0 to HW filter on device team0
[  276.097054][T18862] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.149020][T18880] loop7: detected capacity change from 0 to 736
[  276.176798][T16486] rock: directory entry would overflow storage
[  276.183093][T16486] rock: sig=0x5850, size=36, remaining=14
[  276.200349][T18890] netlink: 'syz.5.4862': attribute type 27 has an invalid length.
[  276.260734][T18890] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.271625][T18890] 8021q: adding VLAN 0 to HW filter on device team0
[  276.281855][T18890] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.330006][   T29] kauditd_printk_skb: 414 callbacks suppressed
[  276.330021][   T29] audit: type=1326 audit(1748792745.308:27635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.360929][   T29] audit: type=1326 audit(1748792745.308:27636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.384713][   T29] audit: type=1326 audit(1748792745.308:27637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.408351][   T29] audit: type=1326 audit(1748792745.308:27638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.432038][   T29] audit: type=1326 audit(1748792745.308:27639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.441954][T18905] FAULT_INJECTION: forcing a failure.
[  276.441954][T18905] name failslab, interval 1, probability 0, space 0, times 0
[  276.455638][   T29] audit: type=1326 audit(1748792745.308:27640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.468285][T18905] CPU: 1 UID: 0 PID: 18905 Comm: syz.5.4868 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  276.468323][T18905] Tainted: [W]=WARN
[  276.468333][T18905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  276.468350][T18905] Call Trace:
[  276.468361][T18905]  <TASK>
[  276.468372][T18905]  __dump_stack+0x1d/0x30
[  276.468402][T18905]  dump_stack_lvl+0xe8/0x140
[  276.468478][T18905]  dump_stack+0x15/0x1b
[  276.468500][T18905]  should_fail_ex+0x265/0x280
[  276.468542][T18905]  should_failslab+0x8c/0xb0
[  276.468624][T18905]  kmem_cache_alloc_noprof+0x50/0x310
[  276.468681][T18905]  ? audit_log_start+0x365/0x6c0
[  276.468720][T18905]  audit_log_start+0x365/0x6c0
[  276.468790][T18905]  audit_seccomp+0x48/0x100
[  276.468821][T18905]  ? __seccomp_filter+0x68c/0x10d0
[  276.468848][T18905]  __seccomp_filter+0x69d/0x10d0
[  276.468887][T18905]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  276.468920][T18905]  ? vfs_write+0x75e/0x8d0
[  276.468959][T18905]  ? __rcu_read_unlock+0x4f/0x70
[  276.468987][T18905]  ? __fget_files+0x184/0x1c0
[  276.469032][T18905]  __secure_computing+0x82/0x150
[  276.469060][T18905]  syscall_trace_enter+0xcf/0x1e0
[  276.469216][T18905]  do_syscall_64+0xaa/0x1a0
[  276.469244][T18905]  ? clear_bhb_loop+0x25/0x80
[  276.469272][T18905]  ? clear_bhb_loop+0x25/0x80
[  276.469301][T18905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.469378][T18905] RIP: 0033:0x7f71acfbe969
[  276.469411][T18905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.469434][T18905] RSP: 002b:00007f71ab627038 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[  276.469460][T18905] RAX: ffffffffffffffda RBX: 00007f71ad1e5fa0 RCX: 00007f71acfbe969
[  276.469476][T18905] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000003
[  276.469493][T18905] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  276.469508][T18905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.469552][T18905] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  276.469577][T18905]  </TASK>
[  276.469613][T18905] audit: audit_lost=15 audit_rate_limit=0 audit_backlog_limit=64
[  276.491855][   T29] audit: type=1326 audit(1748792745.308:27641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.504210][T18905] audit: out of memory in audit_log_start
[  276.508141][   T29] audit: type=1326 audit(1748792745.308:27642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.5.4867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  276.876755][T18926] loop5: detected capacity change from 0 to 736
[  276.901665][T18929] loop3: detected capacity change from 0 to 2048
[  276.905857][T15933] rock: directory entry would overflow storage
[  276.914348][T15933] rock: sig=0x5850, size=36, remaining=14
[  276.954672][T18929] Alternate GPT is invalid, using primary GPT.
[  276.961125][T18929]  loop3: p1 p2 p3
[  277.770794][T18997] loop3: detected capacity change from 0 to 1764
[  277.778107][T18997] iso9660: Unknown parameter 'mask'
[  277.834355][T19004] loop3: detected capacity change from 0 to 2048
[  277.877993][T19004]  loop3: p1 < > p4
[  277.884629][T19004] loop3: p4 size 8388608 extends beyond EOD, truncated
[  278.104570][T19020] netlink: 'syz.3.4899': attribute type 27 has an invalid length.
[  278.135904][T19017] loop5: detected capacity change from 0 to 1764
[  278.163536][T19017] iso9660: Unknown parameter 'mask'
[  278.211427][T19022] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.251708][T19022] 8021q: adding VLAN 0 to HW filter on device team0
[  278.290391][T19022] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  278.336430][T19036] loop5: detected capacity change from 0 to 736
[  278.372565][T15933] rock: directory entry would overflow storage
[  278.379020][T15933] rock: sig=0x5850, size=36, remaining=14
[  278.383023][T19044] tmpfs: Bad value for 'mpol'
[  278.400952][T19044] netlink: 'syz.3.4903': attribute type 10 has an invalid length.
[  278.412647][T19044] 8021q: adding VLAN 0 to HW filter on device batadv0
[  278.421690][T19052] loop5: detected capacity change from 0 to 736
[  278.422254][T19044] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  278.476791][T19057] loop7: detected capacity change from 0 to 2048
[  278.490172][T19052] rock: directory entry would overflow storage
[  278.496498][T19052] rock: sig=0x5850, size=36, remaining=14
[  278.514514][T15933] rock: directory entry would overflow storage
[  278.520874][T15933] rock: sig=0x5850, size=36, remaining=14
[  278.602720][T19057]  loop7: p1 < > p4
[  278.607334][T19057] loop7: p4 size 8388608 extends beyond EOD, truncated
[  278.849806][T19087] netlink: 'syz.5.4915': attribute type 27 has an invalid length.
[  278.863156][T19083] loop7: detected capacity change from 0 to 1764
[  278.889669][T19083] iso9660: Unknown parameter 'mask'
[  279.037806][T19089] 8021q: adding VLAN 0 to HW filter on device bond0
[  279.046216][T19089] 8021q: adding VLAN 0 to HW filter on device team0
[  279.069184][T19089] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  279.105077][T19097] loop7: detected capacity change from 0 to 512
[  279.124567][T19101] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4919'.
[  279.139948][T19097] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.4917: Failed to acquire dquot type 1
[  279.152723][T19097] EXT4-fs (loop7): 1 truncate cleaned up
[  279.159843][T19097] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.172833][T19097] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.185879][T19097] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  279.218247][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.240325][T19115] loop7: detected capacity change from 0 to 1024
[  279.247023][T19115] EXT4-fs: Ignoring removed nobh option
[  279.252796][T19115] ext2: Unknown parameter 'dont_hash'
[  279.260011][T19117] SELinux:  policydb version 0 does not match my version range 15-34
[  279.268995][T19117] SELinux: failed to load policy
[  279.293008][T19123] FAULT_INJECTION: forcing a failure.
[  279.293008][T19123] name failslab, interval 1, probability 0, space 0, times 0
[  279.305786][T19123] CPU: 1 UID: 0 PID: 19123 Comm: syz.7.4925 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  279.305872][T19123] Tainted: [W]=WARN
[  279.305881][T19123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  279.305896][T19123] Call Trace:
[  279.305903][T19123]  <TASK>
[  279.305912][T19123]  __dump_stack+0x1d/0x30
[  279.305932][T19123]  dump_stack_lvl+0xe8/0x140
[  279.305950][T19123]  dump_stack+0x15/0x1b
[  279.305966][T19123]  should_fail_ex+0x265/0x280
[  279.306044][T19123]  should_failslab+0x8c/0xb0
[  279.306154][T19123]  __kvmalloc_node_noprof+0x126/0x4d0
[  279.306172][T19123]  ? traverse+0x9d/0x3a0
[  279.306209][T19123]  traverse+0x9d/0x3a0
[  279.306226][T19123]  seq_read_iter+0x853/0x940
[  279.306242][T19123]  ? _raw_spin_unlock+0x26/0x50
[  279.306275][T19123]  ? alloc_pages_bulk_noprof+0x38f/0x540
[  279.306299][T19123]  copy_splice_read+0x3c1/0x5f0
[  279.306369][T19123]  ? __pfx_copy_splice_read+0x10/0x10
[  279.306388][T19123]  splice_direct_to_actor+0x26c/0x680
[  279.306408][T19123]  ? __pfx_direct_splice_actor+0x10/0x10
[  279.306470][T19123]  do_splice_direct+0xda/0x150
[  279.306495][T19123]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  279.306630][T19123]  do_sendfile+0x380/0x640
[  279.306662][T19123]  __x64_sys_sendfile64+0xb8/0x150
[  279.306691][T19123]  x64_sys_call+0xb39/0x2fb0
[  279.306711][T19123]  do_syscall_64+0xd0/0x1a0
[  279.306832][T19123]  ? clear_bhb_loop+0x25/0x80
[  279.306852][T19123]  ? clear_bhb_loop+0x25/0x80
[  279.306922][T19123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.306942][T19123] RIP: 0033:0x7f821d47e969
[  279.306962][T19123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.306986][T19123] RSP: 002b:00007f821bae7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  279.307081][T19123] RAX: ffffffffffffffda RBX: 00007f821d6a5fa0 RCX: 00007f821d47e969
[  279.307093][T19123] RDX: 0000200000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  279.307103][T19123] RBP: 00007f821bae7090 R08: 0000000000000000 R09: 0000000000000000
[  279.307114][T19123] R10: 00000002000007ff R11: 0000000000000246 R12: 0000000000000001
[  279.307125][T19123] R13: 0000000000000000 R14: 00007f821d6a5fa0 R15: 00007fffc09f8b88
[  279.307245][T19123]  </TASK>
[  279.615990][T19130] loop7: detected capacity change from 0 to 1764
[  279.623237][T19130] iso9660: Unknown parameter 'mask'
[  279.669627][T19141] loop7: detected capacity change from 0 to 736
[  279.697000][T16486] rock: directory entry would overflow storage
[  279.703427][T16486] rock: sig=0x5850, size=36, remaining=14
[  279.732727][T19153] loop7: detected capacity change from 0 to 1024
[  279.739732][T19153] EXT4-fs: Ignoring removed nobh option
[  279.745331][T19153] ext2: Unknown parameter 'dont_hash'
[  279.842204][T19168] netlink: 10 bytes leftover after parsing attributes in process `syz.7.4941'.
[  279.859419][T19168] loop7: detected capacity change from 0 to 512
[  279.868145][T19168] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.4941: corrupted in-inode xattr: invalid ea_ino
[  279.881848][T19168] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.4941: couldn't read orphan inode 15 (err -117)
[  279.894623][T19168] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.933086][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.977624][T19187] FAULT_INJECTION: forcing a failure.
[  279.977624][T19187] name failslab, interval 1, probability 0, space 0, times 0
[  279.990544][T19187] CPU: 0 UID: 0 PID: 19187 Comm: syz.5.4945 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  279.990584][T19187] Tainted: [W]=WARN
[  279.990593][T19187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  279.990693][T19187] Call Trace:
[  279.990701][T19187]  <TASK>
[  279.990710][T19187]  __dump_stack+0x1d/0x30
[  279.990735][T19187]  dump_stack_lvl+0xe8/0x140
[  279.990760][T19187]  dump_stack+0x15/0x1b
[  279.990781][T19187]  should_fail_ex+0x265/0x280
[  279.990867][T19187]  ? nf_tables_newtable+0x375/0xea0
[  279.990898][T19187]  should_failslab+0x8c/0xb0
[  279.990966][T19187]  __kmalloc_cache_noprof+0x4c/0x320
[  279.990985][T19187]  ? __nla_validate_parse+0x1652/0x1d00
[  279.991016][T19187]  nf_tables_newtable+0x375/0xea0
[  279.991091][T19187]  nfnetlink_rcv+0xb96/0x1690
[  279.991141][T19187]  netlink_unicast+0x59e/0x670
[  279.991221][T19187]  netlink_sendmsg+0x58b/0x6b0
[  279.991264][T19187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.991382][T19187]  __sock_sendmsg+0x142/0x180
[  279.991437][T19187]  ____sys_sendmsg+0x31e/0x4e0
[  279.991503][T19187]  ___sys_sendmsg+0x17b/0x1d0
[  279.991537][T19187]  __x64_sys_sendmsg+0xd4/0x160
[  279.991565][T19187]  x64_sys_call+0x2999/0x2fb0
[  279.991645][T19187]  do_syscall_64+0xd0/0x1a0
[  279.991672][T19187]  ? clear_bhb_loop+0x25/0x80
[  279.991705][T19187]  ? clear_bhb_loop+0x25/0x80
[  279.991769][T19187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.991796][T19187] RIP: 0033:0x7f71acfbe969
[  279.991814][T19187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.991837][T19187] RSP: 002b:00007f71ab627038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.991859][T19187] RAX: ffffffffffffffda RBX: 00007f71ad1e5fa0 RCX: 00007f71acfbe969
[  279.991926][T19187] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  279.991941][T19187] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  279.991956][T19187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.991971][T19187] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  279.991988][T19187]  </TASK>
[  279.993060][T19184] loop4: detected capacity change from 0 to 736
[  280.005961][T19182] loop7: detected capacity change from 0 to 1764
[  280.046350][T10548] rock: directory entry would overflow storage
[  280.057952][T19182] iso9660: Unknown parameter 'mask'
[  280.059457][T10548] rock: sig=0x5850, size=36, remaining=14
[  280.329634][T19229] loop7: detected capacity change from 0 to 736
[  280.360809][T19236] loop4: detected capacity change from 0 to 1024
[  280.367568][T19236] EXT4-fs: Ignoring removed nobh option
[  280.369201][T16486] rock: directory entry would overflow storage
[  280.374225][T19236] ext2: Unknown parameter 'dont_hash'
[  280.379369][T16486] rock: sig=0x5850, size=36, remaining=14
[  280.472648][T19251] loop4: detected capacity change from 0 to 2048
[  280.488687][T19251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.021278][T19278] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4971'.
[  281.030753][T19278] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  281.049310][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.078472][T19284] loop4: detected capacity change from 0 to 1024
[  281.085294][T19284] EXT4-fs: Ignoring removed nobh option
[  281.091296][T19284] ext2: Unknown parameter 'dont_hash'
[  281.121865][T19293] netlink: 'syz.4.4976': attribute type 27 has an invalid length.
[  281.214343][T19293] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.223412][T19293] 8021q: adding VLAN 0 to HW filter on device team0
[  281.233617][T19293] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  281.347272][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  281.347289][   T29] audit: type=1326 audit(1748792750.318:27910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.390999][   T29] audit: type=1326 audit(1748792750.358:27911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.415107][   T29] audit: type=1326 audit(1748792750.358:27912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.438786][   T29] audit: type=1326 audit(1748792750.358:27913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.462425][   T29] audit: type=1326 audit(1748792750.358:27914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.486396][   T29] audit: type=1326 audit(1748792750.368:27915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.510109][   T29] audit: type=1326 audit(1748792750.368:27916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19306 comm="syz.5.4982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71acfbe969 code=0x7ffc0000
[  281.533827][   T29] audit: type=1326 audit(1748792750.368:27917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19326 comm="syz.3.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  281.557462][   T29] audit: type=1326 audit(1748792750.368:27918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19326 comm="syz.3.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  281.581271][   T29] audit: type=1326 audit(1748792750.368:27919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19326 comm="syz.3.4987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  281.617273][T19340] loop7: detected capacity change from 0 to 736
[  281.642560][T16486] rock: directory entry would overflow storage
[  281.648859][T16486] rock: sig=0x5850, size=36, remaining=14
[  281.788305][T19364] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.796946][T19364] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.884014][T19379] program syz.3.5001 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  281.891879][T19381] loop7: detected capacity change from 0 to 736
[  281.920068][T16486] rock: directory entry would overflow storage
[  281.926273][T16486] rock: sig=0x5850, size=36, remaining=14
[  281.956187][T19388] loop7: detected capacity change from 0 to 1764
[  281.963627][T19388] iso9660: Unknown parameter 'mask'
[  282.115349][T19405] netlink: 'syz.1.5009': attribute type 27 has an invalid length.
[  282.182279][T19390] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5003'.
[  282.209195][T19413] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.217370][T19413] 8021q: adding VLAN 0 to HW filter on device team0
[  282.226559][T19413] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  282.281647][T19422] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5010'.
[  282.995703][T19464] netlink: 'syz.7.5027': attribute type 27 has an invalid length.
[  283.014929][T19466] loop5: detected capacity change from 0 to 512
[  283.022553][T19466] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  283.045084][T19466] EXT4-fs (loop5): 1 truncate cleaned up
[  283.051593][T19466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.112771][T19464] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.134005][T19464] 8021q: adding VLAN 0 to HW filter on device team0
[  283.198484][T19483] EXT4-fs: Ignoring removed orlov option
[  283.206905][T19483] EXT4-fs (loop5): can't enable nombcache during remount
[  283.234942][T19464] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.552814][T19531] loop7: detected capacity change from 0 to 1024
[  283.581306][T19531] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.618955][T19549] loop4: detected capacity change from 0 to 256
[  283.661007][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.835791][T19592] loop7: detected capacity change from 0 to 2048
[  283.888141][T19592]  loop7: p1 < > p4
[  283.892750][T19592] loop7: p4 size 8388608 extends beyond EOD, truncated
[  283.917751][T19615] loop4: detected capacity change from 0 to 1024
[  283.941365][T19615] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.996143][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.118425][T19666] loop4: detected capacity change from 0 to 512
[  284.141350][T19666] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.5066: corrupted in-inode xattr: invalid ea_ino
[  284.155311][T19666] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5066: couldn't read orphan inode 15 (err -117)
[  284.169470][T19666] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.209544][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.319113][T19693] loop7: detected capacity change from 0 to 2048
[  284.367771][T19693]  loop7: p1 < > p4
[  284.375859][T19693] loop7: p4 size 8388608 extends beyond EOD, truncated
[  284.736115][T19727] netlink: 'syz.7.5075': attribute type 27 has an invalid length.
[  284.836298][T19727] 8021q: adding VLAN 0 to HW filter on device bond0
[  284.844809][T19727] 8021q: adding VLAN 0 to HW filter on device team0
[  284.854664][T19727] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  284.946702][T19763] loop7: detected capacity change from 0 to 2048
[  285.007655][T19763]  loop7: p1 < > p4
[  285.012166][T19763] loop7: p4 size 8388608 extends beyond EOD, truncated
[  285.082739][T19782] loop7: detected capacity change from 0 to 1024
[  285.099366][T19782] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.127560][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.521768][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.701853][T19799] loop5: detected capacity change from 0 to 1024
[  285.708699][T19799] EXT4-fs: Ignoring removed nobh option
[  285.714325][T19799] ext2: Unknown parameter 'dont_hash'
[  285.750585][T19811] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5095'.
[  285.789272][T19815] FAULT_INJECTION: forcing a failure.
[  285.789272][T19815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.802497][T19815] CPU: 1 UID: 0 PID: 19815 Comm: syz.5.5096 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  285.802533][T19815] Tainted: [W]=WARN
[  285.802540][T19815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  285.802553][T19815] Call Trace:
[  285.802607][T19815]  <TASK>
[  285.802615][T19815]  __dump_stack+0x1d/0x30
[  285.802706][T19815]  dump_stack_lvl+0xe8/0x140
[  285.802731][T19815]  dump_stack+0x15/0x1b
[  285.802747][T19815]  should_fail_ex+0x265/0x280
[  285.802779][T19815]  should_fail+0xb/0x20
[  285.802851][T19815]  should_fail_usercopy+0x1a/0x20
[  285.802870][T19815]  _copy_to_user+0x20/0xa0
[  285.802909][T19815]  simple_read_from_buffer+0xb5/0x130
[  285.802935][T19815]  proc_fail_nth_read+0x100/0x140
[  285.802962][T19815]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  285.803026][T19815]  vfs_read+0x19d/0x6f0
[  285.803048][T19815]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  285.803073][T19815]  ? __rcu_read_unlock+0x4f/0x70
[  285.803189][T19815]  ? __fget_files+0x184/0x1c0
[  285.803270][T19815]  ksys_read+0xda/0x1a0
[  285.803295][T19815]  __x64_sys_read+0x40/0x50
[  285.803320][T19815]  x64_sys_call+0x2d77/0x2fb0
[  285.803351][T19815]  do_syscall_64+0xd0/0x1a0
[  285.803373][T19815]  ? clear_bhb_loop+0x25/0x80
[  285.803394][T19815]  ? clear_bhb_loop+0x25/0x80
[  285.803463][T19815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.803484][T19815] RIP: 0033:0x7f71acfbd37c
[  285.803499][T19815] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  285.803517][T19815] RSP: 002b:00007f71ab627030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  285.803573][T19815] RAX: ffffffffffffffda RBX: 00007f71ad1e5fa0 RCX: 00007f71acfbd37c
[  285.803586][T19815] RDX: 000000000000000f RSI: 00007f71ab6270a0 RDI: 0000000000000006
[  285.803598][T19815] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  285.803609][T19815] R10: 0000000000fffe80 R11: 0000000000000246 R12: 0000000000000001
[  285.803622][T19815] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  285.803641][T19815]  </TASK>
[  286.090720][T19831] loop7: detected capacity change from 0 to 736
[  286.129453][T19834] block device autoloading is deprecated and will be removed.
[  286.140565][T16486] rock: directory entry would overflow storage
[  286.146874][T16486] rock: sig=0x5850, size=36, remaining=14
[  286.204244][T19857] loop7: detected capacity change from 0 to 1024
[  286.216607][T19857] EXT4-fs: Ignoring removed nobh option
[  286.222540][T19857] ext2: Unknown parameter 'dont_hash'
[  286.315773][T19881] loop5: detected capacity change from 0 to 512
[  286.324156][T19881] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.5115: corrupted in-inode xattr: invalid ea_ino
[  286.338297][T19881] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.5115: couldn't read orphan inode 15 (err -117)
[  286.351689][T19881] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.364779][   T29] kauditd_printk_skb: 253 callbacks suppressed
[  286.364797][   T29] audit: type=1326 audit(1748792755.328:28173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.394789][   T29] audit: type=1326 audit(1748792755.328:28174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.418558][   T29] audit: type=1326 audit(1748792755.328:28175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.442056][   T29] audit: type=1326 audit(1748792755.328:28176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.465826][   T29] audit: type=1326 audit(1748792755.328:28177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.489572][   T29] audit: type=1326 audit(1748792755.338:28178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.513281][   T29] audit: type=1326 audit(1748792755.338:28179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.538270][   T29] audit: type=1326 audit(1748792755.338:28180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.563827][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.578140][   T29] audit: type=1326 audit(1748792755.558:28181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.601832][   T29] audit: type=1326 audit(1748792755.558:28182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19885 comm="syz.1.5116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  286.634491][T19891] loop3: detected capacity change from 0 to 2048
[  286.677009][T19891]  loop3: p1 < > p4
[  286.685792][T19908] netlink: 'syz.5.5123': attribute type 27 has an invalid length.
[  286.693794][T19891] loop3: p4 size 8388608 extends beyond EOD, truncated
[  286.694637][T19905] loop7: detected capacity change from 0 to 1024
[  286.737641][T19905] EXT4-fs: Ignoring removed nobh option
[  286.745739][T19905] ext2: Unknown parameter 'dont_hash'
[  286.784241][T19908] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.793906][T19908] 8021q: adding VLAN 0 to HW filter on device team0
[  286.803862][T19908] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  286.914093][T19953] netlink: '+}[@': attribute type 10 has an invalid length.
[  286.923377][T19953] hsr_slave_0: left promiscuous mode
[  286.930327][T19953] hsr_slave_1: left promiscuous mode
[  286.940396][T19958] loop3: detected capacity change from 0 to 2048
[  286.978301][T19958]  loop3: p1 < > p4
[  286.983004][T19958] loop3: p4 size 8388608 extends beyond EOD, truncated
[  287.049889][T19982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.058770][T19982] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.077120][T19985] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  287.247068][T20011] program syz.3.5150 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.366404][T20017] loop3: detected capacity change from 0 to 1764
[  287.373481][T20017] iso9660: Unknown parameter 'mask'
[  287.417509][T20023] loop3: detected capacity change from 0 to 1024
[  287.424363][T20023] EXT4-fs: Ignoring removed nobh option
[  287.430202][T20023] ext2: Unknown parameter 'dont_hash'
[  287.456066][T20028] loop3: detected capacity change from 0 to 512
[  287.464319][T20028] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.5154: corrupted in-inode xattr: invalid ea_ino
[  287.478141][T20028] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5154: couldn't read orphan inode 15 (err -117)
[  287.490830][T20028] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.513876][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.676507][T20051] loop7: detected capacity change from 0 to 512
[  287.685129][T20051] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.698043][T20051] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  287.749257][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.759460][T20056] loop5: detected capacity change from 0 to 1764
[  287.766428][T20056] iso9660: Unknown parameter 'mask'
[  287.777438][T20064] loop7: detected capacity change from 0 to 512
[  287.785370][T20064] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.5165: corrupted in-inode xattr: invalid ea_ino
[  287.799130][T20064] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.5165: couldn't read orphan inode 15 (err -117)
[  287.811962][T20064] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.837323][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.864958][T20072] loop7: detected capacity change from 0 to 2048
[  287.888964][T20072] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.033245][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.079542][T20112] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5179'.
[  288.123187][T20110] program syz.7.5177 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.246181][T20122] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5181'.
[  288.276463][T20142] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5190'.
[  288.301430][T20144] loop4: detected capacity change from 0 to 736
[  288.329834][T10548] rock: directory entry would overflow storage
[  288.336234][T10548] rock: sig=0x5850, size=36, remaining=14
[  288.509366][T20156] loop3: detected capacity change from 0 to 736
[  288.538369][T11766] rock: directory entry would overflow storage
[  288.544768][T11766] rock: sig=0x5850, size=36, remaining=14
[  288.618696][T20166] loop3: detected capacity change from 0 to 736
[  288.654770][T20171] loop3: detected capacity change from 0 to 1024
[  288.679183][T20171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.765335][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.115335][T20199] loop7: detected capacity change from 0 to 736
[  289.146854][T16486] rock: directory entry would overflow storage
[  289.153140][T16486] rock: sig=0x5850, size=36, remaining=14
[  289.188832][T20221] loop7: detected capacity change from 0 to 736
[  289.216462][T16486] rock: directory entry would overflow storage
[  289.222901][T16486] rock: sig=0x5850, size=36, remaining=14
[  289.266363][T20236] loop4: detected capacity change from 0 to 736
[  289.293555][T10548] rock: directory entry would overflow storage
[  289.299861][T10548] rock: sig=0x5850, size=36, remaining=14
[  289.320273][T20241] loop5: detected capacity change from 0 to 2048
[  289.348328][T20252] loop7: detected capacity change from 0 to 736
[  289.350238][T20241] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.373141][T20241] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  289.390572][T16486] rock: directory entry would overflow storage
[  289.396885][T16486] rock: sig=0x5850, size=36, remaining=14
[  289.404820][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.436665][T20262] loop5: detected capacity change from 0 to 2048
[  289.449485][T20262] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.513218][T20273] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  289.571093][T20278] loop7: detected capacity change from 0 to 736
[  289.613176][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.699350][T20299] loop5: detected capacity change from 0 to 512
[  289.703294][T20301] loop7: detected capacity change from 0 to 1024
[  289.714088][T20299] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.5234: corrupted in-inode xattr: invalid ea_ino
[  289.729129][T20301] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.729143][T20299] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.5234: couldn't read orphan inode 15 (err -117)
[  289.754453][T20299] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.806501][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.842307][T20315] loop3: detected capacity change from 0 to 736
[  289.873716][T11766] rock: directory entry would overflow storage
[  289.880183][T11766] rock: sig=0x5850, size=36, remaining=14
[  289.888784][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.910538][T20322] loop3: detected capacity change from 0 to 2048
[  289.935965][T20322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.959763][T20322] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  290.003972][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.039767][T20350] FAULT_INJECTION: forcing a failure.
[  290.039767][T20350] name failslab, interval 1, probability 0, space 0, times 0
[  290.052596][T20350] CPU: 0 UID: 0 PID: 20350 Comm: syz.5.5249 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  290.052629][T20350] Tainted: [W]=WARN
[  290.052702][T20350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  290.052714][T20350] Call Trace:
[  290.052721][T20350]  <TASK>
[  290.052730][T20350]  __dump_stack+0x1d/0x30
[  290.052756][T20350]  dump_stack_lvl+0xe8/0x140
[  290.052842][T20350]  dump_stack+0x15/0x1b
[  290.052861][T20350]  should_fail_ex+0x265/0x280
[  290.052895][T20350]  should_failslab+0x8c/0xb0
[  290.052956][T20350]  __kmalloc_noprof+0xa5/0x3e0
[  290.052978][T20350]  ? tun_device_event+0x3f1/0x980
[  290.053053][T20350]  tun_device_event+0x3f1/0x980
[  290.053077][T20350]  ? bond_netdev_event+0x5c/0x750
[  290.053096][T20350]  ? inetdev_event+0x566/0xc10
[  290.053121][T20350]  ? macvtap_device_event+0x58/0x300
[  290.053206][T20350]  ? __pfx_tun_device_event+0x10/0x10
[  290.053234][T20350]  raw_notifier_call_chain+0x6c/0x1b0
[  290.053254][T20350]  ? call_netdevice_notifiers_info+0x9c/0x100
[  290.053364][T20350]  call_netdevice_notifiers_info+0xae/0x100
[  290.053397][T20350]  netif_change_tx_queue_len+0xba/0x170
[  290.053428][T20350]  dev_change_tx_queue_len+0xc0/0x170
[  290.053468][T20350]  dev_ifsioc+0x1a1/0xaa0
[  290.053498][T20350]  ? __rcu_read_unlock+0x4f/0x70
[  290.053526][T20350]  dev_ioctl+0x70a/0x960
[  290.053549][T20350]  sock_do_ioctl+0x197/0x220
[  290.053641][T20350]  sock_ioctl+0x41b/0x610
[  290.053684][T20350]  ? __pfx_sock_ioctl+0x10/0x10
[  290.053758][T20350]  __se_sys_ioctl+0xcb/0x140
[  290.053785][T20350]  __x64_sys_ioctl+0x43/0x50
[  290.053806][T20350]  x64_sys_call+0x19a8/0x2fb0
[  290.053832][T20350]  do_syscall_64+0xd0/0x1a0
[  290.053859][T20350]  ? clear_bhb_loop+0x25/0x80
[  290.053959][T20350]  ? clear_bhb_loop+0x25/0x80
[  290.053983][T20350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.054010][T20350] RIP: 0033:0x7f71acfbe969
[  290.054027][T20350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.054044][T20350] RSP: 002b:00007f71ab627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  290.054066][T20350] RAX: ffffffffffffffda RBX: 00007f71ad1e5fa0 RCX: 00007f71acfbe969
[  290.054140][T20350] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000004
[  290.054155][T20350] RBP: 00007f71ab627090 R08: 0000000000000000 R09: 0000000000000000
[  290.054171][T20350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.054186][T20350] R13: 0000000000000000 R14: 00007f71ad1e5fa0 R15: 00007ffff3b7c188
[  290.054205][T20350]  </TASK>
[  290.054214][T20350] syzkaller0: refused to change device tx_queue_len
[  290.086329][T20355] loop3: detected capacity change from 0 to 736
[  290.101051][T20357] loop7: detected capacity change from 0 to 736
[  290.351061][T16486] rock: directory entry would overflow storage
[  290.357398][T16486] rock: sig=0x5850, size=36, remaining=14
[  290.394971][T20376] loop4: detected capacity change from 0 to 2048
[  290.416653][T20384] loop7: detected capacity change from 0 to 2048
[  290.419447][T20376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.462080][T20384] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.528976][T20407] loop5: detected capacity change from 0 to 736
[  290.550394][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.581303][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.592689][T20418] loop4: detected capacity change from 0 to 2048
[  290.606275][T20424] loop7: detected capacity change from 0 to 1024
[  290.620532][T20418] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.620825][T20424] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.667618][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.705804][T20436] loop5: detected capacity change from 0 to 1024
[  290.711420][T20418] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  290.730339][T20437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.733292][T20418] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 960 with max blocks 32 with error 28
[  290.739068][T20437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.751246][T20418] EXT4-fs (loop4): This should not happen!! Data will be lost
[  290.751246][T20418] 
[  290.768669][T20418] EXT4-fs (loop4): Total free blocks count 0
[  290.774685][T20418] EXT4-fs (loop4): Free/Dirty block details
[  290.780866][T20418] EXT4-fs (loop4): free_blocks=2415919104
[  290.786627][T20418] EXT4-fs (loop4): dirty_blocks=32
[  290.791884][T20418] EXT4-fs (loop4): Block reservation details
[  290.792634][T20436] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.798016][T20418] EXT4-fs (loop4): i_reserved_data_blocks=2
[  290.837362][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.852765][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.995548][T20479] FAULT_INJECTION: forcing a failure.
[  290.995548][T20479] name failslab, interval 1, probability 0, space 0, times 0
[  291.008410][T20479] CPU: 0 UID: 0 PID: 20479 Comm: syz.4.5277 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  291.008449][T20479] Tainted: [W]=WARN
[  291.008457][T20479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  291.008478][T20479] Call Trace:
[  291.008485][T20479]  <TASK>
[  291.008492][T20479]  __dump_stack+0x1d/0x30
[  291.008588][T20479]  dump_stack_lvl+0xe8/0x140
[  291.008611][T20479]  dump_stack+0x15/0x1b
[  291.008631][T20479]  should_fail_ex+0x265/0x280
[  291.008709][T20479]  should_failslab+0x8c/0xb0
[  291.008743][T20479]  kmem_cache_alloc_node_noprof+0x57/0x320
[  291.008844][T20479]  ? __alloc_skb+0x101/0x320
[  291.008874][T20479]  __alloc_skb+0x101/0x320
[  291.008928][T20479]  skb_copy+0xf0/0x3f0
[  291.008977][T20479]  ip6_err_gen_icmpv6_unreach+0x174/0x520
[  291.009006][T20479]  ? ipip6_tunnel_lookup+0x46c/0x4a0
[  291.009042][T20479]  ipip6_err+0x3b4/0x5b0
[  291.009075][T20479]  tunnelmpls4_err+0x41/0xa0
[  291.009095][T20479]  ? __pfx_tunnelmpls4_err+0x10/0x10
[  291.009198][T20479]  icmp_unreach+0x45a/0x600
[  291.009227][T20479]  icmp_rcv+0xb61/0xdd0
[  291.009254][T20479]  ? __pfx_icmp_rcv+0x10/0x10
[  291.009277][T20479]  ip_protocol_deliver_rcu+0x420/0x780
[  291.009311][T20479]  ip_local_deliver_finish+0x184/0x220
[  291.009347][T20479]  ip_local_deliver+0xe8/0x1c0
[  291.009439][T20479]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  291.009606][T20479]  ? __pfx_ip_local_deliver+0x10/0x10
[  291.009643][T20479]  ip_rcv_finish+0x188/0x1a0
[  291.009673][T20479]  ip_rcv+0x62/0x140
[  291.009757][T20479]  ? __pfx_ip_rcv_finish+0x10/0x10
[  291.009792][T20479]  ? __pfx_ip_rcv+0x10/0x10
[  291.009818][T20479]  __netif_receive_skb+0xff/0x270
[  291.009943][T20479]  ? tun_rx_batched+0xc7/0x430
[  291.010031][T20479]  netif_receive_skb+0x4b/0x2e0
[  291.010058][T20479]  ? tun_rx_batched+0xc7/0x430
[  291.010111][T20479]  tun_rx_batched+0xfc/0x430
[  291.010135][T20479]  tun_get_user+0x1e07/0x24d0
[  291.010178][T20479]  ? ref_tracker_alloc+0x1f2/0x2f0
[  291.010223][T20479]  tun_chr_write_iter+0x15e/0x210
[  291.010253][T20479]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  291.010332][T20479]  vfs_write+0x49d/0x8d0
[  291.010369][T20479]  ksys_write+0xda/0x1a0
[  291.010427][T20479]  __x64_sys_write+0x40/0x50
[  291.010457][T20479]  x64_sys_call+0x2cdd/0x2fb0
[  291.010482][T20479]  do_syscall_64+0xd0/0x1a0
[  291.010553][T20479]  ? clear_bhb_loop+0x25/0x80
[  291.010575][T20479]  ? clear_bhb_loop+0x25/0x80
[  291.010595][T20479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.010619][T20479] RIP: 0033:0x7ff04916d41f
[  291.010659][T20479] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  291.010739][T20479] RSP: 002b:00007ff0477d7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  291.010757][T20479] RAX: ffffffffffffffda RBX: 00007ff049395fa0 RCX: 00007ff04916d41f
[  291.010769][T20479] RDX: 00000000000000da RSI: 0000200000001600 RDI: 00000000000000c8
[  291.010785][T20479] RBP: 00007ff0477d7090 R08: 0000000000000000 R09: 0000000000000000
[  291.010802][T20479] R10: 00000000000000da R11: 0000000000000293 R12: 0000000000000001
[  291.010817][T20479] R13: 0000000000000001 R14: 00007ff049395fa0 R15: 00007ffc0f77bb88
[  291.010840][T20479]  </TASK>
[  291.015696][T20477] program syz.5.5278 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  291.424903][T20499] loop3: detected capacity change from 0 to 2048
[  291.453803][T20502] loop5: detected capacity change from 0 to 736
[  291.487721][T20499]  loop3: p1 < > p4
[  291.492386][T20499] loop3: p4 size 8388608 extends beyond EOD, truncated
[  291.635250][T20515] FAULT_INJECTION: forcing a failure.
[  291.635250][T20515] name failslab, interval 1, probability 0, space 0, times 0
[  291.648037][T20515] CPU: 1 UID: 0 PID: 20515 Comm: syz.1.5290 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  291.648155][T20515] Tainted: [W]=WARN
[  291.648164][T20515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  291.648217][T20515] Call Trace:
[  291.648224][T20515]  <TASK>
[  291.648231][T20515]  __dump_stack+0x1d/0x30
[  291.648256][T20515]  dump_stack_lvl+0xe8/0x140
[  291.648280][T20515]  dump_stack+0x15/0x1b
[  291.648319][T20515]  should_fail_ex+0x265/0x280
[  291.648360][T20515]  should_failslab+0x8c/0xb0
[  291.648390][T20515]  kmem_cache_alloc_node_noprof+0x57/0x320
[  291.648490][T20515]  ? __alloc_skb+0x101/0x320
[  291.648529][T20515]  __alloc_skb+0x101/0x320
[  291.648601][T20515]  netlink_alloc_large_skb+0xba/0xf0
[  291.648639][T20515]  netlink_sendmsg+0x3cf/0x6b0
[  291.648712][T20515]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.648755][T20515]  __sock_sendmsg+0x142/0x180
[  291.648787][T20515]  ____sys_sendmsg+0x31e/0x4e0
[  291.648811][T20515]  ___sys_sendmsg+0x17b/0x1d0
[  291.648843][T20515]  __x64_sys_sendmsg+0xd4/0x160
[  291.648898][T20515]  x64_sys_call+0x2999/0x2fb0
[  291.648979][T20515]  do_syscall_64+0xd0/0x1a0
[  291.649006][T20515]  ? clear_bhb_loop+0x25/0x80
[  291.649033][T20515]  ? clear_bhb_loop+0x25/0x80
[  291.649061][T20515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.649141][T20515] RIP: 0033:0x7f3529dbe969
[  291.649160][T20515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.649182][T20515] RSP: 002b:00007f3528427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.649269][T20515] RAX: ffffffffffffffda RBX: 00007f3529fe5fa0 RCX: 00007f3529dbe969
[  291.649356][T20515] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000006
[  291.649367][T20515] RBP: 00007f3528427090 R08: 0000000000000000 R09: 0000000000000000
[  291.649382][T20515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.649398][T20515] R13: 0000000000000000 R14: 00007f3529fe5fa0 R15: 00007ffd813ab048
[  291.649423][T20515]  </TASK>
[  291.956736][T20547] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5291'.
[  291.978668][T20547] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  292.034035][T20546] cgroup: fork rejected by pids controller in /syz3
[  292.119345][   T29] kauditd_printk_skb: 250 callbacks suppressed
[  292.119363][   T29] audit: type=1326 audit(1748792761.098:28433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20669 comm="syz.1.5299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  292.196892][   T29] audit: type=1326 audit(1748792761.168:28434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20669 comm="syz.1.5299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  292.220824][   T29] audit: type=1326 audit(1748792761.168:28435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20669 comm="syz.1.5299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  292.244668][   T29] audit: type=1326 audit(1748792761.168:28436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20669 comm="syz.1.5299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  292.373780][T20704] program syz.5.5301 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  292.450043][   T29] audit: type=1326 audit(1748792761.418:28437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20708 comm="syz.7.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f821d47e969 code=0x7ffc0000
[  292.473854][   T29] audit: type=1326 audit(1748792761.418:28438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20708 comm="syz.7.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f821d47e969 code=0x7ffc0000
[  292.497514][   T29] audit: type=1326 audit(1748792761.418:28439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20708 comm="syz.7.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f821d47e969 code=0x7ffc0000
[  292.521416][   T29] audit: type=1326 audit(1748792761.418:28440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20708 comm="syz.7.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f821d47e969 code=0x7ffc0000
[  292.545190][   T29] audit: type=1326 audit(1748792761.418:28441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20708 comm="syz.7.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f821d47e969 code=0x7ffc0000
[  292.568857][   T29] audit: type=1326 audit(1748792761.418:28442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20708 comm="syz.7.5304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f821d47e969 code=0x7ffc0000
[  292.595272][T20709] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  292.669598][T20719] loop7: detected capacity change from 0 to 736
[  292.727214][T16486] rock: directory entry would overflow storage
[  292.733513][T16486] rock: sig=0x5850, size=36, remaining=14
[  292.743957][T20725] loop5: detected capacity change from 0 to 736
[  292.776396][T15933] rock: directory entry would overflow storage
[  292.782658][T15933] rock: sig=0x5850, size=36, remaining=14
[  292.943999][T20748] loop5: detected capacity change from 0 to 1764
[  293.042463][T20767] loop5: detected capacity change from 0 to 2048
[  293.114684][T20767]  loop5: p1 < > p4
[  293.120591][T20767] loop5: p4 size 8388608 extends beyond EOD, truncated
[  293.342266][T20802] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  293.363277][T20802] syzkaller0: MTU too low for tipc bearer
[  293.369190][T20802] tipc: Disabling bearer <eth:syzkaller0>
[  293.829391][T20819] loop4: detected capacity change from 0 to 512
[  293.880932][T20819] EXT4-fs: Ignoring removed nobh option
[  293.898920][T20827] loop5: detected capacity change from 0 to 2048
[  293.913502][T20824] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  293.930908][T20819] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5336: invalid indirect mapped block 256 (level 2)
[  293.956559][T20827] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.972196][T20819] EXT4-fs (loop4): 2 truncates cleaned up
[  293.979473][T20819] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.992995][T20827] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  294.030957][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.252958][T20840] program syz.7.5344 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  294.379983][T20847] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5347'.
[  294.388724][T12611] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm kworker/u8:34: bg 0: block 5: invalid block bitmap
[  294.408222][T12611] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  294.421400][T12611] EXT4-fs (loop4): This should not happen!! Data will be lost
[  294.421400][T12611] 
[  294.431192][T12611] EXT4-fs (loop4): Total free blocks count 0
[  294.437288][T12611] EXT4-fs (loop4): Free/Dirty block details
[  294.443200][T12611] EXT4-fs (loop4): free_blocks=0
[  294.448180][T12611] EXT4-fs (loop4): dirty_blocks=16021
[  294.453609][T12611] EXT4-fs (loop4): Block reservation details
[  294.459632][T12611] EXT4-fs (loop4): i_reserved_data_blocks=16021
[  294.505745][T12637] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 28
[  294.691054][T20873] program syz.7.5357 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  294.713157][T20877] loop4: detected capacity change from 0 to 2048
[  294.742081][T20877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.785062][T20877] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  294.899117][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.076420][T20895] loop7: detected capacity change from 0 to 1024
[  295.084638][T20895] EXT4-fs: Ignoring removed nobh option
[  295.095227][T20893] loop3: detected capacity change from 0 to 2048
[  295.121007][T20895] ext2: Unknown parameter 'dont_hash'
[  295.206149][T20906] tipc: Started in network mode
[  295.211283][T20906] tipc: Node identity 2aa7e7875474, cluster identity 4711
[  295.218659][T20906] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  295.247741][T20906] syzkaller0: MTU too low for tipc bearer
[  295.253578][T20906] tipc: Disabling bearer <eth:syzkaller0>
[  295.261128][T20914] netlink: 51 bytes leftover after parsing attributes in process `syz.4.5365'.
[  295.302317][T20893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.378593][T20925] program syz.7.5369 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  295.583952][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.629784][T20934] loop7: detected capacity change from 0 to 2048
[  295.671811][T20934] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.707825][T20934] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  295.760900][T20943] loop5: detected capacity change from 0 to 1024
[  295.771502][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.807532][T20943] EXT4-fs: Ignoring removed nobh option
[  295.813179][T20943] ext2: Unknown parameter 'dont_hash'
[  296.342038][T20963] loop3: detected capacity change from 0 to 1024
[  296.384961][T20974] program syz.1.5385 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  296.468498][T20963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.832280][T21000] program syz.1.5395 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  296.941443][T21003] loop5: detected capacity change from 0 to 2048
[  296.952408][T11766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.015047][T21003]  loop5: p1 < > p4
[  297.027025][T21003] loop5: p4 size 8388608 extends beyond EOD, truncated
[  297.205620][   T29] kauditd_printk_skb: 104 callbacks suppressed
[  297.205638][   T29] audit: type=1326 audit(1748792766.178:28547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.236328][   T29] audit: type=1326 audit(1748792766.208:28548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.260649][   T29] audit: type=1326 audit(1748792766.238:28549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.289487][   T29] audit: type=1326 audit(1748792766.268:28550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.398709][T21058] program syz.1.5409 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  297.412198][   T29] audit: type=1326 audit(1748792766.388:28551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.436190][   T29] audit: type=1326 audit(1748792766.388:28552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.460548][   T29] audit: type=1326 audit(1748792766.388:28553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21026 comm="syz.3.5398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad5ade969 code=0x7ffc0000
[  297.584124][T21036] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  297.666604][T21066] loop7: detected capacity change from 0 to 2048
[  297.692952][   T29] audit: type=1326 audit(1748792766.668:28554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.1.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  297.733119][   T29] audit: type=1326 audit(1748792766.668:28555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.1.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  297.743638][T21066] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.756997][   T29] audit: type=1326 audit(1748792766.688:28556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.1.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3529dbe969 code=0x7ffc0000
[  297.840981][T21073] tipc: Started in network mode
[  297.845911][T21073] tipc: Node identity 66e8c4ffdf31, cluster identity 4711
[  297.853178][T21073] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  297.888506][T21070] tipc: Disabling bearer <eth:syzkaller0>
[  297.899958][T21066] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  297.926550][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.455496][T21134] loop7: detected capacity change from 0 to 512
[  298.483030][T21134] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  298.487385][T21136] loop4: detected capacity change from 0 to 736
[  298.492161][T21134] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  298.549896][T21134] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended
[  298.582935][T21134] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  298.594637][T20563] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  298.604599][T20563] CPU: 0 UID: 0 PID: 20563 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  298.604631][T20563] Tainted: [W]=WARN
[  298.604692][T20563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  298.604708][T20563] Call Trace:
[  298.604717][T20563]  <TASK>
[  298.604802][T20563]  __dump_stack+0x1d/0x30
[  298.604829][T20563]  dump_stack_lvl+0xe8/0x140
[  298.604853][T20563]  dump_stack+0x15/0x1b
[  298.604907][T20563]  dump_header+0x81/0x220
[  298.604940][T20563]  oom_kill_process+0x334/0x3f0
[  298.605053][T20563]  out_of_memory+0x979/0xb80
[  298.605117][T20563]  ? css_next_descendant_pre+0x138/0x160
[  298.605216][T20563]  mem_cgroup_out_of_memory+0x13d/0x190
[  298.605251][T20563]  try_charge_memcg+0x5e2/0x870
[  298.605348][T20563]  charge_memcg+0x51/0xc0
[  298.605378][T20563]  __mem_cgroup_charge+0x28/0xb0
[  298.605404][T20563]  shmem_get_folio_gfp+0x470/0xd40
[  298.605460][T20563]  shmem_write_begin+0xa8/0x190
[  298.605497][T20563]  generic_perform_write+0x181/0x490
[  298.605548][T20563]  shmem_file_write_iter+0xc5/0xf0
[  298.605579][T20563]  __kernel_write_iter+0x253/0x4c0
[  298.605604][T20563]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  298.605665][T20563]  dump_user_range+0x5f4/0x8d0
[  298.605702][T20563]  elf_core_dump+0x1dc2/0x1f80
[  298.605742][T20563]  ? 0xffffffffff600000
[  298.605776][T20563]  do_coredump+0x1836/0x1f40
[  298.605810][T20563]  ? htab_lru_map_delete_elem+0x2f2/0x460
[  298.605857][T20563]  get_signal+0xd85/0xf70
[  298.605901][T20563]  arch_do_signal_or_restart+0x97/0x480
[  298.605985][T20563]  irqentry_exit_to_user_mode+0x5e/0xa0
[  298.606050][T20563]  irqentry_exit+0x12/0x50
[  298.606071][T20563]  asm_exc_page_fault+0x26/0x30
[  298.606090][T20563] RIP: 0033:0x7faad5ade971
[  298.606104][T20563] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  298.606123][T20563] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  298.606165][T20563] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  298.606177][T20563] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  298.606189][T20563] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  298.606201][T20563] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  298.606213][T20563] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  298.606237][T20563]  </TASK>
[  298.606245][T20563] memory: usage 307200kB, limit 307200kB, failcnt 19659
[  298.623458][T21134] System zones: 
[  298.632610][T20563] memory+swap: usage 432128kB, limit 9007199254740988kB, failcnt 0
[  298.632652][T20563] kmem: usage 4524kB, limit 9007199254740988kB, failcnt 0
[  298.632667][T20563] Memory cgroup stats for /syz3
[  298.635956][T21134] 0-2
[  298.638914][T20563] :
[  298.639230][T20563] cache 309800960
[  298.643306][T21134] , 18-18, 34-35
[  298.647915][T20563] rss 94208
[  298.647925][T20563] shmem 309465088
[  298.652071][T21134] 
[  298.696961][T21134] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.701402][T20563] mapped_file 253952
[  298.701418][T20563] dirty 0
[  298.701427][T20563] writeback 0
[  298.920823][T20563] workingset_refault_anon 22
[  298.925427][T20563] workingset_refault_file 51
[  298.930137][T20563] swap 127926272
[  298.933709][T20563] swapcached 69632
[  298.937504][T20563] pgpgin 346503
[  298.940977][T20563] pgpgout 270834
[  298.944546][T20563] pgfault 282851
[  298.948133][T20563] pgmajfault 16
[  298.951645][T20563] inactive_anon 154329088
[  298.956037][T20563] active_anon 155222016
[  298.960231][T20563] inactive_file 0
[  298.963880][T20563] active_file 0
[  298.967370][T20563] unevictable 0
[  298.970840][T20563] hierarchical_memory_limit 314572800
[  298.976237][T20563] hierarchical_memsw_limit 9223372036854771712
[  298.982542][T20563] total_cache 309800960
[  298.986715][T20563] total_rss 94208
[  298.990432][T20563] total_shmem 309465088
[  298.994599][T20563] total_mapped_file 253952
[  298.999058][T20563] total_dirty 0
[  299.002531][T20563] total_writeback 0
[  299.006417][T20563] total_workingset_refault_anon 22
[  299.011577][T20563] total_workingset_refault_file 51
[  299.016728][T20563] total_swap 127926272
[  299.020911][T20563] total_swapcached 69632
[  299.025197][T20563] total_pgpgin 346503
[  299.029232][T20563] total_pgpgout 270834
[  299.033325][T20563] total_pgfault 282851
[  299.037483][T20563] total_pgmajfault 16
[  299.041472][T20563] total_inactive_anon 154329088
[  299.046330][T20563] total_active_anon 155222016
[  299.051053][T20563] total_inactive_file 0
[  299.055230][T20563] total_active_file 0
[  299.059264][T20563] total_unevictable 0
[  299.063263][T20563] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20564,uid=0
[  299.078053][T20563] Memory cgroup out of memory: Killed process 20564 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53376kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  299.104357][T21158] loop4: detected capacity change from 0 to 1024
[  299.111361][T21158] EXT4-fs: Ignoring removed nobh option
[  299.116505][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.117007][T21158] ext2: Unknown parameter 'dont_hash'
[  299.188600][T21175] loop5: detected capacity change from 0 to 2048
[  299.206187][T21173] loop7: detected capacity change from 0 to 736
[  299.249817][T21175] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.297335][T21189] sctp: [Deprecated]: syz.7.5452 (pid 21189) Use of int in max_burst socket option deprecated.
[  299.297335][T21189] Use struct sctp_assoc_value instead
[  299.334893][T21190] loop4: detected capacity change from 0 to 2048
[  299.391166][T21190] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.444313][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.456266][T21196] program syz.7.5454 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.476750][T21190] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  299.514390][T10548] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.620148][T21220] loop4: detected capacity change from 0 to 1024
[  299.627221][T21220] EXT4-fs: Ignoring removed nobh option
[  299.632927][T21220] ext2: Unknown parameter 'dont_hash'
[  299.706821][T21235] loop5: detected capacity change from 0 to 736
[  299.716994][T21228] netlink: 60 bytes leftover after parsing attributes in process `syz.7.5463'.
[  299.727566][T21228] netlink: 'syz.7.5463': attribute type 27 has an invalid length.
[  299.758480][T21228] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2579 sclass=netlink_route_socket pid=21228 comm=syz.7.5463
[  299.774996][T15933] rock: directory entry would overflow storage
[  299.781320][T15933] rock: sig=0x5850, size=36, remaining=14
[  299.985862][T21279] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5478'.
[  300.017707][T21279] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  300.049582][T21281] program syz.7.5479 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  300.082956][T20558] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  300.084222][T21285] loop5: detected capacity change from 0 to 2048
[  300.093220][T20558] CPU: 0 UID: 0 PID: 20558 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  300.093261][T20558] Tainted: [W]=WARN
[  300.093267][T20558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  300.093279][T20558] Call Trace:
[  300.093285][T20558]  <TASK>
[  300.093292][T20558]  __dump_stack+0x1d/0x30
[  300.093385][T20558]  dump_stack_lvl+0xe8/0x140
[  300.093412][T20558]  dump_stack+0x15/0x1b
[  300.093494][T20558]  dump_header+0x81/0x220
[  300.093537][T20558]  oom_kill_process+0x334/0x3f0
[  300.093701][T20558]  out_of_memory+0x979/0xb80
[  300.093734][T20558]  ? css_next_descendant_pre+0x138/0x160
[  300.093795][T20558]  mem_cgroup_out_of_memory+0x13d/0x190
[  300.093863][T20558]  try_charge_memcg+0x5e2/0x870
[  300.093981][T20558]  charge_memcg+0x51/0xc0
[  300.094013][T20558]  __mem_cgroup_charge+0x28/0xb0
[  300.094045][T20558]  shmem_get_folio_gfp+0x470/0xd40
[  300.094108][T20558]  shmem_write_begin+0xa8/0x190
[  300.094146][T20558]  generic_perform_write+0x181/0x490
[  300.094195][T20558]  shmem_file_write_iter+0xc5/0xf0
[  300.094265][T20558]  __kernel_write_iter+0x253/0x4c0
[  300.094331][T20558]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  300.094383][T20558]  dump_user_range+0x5f4/0x8d0
[  300.094424][T20558]  elf_core_dump+0x1dc2/0x1f80
[  300.094468][T20558]  ? 0xffffffffff600000
[  300.094503][T20558]  do_coredump+0x1836/0x1f40
[  300.094610][T20558]  ? htab_lru_map_delete_elem+0x2f2/0x460
[  300.094659][T20558]  get_signal+0xd85/0xf70
[  300.094710][T20558]  arch_do_signal_or_restart+0x97/0x480
[  300.094812][T20558]  irqentry_exit_to_user_mode+0x5e/0xa0
[  300.094866][T20558]  irqentry_exit+0x12/0x50
[  300.094891][T20558]  asm_exc_page_fault+0x26/0x30
[  300.094926][T20558] RIP: 0033:0x7faad5ade971
[  300.094947][T20558] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  300.094971][T20558] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  300.094993][T20558] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  300.095011][T20558] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  300.095070][T20558] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  300.095088][T20558] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  300.095104][T20558] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  300.095197][T20558]  </TASK>
[  300.095208][T20558] memory: usage 307200kB, limit 307200kB, failcnt 20606
[  300.139073][T21285] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.141405][T20558] memory+swap: usage 432124kB, limit 9007199254740988kB, failcnt 0
[  300.367309][T20558] kmem: usage 4564kB, limit 9007199254740988kB, failcnt 0
[  300.374442][T20558] Memory cgroup stats for /syz3:
[  300.452374][T21298] FAULT_INJECTION: forcing a failure.
[  300.452374][T21298] name failslab, interval 1, probability 0, space 0, times 0
[  300.470262][T21298] CPU: 1 UID: 0 PID: 21298 Comm: syz.7.5485 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  300.470295][T21298] Tainted: [W]=WARN
[  300.470303][T21298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  300.470317][T21298] Call Trace:
[  300.470327][T21298]  <TASK>
[  300.470337][T21298]  __dump_stack+0x1d/0x30
[  300.470359][T21298]  dump_stack_lvl+0xe8/0x140
[  300.470379][T21298]  dump_stack+0x15/0x1b
[  300.470470][T21298]  should_fail_ex+0x265/0x280
[  300.470510][T21298]  ? audit_log_d_path+0x8d/0x150
[  300.470542][T21298]  should_failslab+0x8c/0xb0
[  300.470587][T21298]  __kmalloc_cache_noprof+0x4c/0x320
[  300.470616][T21298]  audit_log_d_path+0x8d/0x150
[  300.470651][T21298]  audit_log_d_path_exe+0x42/0x70
[  300.470723][T21298]  audit_log_task+0x1e9/0x250
[  300.470759][T21298]  audit_seccomp+0x61/0x100
[  300.470789][T21298]  ? __seccomp_filter+0x68c/0x10d0
[  300.470889][T21298]  __seccomp_filter+0x69d/0x10d0
[  300.470917][T21298]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  300.470996][T21298]  ? vfs_write+0x75e/0x8d0
[  300.471032][T21298]  __secure_computing+0x82/0x150
[  300.471072][T21298]  syscall_trace_enter+0xcf/0x1e0
[  300.471095][T21298]  do_syscall_64+0xaa/0x1a0
[  300.471122][T21298]  ? clear_bhb_loop+0x25/0x80
[  300.471156][T21298]  ? clear_bhb_loop+0x25/0x80
[  300.471179][T21298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.471207][T21298] RIP: 0033:0x7f821d47e969
[  300.471226][T21298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.471247][T21298] RSP: 002b:00007f821bae7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  300.471316][T21298] RAX: ffffffffffffffda RBX: 00007f821d6a5fa0 RCX: 00007f821d47e969
[  300.471340][T21298] RDX: 000000000000070f RSI: 100000000000600d RDI: 0000000000000000
[  300.471356][T21298] RBP: 00007f821bae7090 R08: 0000000000000000 R09: 0000000000000000
[  300.471368][T21298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.471380][T21298] R13: 0000000000000000 R14: 00007f821d6a5fa0 R15: 00007fffc09f8b88
[  300.471398][T21298]  </TASK>
[  300.697007][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.732400][T21311] loop7: detected capacity change from 0 to 2048
[  300.737853][T20558] cache 301813760
[  300.742494][T20558] rss 229376
[  300.745714][T20558] shmem 301813760
[  300.749411][T20558] mapped_file 0
[  300.752931][T20558] dirty 0
[  300.755884][T20558] writeback 0
[  300.759323][T20558] workingset_refault_anon 25
[  300.763933][T20558] workingset_refault_file 175
[  300.769053][T20558] swap 127918080
[  300.772811][T20558] swapcached 77824
[  300.776645][T20558] pgpgin 353108
[  300.780255][T20558] pgpgout 279351
[  300.783821][T20558] pgfault 283291
[  300.787431][T20558] pgmajfault 21
[  300.790985][T20558] inactive_anon 123199488
[  300.795412][T20558] active_anon 178888704
[  300.799637][T20558] inactive_file 16384
[  300.803635][T20558] active_file 0
[  300.807113][T20558] unevictable 0
[  300.810857][T20558] hierarchical_memory_limit 314572800
[  300.816394][T20558] hierarchical_memsw_limit 9223372036854771712
[  300.822688][T20558] total_cache 301813760
[  300.826948][T20558] total_rss 229376
[  300.830892][T20558] total_shmem 301813760
[  300.835167][T20558] total_mapped_file 0
[  300.839228][T20558] total_dirty 0
[  300.842707][T20558] total_writeback 0
[  300.846569][T20558] total_workingset_refault_anon 25
[  300.851758][T20558] total_workingset_refault_file 175
[  300.857015][T20558] total_swap 127918080
[  300.861240][T20558] total_swapcached 77824
[  300.865498][T20558] total_pgpgin 353108
[  300.869559][T20558] total_pgpgout 279351
[  300.873718][T20558] total_pgfault 283291
[  300.877903][T20558] total_pgmajfault 21
[  300.881979][T20558] total_inactive_anon 123199488
[  300.886850][T20558] total_active_anon 178888704
[  300.891652][T20558] total_inactive_file 16384
[  300.896170][T20558] total_active_file 0
[  300.900203][T20558] total_unevictable 0
[  300.904316][T20558] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20552,uid=0
[  300.919613][T20558] Memory cgroup out of memory: Killed process 20552 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53440kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  300.949052][T21311] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.976014][T21319] loop5: detected capacity change from 0 to 1024
[  300.995723][T21319] EXT4-fs: Ignoring removed nobh option
[  301.007985][T21311] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  301.034273][T21319] ext2: Unknown parameter 'dont_hash'
[  301.099384][T16486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.154351][T21330] loop5: detected capacity change from 0 to 2048
[  301.233279][T21330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.405505][T21350] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5498'.
[  301.414732][T20558] ==================================================================
[  301.423213][T20558] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  301.433070][T20558] 
[  301.435407][T20558] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  301.443522][T20558]  tick_do_update_jiffies64+0x113/0x1c0
[  301.449106][T20558]  tick_nohz_handler+0x7f/0x2d0
[  301.453999][T20558]  __hrtimer_run_queues+0x20c/0x5a0
[  301.459230][T20558]  hrtimer_interrupt+0x21a/0x460
[  301.464193][T20558]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  301.470110][T20558]  sysvec_apic_timer_interrupt+0x6f/0x80
[  301.475771][T20558]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  301.481771][T20558]  console_flush_all+0x55b/0x730
[  301.486744][T20558]  console_unlock+0xa1/0x330
[  301.491345][T20558]  vprintk_emit+0x388/0x650
[  301.495860][T20558]  vprintk_default+0x26/0x30
[  301.500549][T20558]  vprintk+0x1d/0x30
[  301.504469][T20558]  _printk+0x79/0xa0
[  301.508389][T20558]  __nla_validate_parse+0x1738/0x1d00
[  301.513780][T20558]  __nla_parse+0x40/0x60
[  301.518041][T20558]  rtnl_newlink+0xf1/0x12d0
[  301.522574][T20558]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  301.527527][T20558]  netlink_rcv_skb+0x120/0x220
[  301.532314][T20558]  rtnetlink_rcv+0x1c/0x30
[  301.536748][T20558]  netlink_unicast+0x59e/0x670
[  301.541534][T20558]  netlink_sendmsg+0x58b/0x6b0
[  301.546329][T20558]  __sock_sendmsg+0x142/0x180
[  301.551027][T20558]  ____sys_sendmsg+0x31e/0x4e0
[  301.555843][T20558]  ___sys_sendmsg+0x17b/0x1d0
[  301.560542][T20558]  __x64_sys_sendmsg+0xd4/0x160
[  301.565410][T20558]  x64_sys_call+0x2999/0x2fb0
[  301.570112][T20558]  do_syscall_64+0xd0/0x1a0
[  301.574725][T20558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.580640][T20558] 
[  301.583060][T20558] read to 0xffffffff868099c0 of 8 bytes by task 20558 on cpu 1:
[  301.590703][T20558]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  301.596975][T20558]  count_shadow_nodes+0x6a/0x230
[  301.601938][T20558]  do_shrink_slab+0x60/0x680
[  301.606548][T20558]  shrink_slab+0x448/0x760
[  301.611110][T20558]  shrink_node+0x6c3/0x2110
[  301.615651][T20558]  do_try_to_free_pages+0x3f6/0xcd0
[  301.620875][T20558]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  301.626797][T20558]  try_charge_memcg+0x3ab/0x870
[  301.631759][T20558]  charge_memcg+0x51/0xc0
[  301.636105][T20558]  __mem_cgroup_charge+0x28/0xb0
[  301.641062][T20558]  shmem_get_folio_gfp+0x470/0xd40
[  301.646317][T20558]  shmem_write_begin+0xa8/0x190
[  301.651191][T20558]  generic_perform_write+0x181/0x490
[  301.656507][T20558]  shmem_file_write_iter+0xc5/0xf0
[  301.661642][T20558]  __kernel_write_iter+0x253/0x4c0
[  301.666777][T20558]  dump_user_range+0x5f4/0x8d0
[  301.671561][T20558]  elf_core_dump+0x1dc2/0x1f80
[  301.676439][T20558]  do_coredump+0x1836/0x1f40
[  301.681149][T20558]  get_signal+0xd85/0xf70
[  301.685601][T20558]  arch_do_signal_or_restart+0x97/0x480
[  301.691174][T20558]  irqentry_exit_to_user_mode+0x5e/0xa0
[  301.696751][T20558]  irqentry_exit+0x12/0x50
[  301.701206][T20558]  asm_exc_page_fault+0x26/0x30
[  301.706113][T20558] 
[  301.708451][T20558] value changed: 0x0000000100000057 -> 0x0000000100000058
[  301.715567][T20558] 
[  301.717898][T20558] Reported by Kernel Concurrency Sanitizer on:
[  301.724086][T20558] CPU: 1 UID: 0 PID: 20558 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  301.736556][T20558] Tainted: [W]=WARN
[  301.740376][T20558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  301.750450][T20558] ==================================================================
[  301.791524][T21350] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  301.819298][T15933] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.164149][T20548] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  302.174096][T20548] CPU: 0 UID: 0 PID: 20548 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  302.174127][T20548] Tainted: [W]=WARN
[  302.174134][T20548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  302.174146][T20548] Call Trace:
[  302.174151][T20548]  <TASK>
[  302.174180][T20548]  __dump_stack+0x1d/0x30
[  302.174208][T20548]  dump_stack_lvl+0xe8/0x140
[  302.174233][T20548]  dump_stack+0x15/0x1b
[  302.174329][T20548]  dump_header+0x81/0x220
[  302.174414][T20548]  oom_kill_process+0x334/0x3f0
[  302.174438][T20548]  out_of_memory+0x979/0xb80
[  302.174468][T20548]  ? css_next_descendant_pre+0x138/0x160
[  302.174550][T20548]  mem_cgroup_out_of_memory+0x13d/0x190
[  302.174584][T20548]  try_charge_memcg+0x5e2/0x870
[  302.174625][T20548]  charge_memcg+0x51/0xc0
[  302.174654][T20548]  __mem_cgroup_charge+0x28/0xb0
[  302.174778][T20548]  shmem_get_folio_gfp+0x470/0xd40
[  302.174809][T20548]  shmem_write_begin+0xa8/0x190
[  302.174865][T20548]  generic_perform_write+0x181/0x490
[  302.174901][T20548]  shmem_file_write_iter+0xc5/0xf0
[  302.175018][T20548]  __kernel_write_iter+0x253/0x4c0
[  302.175070][T20548]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  302.175103][T20548]  dump_user_range+0x5f4/0x8d0
[  302.175138][T20548]  elf_core_dump+0x1dc2/0x1f80
[  302.175189][T20548]  ? 0xffffffffff600000
[  302.175223][T20548]  do_coredump+0x1836/0x1f40
[  302.175266][T20548]  get_signal+0xd85/0xf70
[  302.175308][T20548]  arch_do_signal_or_restart+0x97/0x480
[  302.175392][T20548]  irqentry_exit_to_user_mode+0x5e/0xa0
[  302.175437][T20548]  irqentry_exit+0x12/0x50
[  302.175536][T20548]  asm_exc_page_fault+0x26/0x30
[  302.175557][T20548] RIP: 0033:0x7faad5ade971
[  302.175572][T20548] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  302.175606][T20548] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  302.175626][T20548] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  302.175642][T20548] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  302.175658][T20548] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  302.175673][T20548] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  302.175684][T20548] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  302.175702][T20548]  </TASK>
[  302.175708][T20548] memory: usage 307060kB, limit 307200kB, failcnt 23381
[  302.417419][T20548] memory+swap: usage 420684kB, limit 9007199254740988kB, failcnt 0
[  302.425332][T20548] kmem: usage 4356kB, limit 9007199254740988kB, failcnt 0
[  302.432497][T20548] Memory cgroup stats for /syz3:
[  302.627571][T20548] cache 301858816
[  302.636233][T20548] rss 102400
[  302.639586][T20548] shmem 301858816
[  302.643298][T20548] mapped_file 0
[  302.646765][T20548] dirty 0
[  302.649845][T20548] writeback 233472
[  302.653579][T20548] workingset_refault_anon 37
[  302.658268][T20548] workingset_refault_file 175
[  302.662972][T20548] swap 127553536
[  302.666523][T20548] swapcached 442368
[  302.670419][T20548] pgpgin 357799
[  302.673891][T20548] pgpgout 283975
[  302.677539][T20548] pgfault 283497
[  302.681139][T20548] pgmajfault 29
[  302.684690][T20548] inactive_anon 7176192
[  302.688896][T20548] active_anon 292773888
[  302.693072][T20548] inactive_file 0
[  302.696787][T20548] active_file 16384
[  302.700657][T20548] unevictable 0
[  302.704201][T20548] hierarchical_memory_limit 314572800
[  302.709720][T20548] hierarchical_memsw_limit 9223372036854771712
[  302.715932][T20548] total_cache 301858816
[  302.720148][T20548] total_rss 102400
[  302.723883][T20548] total_shmem 301858816
[  302.728070][T20548] total_mapped_file 0
[  302.732140][T20548] total_dirty 0
[  302.735616][T20548] total_writeback 233472
[  302.739904][T20548] total_workingset_refault_anon 37
[  302.745110][T20548] total_workingset_refault_file 175
[  302.750394][T20548] total_swap 127553536
[  302.754475][T20548] total_swapcached 442368
[  302.758863][T20548] total_pgpgin 357799
[  302.762853][T20548] total_pgpgout 283975
[  302.766929][T20548] total_pgfault 283497
[  302.771053][T20548] total_pgmajfault 29
[  302.775116][T20548] total_inactive_anon 7176192
[  302.779852][T20548] total_active_anon 292773888
[  302.784538][T20548] total_inactive_file 0
[  302.788734][T20548] total_active_file 16384
[  302.793164][T20548] total_unevictable 0
[  302.797196][T20548] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20551,uid=0
[  302.812075][T20548] Memory cgroup out of memory: Killed process 20551 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53376kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  303.410480][T20558] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  303.420434][T20558] CPU: 0 UID: 0 PID: 20558 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  303.420466][T20558] Tainted: [W]=WARN
[  303.420487][T20558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  303.420510][T20558] Call Trace:
[  303.420519][T20558]  <TASK>
[  303.420529][T20558]  __dump_stack+0x1d/0x30
[  303.420574][T20558]  dump_stack_lvl+0xe8/0x140
[  303.420595][T20558]  dump_stack+0x15/0x1b
[  303.420616][T20558]  dump_header+0x81/0x220
[  303.420648][T20558]  oom_kill_process+0x334/0x3f0
[  303.420685][T20558]  out_of_memory+0x979/0xb80
[  303.420716][T20558]  ? css_next_descendant_pre+0x138/0x160
[  303.420761][T20558]  mem_cgroup_out_of_memory+0x13d/0x190
[  303.420882][T20558]  try_charge_memcg+0x5e2/0x870
[  303.420917][T20558]  charge_memcg+0x51/0xc0
[  303.420975][T20558]  __mem_cgroup_charge+0x28/0xb0
[  303.421002][T20558]  shmem_get_folio_gfp+0x470/0xd40
[  303.421068][T20558]  shmem_write_begin+0xa8/0x190
[  303.421132][T20558]  generic_perform_write+0x181/0x490
[  303.421168][T20558]  shmem_file_write_iter+0xc5/0xf0
[  303.421243][T20558]  __kernel_write_iter+0x253/0x4c0
[  303.421269][T20558]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  303.421321][T20558]  dump_user_range+0x5f4/0x8d0
[  303.421359][T20558]  elf_core_dump+0x1dc2/0x1f80
[  303.421398][T20558]  ? 0xffffffffff600000
[  303.421425][T20558]  do_coredump+0x1836/0x1f40
[  303.421524][T20558]  ? htab_lru_map_delete_elem+0x2f2/0x460
[  303.421564][T20558]  get_signal+0xd85/0xf70
[  303.421660][T20558]  arch_do_signal_or_restart+0x97/0x480
[  303.421698][T20558]  irqentry_exit_to_user_mode+0x5e/0xa0
[  303.421736][T20558]  irqentry_exit+0x12/0x50
[  303.421834][T20558]  asm_exc_page_fault+0x26/0x30
[  303.421853][T20558] RIP: 0033:0x7faad5ade971
[  303.421867][T20558] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  303.421884][T20558] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  303.421902][T20558] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  303.421918][T20558] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  303.421934][T20558] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  303.422003][T20558] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  303.422019][T20558] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  303.422041][T20558]  </TASK>
[  303.422047][T20558] memory: usage 307200kB, limit 307200kB, failcnt 23824
[  303.668553][T20558] memory+swap: usage 431780kB, limit 9007199254740988kB, failcnt 0
[  303.676467][T20558] kmem: usage 4096kB, limit 9007199254740988kB, failcnt 0
[  303.683632][T20558] Memory cgroup stats for /syz3:
[  303.952350][T20558] cache 308477952
[  303.961069][T20558] rss 126976
[  303.964289][T20558] shmem 308473856
[  303.967950][T20558] mapped_file 0
[  303.971419][T20558] dirty 0
[  303.974361][T20558] writeback 32768
[  303.978064][T20558] workingset_refault_anon 43
[  303.982729][T20558] workingset_refault_file 486
[  303.987451][T20558] swap 127913984
[  303.991040][T20558] swapcached 81920
[  303.994834][T20558] pgpgin 376514
[  303.998372][T20558] pgpgout 301156
[  304.001932][T20558] pgfault 284266
[  304.005500][T20558] pgmajfault 41
[  304.009065][T20558] inactive_anon 88506368
[  304.013322][T20558] active_anon 219635712
[  304.017550][T20558] inactive_file 20480
[  304.021573][T20558] active_file 0
[  304.025113][T20558] unevictable 0
[  304.028655][T20558] hierarchical_memory_limit 314572800
[  304.034034][T20558] hierarchical_memsw_limit 9223372036854771712
[  304.040241][T20558] total_cache 308477952
[  304.044420][T20558] total_rss 126976
[  304.048264][T20558] total_shmem 308473856
[  304.052431][T20558] total_mapped_file 0
[  304.056433][T20558] total_dirty 0
[  304.059925][T20558] total_writeback 32768
[  304.064301][T20558] total_workingset_refault_anon 43
[  304.069462][T20558] total_workingset_refault_file 486
[  304.074692][T20558] total_swap 127913984
[  304.078826][T20558] total_swapcached 81920
[  304.083078][T20558] total_pgpgin 376514
[  304.087123][T20558] total_pgpgout 301156
[  304.091278][T20558] total_pgfault 284266
[  304.095367][T20558] total_pgmajfault 41
[  304.099398][T20558] total_inactive_anon 88506368
[  304.104172][T20558] total_active_anon 219635712
[  304.108879][T20558] total_inactive_file 20480
[  304.113382][T20558] total_active_file 0
[  304.117451][T20558] total_unevictable 0
[  304.121444][T20558] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20565,uid=0
[  304.136216][T20558] Memory cgroup out of memory: Killed process 20565 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53376kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  304.448671][T20555] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  304.458597][T20555] CPU: 0 UID: 0 PID: 20555 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  304.458665][T20555] Tainted: [W]=WARN
[  304.458672][T20555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  304.458684][T20555] Call Trace:
[  304.458690][T20555]  <TASK>
[  304.458698][T20555]  __dump_stack+0x1d/0x30
[  304.458782][T20555]  dump_stack_lvl+0xe8/0x140
[  304.458805][T20555]  dump_stack+0x15/0x1b
[  304.458821][T20555]  dump_header+0x81/0x220
[  304.458851][T20555]  oom_kill_process+0x334/0x3f0
[  304.458881][T20555]  out_of_memory+0x979/0xb80
[  304.458921][T20555]  ? css_next_descendant_pre+0x138/0x160
[  304.458966][T20555]  mem_cgroup_out_of_memory+0x13d/0x190
[  304.459007][T20555]  try_charge_memcg+0x5e2/0x870
[  304.459112][T20555]  charge_memcg+0x51/0xc0
[  304.459141][T20555]  __mem_cgroup_charge+0x28/0xb0
[  304.459171][T20555]  shmem_get_folio_gfp+0x470/0xd40
[  304.459211][T20555]  shmem_write_begin+0xa8/0x190
[  304.459286][T20555]  generic_perform_write+0x181/0x490
[  304.459328][T20555]  shmem_file_write_iter+0xc5/0xf0
[  304.459362][T20555]  __kernel_write_iter+0x253/0x4c0
[  304.459406][T20555]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  304.459445][T20555]  dump_user_range+0x5f4/0x8d0
[  304.459489][T20555]  elf_core_dump+0x1dc2/0x1f80
[  304.459528][T20555]  ? 0xffffffffff600000
[  304.459604][T20555]  do_coredump+0x1836/0x1f40
[  304.459629][T20555]  ? htab_lru_map_delete_elem+0x2f2/0x460
[  304.459674][T20555]  get_signal+0xd85/0xf70
[  304.459736][T20555]  arch_do_signal_or_restart+0x97/0x480
[  304.459812][T20555]  irqentry_exit_to_user_mode+0x5e/0xa0
[  304.459847][T20555]  irqentry_exit+0x12/0x50
[  304.459865][T20555]  asm_exc_page_fault+0x26/0x30
[  304.459885][T20555] RIP: 0033:0x7faad5ade971
[  304.459901][T20555] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  304.459924][T20555] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  304.460047][T20555] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  304.460064][T20555] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  304.460080][T20555] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  304.460095][T20555] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  304.460107][T20555] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  304.460125][T20555]  </TASK>
[  304.460206][T20555] memory: usage 307200kB, limit 307200kB, failcnt 26265
[  304.706143][T20555] memory+swap: usage 427832kB, limit 9007199254740988kB, failcnt 0
[  304.714099][T20555] kmem: usage 3900kB, limit 9007199254740988kB, failcnt 0
[  304.721250][T20555] Memory cgroup stats for /syz3:
[  304.721737][T20555] cache 305545216
[  304.730482][T20555] rss 118784
[  304.733770][T20555] shmem 305541120
[  304.737466][T20555] mapped_file 0
[  304.740941][T20555] dirty 0
[  304.743922][T20555] writeback 32768
[  304.747621][T20555] workingset_refault_anon 43
[  304.752255][T20555] workingset_refault_file 510
[  304.756938][T20555] swap 127922176
[  304.760541][T20555] swapcached 73728
[  304.764314][T20555] pgpgin 378302
[  304.767869][T20555] pgpgout 303664
[  304.771428][T20555] pgfault 284359
[  304.774986][T20555] pgmajfault 42
[  304.778548][T20555] inactive_anon 74002432
[  304.782889][T20555] active_anon 230121472
[  304.787107][T20555] inactive_file 0
[  304.790796][T20555] active_file 20480
[  304.794612][T20555] unevictable 0
[  304.798098][T20555] hierarchical_memory_limit 314572800
[  304.803562][T20555] hierarchical_memsw_limit 9223372036854771712
[  304.809850][T20555] total_cache 305545216
[  304.814073][T20555] total_rss 118784
[  304.817840][T20555] total_shmem 305541120
[  304.822166][T20555] total_mapped_file 0
[  304.826191][T20555] total_dirty 0
[  304.829741][T20555] total_writeback 32768
[  304.833906][T20555] total_workingset_refault_anon 43
[  304.839054][T20555] total_workingset_refault_file 510
[  304.844270][T20555] total_swap 127922176
[  304.848412][T20555] total_swapcached 73728
[  304.852680][T20555] total_pgpgin 378302
[  304.856676][T20555] total_pgpgout 303664
[  304.860877][T20555] total_pgfault 284359
[  304.864958][T20555] total_pgmajfault 42
[  304.868987][T20555] total_inactive_anon 74002432
[  304.873841][T20555] total_active_anon 230121472
[  304.878564][T20555] total_inactive_file 0
[  304.882733][T20555] total_active_file 20480
[  304.887092][T20555] total_unevictable 0
[  304.891116][T20555] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20560,uid=0
[  304.905846][T20555] Memory cgroup out of memory: Killed process 20560 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53376kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  306.244390][T20550] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  306.254393][T20550] CPU: 0 UID: 0 PID: 20550 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  306.254431][T20550] Tainted: [W]=WARN
[  306.254437][T20550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  306.254453][T20550] Call Trace:
[  306.254462][T20550]  <TASK>
[  306.254472][T20550]  __dump_stack+0x1d/0x30
[  306.254550][T20550]  dump_stack_lvl+0xe8/0x140
[  306.254568][T20550]  dump_stack+0x15/0x1b
[  306.254594][T20550]  dump_header+0x81/0x220
[  306.254708][T20550]  oom_kill_process+0x334/0x3f0
[  306.254741][T20550]  out_of_memory+0x979/0xb80
[  306.254823][T20550]  ? css_next_descendant_pre+0x138/0x160
[  306.254868][T20550]  mem_cgroup_out_of_memory+0x13d/0x190
[  306.254905][T20550]  try_charge_memcg+0x5e2/0x870
[  306.254997][T20550]  charge_memcg+0x51/0xc0
[  306.255026][T20550]  __mem_cgroup_charge+0x28/0xb0
[  306.255068][T20550]  shmem_get_folio_gfp+0x470/0xd40
[  306.255098][T20550]  shmem_write_begin+0xa8/0x190
[  306.255197][T20550]  generic_perform_write+0x181/0x490
[  306.255238][T20550]  shmem_file_write_iter+0xc5/0xf0
[  306.255327][T20550]  __kernel_write_iter+0x253/0x4c0
[  306.255359][T20550]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  306.255403][T20550]  dump_user_range+0x5f4/0x8d0
[  306.255512][T20550]  elf_core_dump+0x1dc2/0x1f80
[  306.255550][T20550]  ? 0xffffffffff600000
[  306.255574][T20550]  do_coredump+0x1836/0x1f40
[  306.255676][T20550]  get_signal+0xd85/0xf70
[  306.255716][T20550]  arch_do_signal_or_restart+0x97/0x480
[  306.255760][T20550]  irqentry_exit_to_user_mode+0x5e/0xa0
[  306.255803][T20550]  irqentry_exit+0x12/0x50
[  306.255819][T20550]  asm_exc_page_fault+0x26/0x30
[  306.255839][T20550] RIP: 0033:0x7faad5ade971
[  306.255858][T20550] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  306.255939][T20550] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  306.255981][T20550] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  306.255997][T20550] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  306.256086][T20550] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  306.256099][T20550] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  306.256114][T20550] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  306.256137][T20550]  </TASK>
[  306.256145][T20550] memory: usage 307200kB, limit 307200kB, failcnt 29566
[  306.496733][T20550] memory+swap: usage 429744kB, limit 9007199254740988kB, failcnt 0
[  306.504723][T20550] kmem: usage 3972kB, limit 9007199254740988kB, failcnt 0
[  306.511961][T20550] Memory cgroup stats for /syz3:
[  306.972372][T20550] cache 310398976
[  306.981003][T20550] rss 139264
[  306.984346][T20550] shmem 310398976
[  306.988114][T20550] mapped_file 0
[  306.991612][T20550] dirty 0
[  306.994584][T20550] writeback 159744
[  306.998339][T20550] workingset_refault_anon 60
[  307.002944][T20550] workingset_refault_file 1130
[  307.007803][T20550] swap 127819776
[  307.011361][T20550] swapcached 176128
[  307.015204][T20550] pgpgin 395372
[  307.018732][T20550] pgpgout 319514
[  307.022300][T20550] pgfault 284826
[  307.025849][T20550] pgmajfault 77
[  307.029352][T20550] inactive_anon 145301504
[  307.033687][T20550] active_anon 165134336
[  307.037899][T20550] inactive_file 0
[  307.041574][T20550] active_file 0
[  307.045038][T20550] unevictable 0
[  307.048585][T20550] hierarchical_memory_limit 314572800
[  307.054013][T20550] hierarchical_memsw_limit 9223372036854771712
[  307.060282][T20550] total_cache 310398976
[  307.064451][T20550] total_rss 139264
[  307.068209][T20550] total_shmem 310398976
[  307.072413][T20550] total_mapped_file 0
[  307.076493][T20550] total_dirty 0
[  307.080160][T20550] total_writeback 159744
[  307.084415][T20550] total_workingset_refault_anon 60
[  307.089635][T20550] total_workingset_refault_file 1130
[  307.094950][T20550] total_swap 127819776
[  307.099191][T20550] total_swapcached 176128
[  307.103532][T20550] total_pgpgin 395372
[  307.107541][T20550] total_pgpgout 319514
[  307.111626][T20550] total_pgfault 284826
[  307.115702][T20550] total_pgmajfault 77
[  307.119744][T20550] total_inactive_anon 145301504
[  307.124593][T20550] total_active_anon 165134336
[  307.129295][T20550] total_inactive_file 0
[  307.133460][T20550] total_active_file 0
[  307.137481][T20550] total_unevictable 0
[  307.141507][T20550] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20561,uid=0
[  307.156529][T20550] Memory cgroup out of memory: Killed process 20561 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53452kB, shmem-rss:0kB, UID:0 pgtables:180kB oom_score_adj:1000
[  307.700195][T20563] syz.3.5292 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  307.710246][T20563] CPU: 0 UID: 0 PID: 20563 Comm: syz.3.5292 Tainted: G        W           6.15.0-rc5-syzkaller #0 PREEMPT(voluntary) 
[  307.710287][T20563] Tainted: [W]=WARN
[  307.710297][T20563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  307.710424][T20563] Call Trace:
[  307.710433][T20563]  <TASK>
[  307.710442][T20563]  __dump_stack+0x1d/0x30
[  307.710469][T20563]  dump_stack_lvl+0xe8/0x140
[  307.710494][T20563]  dump_stack+0x15/0x1b
[  307.710515][T20563]  dump_header+0x81/0x220
[  307.710584][T20563]  oom_kill_process+0x334/0x3f0
[  307.710614][T20563]  out_of_memory+0x979/0xb80
[  307.710645][T20563]  ? css_next_descendant_pre+0x138/0x160
[  307.710713][T20563]  mem_cgroup_out_of_memory+0x13d/0x190
[  307.710746][T20563]  try_charge_memcg+0x5e2/0x870
[  307.710836][T20563]  charge_memcg+0x51/0xc0
[  307.710866][T20563]  __mem_cgroup_charge+0x28/0xb0
[  307.710905][T20563]  shmem_get_folio_gfp+0x470/0xd40
[  307.710939][T20563]  shmem_write_begin+0xa8/0x190
[  307.710965][T20563]  generic_perform_write+0x181/0x490
[  307.711020][T20563]  shmem_file_write_iter+0xc5/0xf0
[  307.711103][T20563]  __kernel_write_iter+0x253/0x4c0
[  307.711134][T20563]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  307.711170][T20563]  dump_user_range+0x5f4/0x8d0
[  307.711200][T20563]  elf_core_dump+0x1dc2/0x1f80
[  307.711291][T20563]  ? 0xffffffffff600000
[  307.711374][T20563]  do_coredump+0x1836/0x1f40
[  307.711401][T20563]  ? htab_lru_map_delete_elem+0x2f2/0x460
[  307.711446][T20563]  get_signal+0xd85/0xf70
[  307.711522][T20563]  arch_do_signal_or_restart+0x97/0x480
[  307.711629][T20563]  irqentry_exit_to_user_mode+0x5e/0xa0
[  307.711670][T20563]  irqentry_exit+0x12/0x50
[  307.711688][T20563]  asm_exc_page_fault+0x26/0x30
[  307.711710][T20563] RIP: 0033:0x7faad5ade971
[  307.711726][T20563] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  307.711794][T20563] RSP: 002b:0000000000000020 EFLAGS: 00010217
[  307.711809][T20563] RAX: 0000000000000000 RBX: 00007faad5d05fa0 RCX: 00007faad5ade969
[  307.711823][T20563] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000000000000600
[  307.711836][T20563] RBP: 00007faad5b60ab1 R08: 0000000000000000 R09: 0000000000000000
[  307.711912][T20563] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  307.711927][T20563] R13: 0000000000000000 R14: 00007faad5d05fa0 R15: 00007fffc7734248
[  307.711946][T20563]  </TASK>
[  307.711954][T20563] memory: usage 307200kB, limit 307200kB, failcnt 30768
[  307.957561][T20563] memory+swap: usage 432076kB, limit 9007199254740988kB, failcnt 0
[  307.965563][T20563] kmem: usage 3572kB, limit 9007199254740988kB, failcnt 0
[  307.972752][T20563] Memory cgroup stats for /syz3:
[  307.973102][T20563] cache 310661120
[  307.981815][T20563] rss 126976
[  307.985127][T20563] shmem 310661120
[  307.988823][T20563] mapped_file 0
[  307.992283][T20563] dirty 0
[  307.995231][T20563] writeback 0
[  307.998536][T20563] workingset_refault_anon 60
[  308.003195][T20563] workingset_refault_file 1522
[  308.007990][T20563] swap 127873024
[  308.011651][T20563] swapcached 122880
[  308.015448][T20563] pgpgin 404652
[  308.018961][T20563] pgpgout 328745
[  308.022561][T20563] pgfault 284966
[  308.026109][T20563] pgmajfault 80
[  308.029591][T20563] inactive_anon 83406848
[  308.033831][T20563] active_anon 227491840
[  308.038012][T20563] inactive_file 16384
[  308.041995][T20563] active_file 0
[  308.045524][T20563] unevictable 0
[  308.049025][T20563] hierarchical_memory_limit 314572800
[  308.054423][T20563] hierarchical_memsw_limit 9223372036854771712
[  308.060614][T20563] total_cache 310661120
[  308.064776][T20563] total_rss 126976
[  308.068531][T20563] total_shmem 310661120
[  308.072771][T20563] total_mapped_file 0
[  308.076741][T20563] total_dirty 0
[  308.080252][T20563] total_writeback 0
[  308.084119][T20563] total_workingset_refault_anon 60
[  308.089253][T20563] total_workingset_refault_file 1522
[  308.094570][T20563] total_swap 127873024
[  308.098704][T20563] total_swapcached 122880
[  308.103026][T20563] total_pgpgin 404652
[  308.106998][T20563] total_pgpgout 328745
[  308.111165][T20563] total_pgfault 284966
[  308.115296][T20563] total_pgmajfault 80
[  308.119385][T20563] total_inactive_anon 83406848
[  308.124143][T20563] total_active_anon 227491840
[  308.128857][T20563] total_inactive_file 16384
[  308.133363][T20563] total_active_file 0
[  308.137396][T20563] total_unevictable 0
[  308.141498][T20563] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5292,pid=20555,uid=0
[  308.156179][T20563] Memory cgroup out of memory: Killed process 20555 (syz.3.5292) total-vm:89908kB, anon-rss:960kB, file-rss:53516kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000