last executing test programs:

6.068301177s ago: executing program 0 (id=1163):
unshare(0x2c020400)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0xdfffffff, 0x800, 0x0, 0x1}, 0x20)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000001c0)={0x2c})
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080))
lchown(0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
close(r1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
pselect6(0x40, &(0x7f0000000000)={0x1, 0x1, 0x1, 0x9, 0x7, 0x1, 0x8, 0x6}, &(0x7f00000000c0)={0xd37, 0x2, 0xa1c, 0xe7c4, 0xdf5, 0x2, 0x5, 0x1}, &(0x7f0000000100)={0x6, 0x812, 0x2, 0x10, 0x1, 0x400, 0x401, 0xffff}, &(0x7f0000000140), &(0x7f0000000240)={&(0x7f0000000180)={[0x5]}, 0x8})
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="05130000"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000003c0)={0x0, 0x5}, 0x8)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, 0x0)
r5 = msgget$private(0x0, 0x0)
msgsnd(r5, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
msgrcv(r5, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)

5.14468782s ago: executing program 0 (id=1166):
r0 = socket(0x1e, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x890}, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r5 = inotify_init()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_add_watch(r5, &(0x7f0000000000)='./file1\x00', 0x7a8)
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x40, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, @perf_config_ext={0x8, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffe, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fsync(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r8 = getuid()
setuid(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x2, @scatter={0x0, 0xcc, 0x0}, &(0x7f0000000080)="0800501ef663", 0x0, 0x800004, 0x10032, 0x0, 0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042dbd7000fedbdf2586000000080003005899b421f61dbc5c94ab67ef8c779c716bccaaf229efb6390aa5fd058bf58afa1462aec03fa83081c30c3ce2af66b4492a8ec27cfb963a004d21b0f18c04931d2a12783900fba4ba578c16b96a256b78637e93cea4b981f23c692f87a41592a024c3c6a7b910106acc418a3e187ea34400aa5d048630c67c8c5c563a5c073423e0d24e2f6cdda9bd2e209318c28458dae4157da2215ae4cbe262aa09f80a6d0bb9f7d9094a42fe4860b12ddf00fac7257da2eb767a7360db701d9d92721de4342f8fdd0566a44eeafe0ef5d590433c115cd79032ec73301e1eba5d2e1ab3b50b96153ae8bb1b1359e520b3261c2529489edf09c6699c23c2ac3bc033ad205c8f72f40159e50ffbad68c6e852c2a9fb8778f4dc9592d81de4f42b0c714cbffc92de75b298909f4a272671583f7847208454b0614675b39f7a8c781efb2ecb99e26675b462436d2c7822835f034210b5212af8c1d45e226e0b2cfd5dae92aade78f4823cfc019f9e705023a0d68f13b67dbbb985e6dae44300b2c8dc3b34ddbcf035287bca61d46524d09f2756daa53b59bc305b72fa84c5f06a1d4e65a0ea3adb7e15930cfe015f5393c5f50dcd9baad6cf766ee1", @ANYRES16=r2, @ANYRES8=r3], 0x34}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000000)
connect$unix(r0, &(0x7f0000000180)=@file={0x0, './cgroup/../file0\x00'}, 0x6e)

4.930222603s ago: executing program 0 (id=1170):
r0 = syz_open_procfs(0x0, &(0x7f00000005c0)='map_files\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
getdents64(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)

4.765553515s ago: executing program 0 (id=1171):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020300000b0000000000000000000000030006000000000002000000e000000100000000000000000200010000001c000000fb18000000000300050000000000020000007f0000010000000000000000010018"], 0x58}, 0x1, 0x7}, 0x0) (fail_nth: 1)

4.38408988s ago: executing program 0 (id=1172):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0xa54a9d76e5e2e84, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x2278, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff})
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
writev(r1, &(0x7f0000000540)=[{&(0x7f0000000800)="00d0cc667dfd5172b4fbf300000035efe0eb734374726b9eddd0757ac7302beb5f79bd917b554a3ce649ecccd2583fc3969f4425cb681527af6a3356308df712ebb6080f593e4dcf00000000b822a6ff57564ad67351d6f040009007243483463f02299a3d148db6221b7a249293af609ab9e6eaec38ac0c38efc05a8e68baa653163ce49b4ab4ca81ace718486fa413f01f8f334211ccbc78720fc9bf6fd1e8f80342f906f677414e99ba271e502b60d6e8bb6c3401e30d750217fe06e26329512fedb44311d5cbc0ffffffff59fe8f8e72f20c49bc8a8a12ccbd34762af4117f1a3130ab0c7d3cdaf0a369628c643ce3311a22bed3d36b837860355bc2eac841f4c2dff7878492377eaff7295855d63dffdbfa000000000000", 0x11a}], 0x1)
r2 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xe, 0x12, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x14, r4, 0xc4fc9e906872338b, 0x70bd2d, 0x0, {{0x15}, {@void, @void}}}, 0x14}}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f0000000680)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0x28, r4, 0x100, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x2f}, @void, @val={0xc, 0x99, {0x58f, 0x4d}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x40090)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
creat(&(0x7f0000000200)='./bus\x00', 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfee00}], 0x1, 0x1200, 0x30, 0x3)

4.002984595s ago: executing program 0 (id=1177):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x20001, 0x0)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140), 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_setup(0x778f, &(0x7f0000000200)={0x0, 0xca3a, 0x4002, 0x2, 0x114}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x148, &(0x7f00000002c0)=0x8, 0x0, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0a00000001000000080000000827f90000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0xc7f}, 0x18)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x280, 0x268, 0x300, 0x280, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x240, 0x280, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0xb, 0x0, 0x3, 0x0, 0x5, 0x9}}}, @common=@unspec=@limit={{0x48}, {0xfff, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x8, 0x21, "6bb6778f9bdec125b0fb4f26be757b1e6f2fb8e9079627dc6726c4bc85e9"}}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x511)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
r8 = socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffc01, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = dup2(r10, r11)
sendmsg$IPCTNL_MSG_CT_DELETE(r12, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x20, 0x2, 0x1, 0x801, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x313}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8001}, 0x4000000)
sendmsg$key(r8, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f0000000000000000000000010018000000000005000600000000000a00000000000000fc0200000700000000000000000000000000000000000000020001000000000000000280ff00000005000500000000000a"], 0x78}, 0x1, 0x7}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x7c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_EXPR={0x30, 0x11, 0x0, 0x1, @rt={{0x7}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xc}]}}}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x14, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x7, 0x84}}}, 0xc4}}, 0x20050800)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r14, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)

2.416350797s ago: executing program 2 (id=1190):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xd, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61157200000000006113820000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000680)=""/151, 0x97}], 0x1, &(0x7f0000002f40)=""/229, 0xe5}, 0x2021)
close(r3)

2.363911518s ago: executing program 2 (id=1191):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$nl_route(0x10, 0x3, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)

2.311073168s ago: executing program 2 (id=1192):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x6, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x104)
r1 = epoll_create1(0x0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000180)={0x5})
poll(&(0x7f0000000300)=[{r1, 0xb409}], 0x1, 0x99)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}}}, 0x108)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x1)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
fdatasync(r0)

2.094241901s ago: executing program 2 (id=1193):
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000200), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000540)="8d", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000380)='asymmetric\x00', &(0x7f0000000500)=@keyring={'key_or_keyring:', r2})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(0xffffffffffffffff)

1.934408664s ago: executing program 1 (id=1196):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[], 0x38}}, 0x0)

1.852086465s ago: executing program 1 (id=1198):
r0 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x4080b000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

1.498361389s ago: executing program 4 (id=1200):
unshare(0x2c020400)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0xdfffffff, 0x800, 0x0, 0x1}, 0x20)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000001c0)={0x2c})
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080))
lchown(0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
close(r1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
pselect6(0x40, &(0x7f0000000000)={0x1, 0x1, 0x1, 0x9, 0x7, 0x1, 0x8, 0x6}, &(0x7f00000000c0)={0xd37, 0x2, 0xa1c, 0xe7c4, 0xdf5, 0x2, 0x5, 0x1}, &(0x7f0000000100)={0x6, 0x812, 0x2, 0x10, 0x1, 0x400, 0x401, 0xffff}, &(0x7f0000000140), &(0x7f0000000240)={&(0x7f0000000180)={[0x5]}, 0x8})
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="05130000"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000003c0)={0x0, 0x5}, 0x8)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, 0x0)
msgsnd(0x0, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
unshare(0x10000)
msgrcv(0x0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)

1.47375313s ago: executing program 1 (id=1201):
unshare(0x2c020400)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0xdfffffff, 0x800, 0x0, 0x1}, 0x20)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f00000001c0)={0x2c})
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080))
lchown(0x0, 0x0, 0x0)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.344443282s ago: executing program 4 (id=1202):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$nl_route(0x10, 0x3, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)

1.324414252s ago: executing program 1 (id=1203):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448d2, 0x0)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r2}, 0x10)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="4e6e3d382fd1d3e3729ac0b9b1eae39d2298c7117a1b3bf4091f8921888dbc1fb2167330bdd921f5f264d4396637"])
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000000), 0x0)
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000200)='./bus/file0\x00', 0x1810c00, 0x0, 0x0, 0x0, &(0x7f00000007c0))
rename(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006000200010000001ffe02000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)
socket$inet(0x2, 0x4, 0x4)
syz_clone(0x8040040, &(0x7f0000000240)="9a397fc2e121063b0f04f4cab6e00132978fde5ea7da3548d9f8c963219ea453ee79d83aafba6d315cb9592e5e6355865e03ad12310f21145e136aa654a410fd400b14758f94a1e65144df2d4ce72efa2177bf280b8d85fbef5a92a3a1180bee525982662a8173fd69bcff25b0d438a4d18386ae4225ab33a83f1d9ee77a2dd70feace4e3827312848780553f1331b6c96da162914b68b2db213aecdd0331924e7a98b2445", 0xa5, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)="9f61e40d33e5918b9b96c93a8595c3dc4ee5af90e8676d8aa646298129657c94e68e51d7f229044349c6e2f5bb5ee2b27aa5780289b2db094ccd825ad639d361c0137b19167978990b2aff3b4c9cd67bd1721d1b5ec88e05b92c21c7551400d6c5b19f88c9")
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000140)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x3, 0x3a, '9p\x00', 0x3a, '!/', 0x3a, './file0', 0x3a, [0x43, 0x46]}, 0x2e)

1.323730512s ago: executing program 4 (id=1204):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x40000000000, 0x408, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

1.142966394s ago: executing program 2 (id=1205):
r0 = socket(0x1e, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSET={0x14, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r5 = inotify_init()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_add_watch(r5, &(0x7f0000000000)='./file1\x00', 0x7a8)
r6 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x40, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, @perf_config_ext={0x8, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffe, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fsync(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r8 = getuid()
setuid(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x2, @scatter={0x0, 0xcc, 0x0}, &(0x7f0000000080)="0800501ef663", 0x0, 0x800004, 0x10032, 0x0, 0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042dbd7000fedbdf2586000000080003005899b421f61dbc5c94ab67ef8c779c716bccaaf229efb6390aa5fd058bf58afa1462aec03fa83081c30c3ce2af66b4492a8ec27cfb963a004d21b0f18c04931d2a12783900fba4ba578c16b96a256b78637e93cea4b981f23c692f87a41592a024c3c6a7b910106acc418a3e187ea34400aa5d048630c67c8c5c563a5c073423e0d24e2f6cdda9bd2e209318c28458dae4157da2215ae4cbe262aa09f80a6d0bb9f7d9094a42fe4860b12ddf00fac7257da2eb767a7360db701d9d92721de4342f8fdd0566a44eeafe0ef5d590433c115cd79032ec73301e1eba5d2e1ab3b50b96153ae8bb1b1359e520b3261c2529489edf09c6699c23c2ac3bc033ad205c8f72f40159e50ffbad68c6e852c2a9fb8778f4dc9592d81de4f42b0c714cbffc92de75b298909f4a272671583f7847208454b0614675b39f7a8c781efb2ecb99e26675b462436d2c7822835f034210b5212af8c1d45e226e0b2cfd5dae92aade78f4823cfc019f9e705023a0d68f13b67dbbb985e6dae44300b2c8dc3b34ddbcf035287bca61d46524d09f2756daa53b59bc305b72fa84c5f06a1d4e65a0ea3adb7e15930cfe015f5393c5f50dcd9baad6cf766ee1", @ANYRES16=r2, @ANYRES8=r3], 0x34}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000000)
connect$unix(r0, &(0x7f0000000180)=@file={0x0, './cgroup/../file0\x00'}, 0x6e)

1.141885784s ago: executing program 3 (id=1206):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x406, &(0x7f0000000800)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d300000000000000008303030303030303030303034303030303030303030302c73686f72746e616d653d65722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6d697865642c696f630100727365743d757466f69e75731725e72216799ebd57484a7e1948a8aa65667265652c757466383d312c6e66733d6e6f7374616c655f726f2c73686f72682e616d653d6d697865642c757466383d306d653d77696e6e742c007aea3388304ddedb3208ceb9b2c23924743277bd2c0d0019d44efede967f3df81cce421f7aafa8aa7c706311ab7a0ce39abf7858b6ba6ef5206da03692650000000000000001d0559b166f8c433d34c03a60999dea3bab649a260b216354ecc726cd1f6519546e8ef6ae17a0da1b9313ef4b5633c5f1bf756a7816d304d61c4d15539bae9f6e8dc91d178c85744c5cc226ca0568f9f6da8997bc10100b836488e47d0b7e6ccffaf123b1000000d6d876f2e37dde582f497ab6d4d11f7211b4aaf087f529ffc0000ee312a30cc69ae25ac6a986a76824020b12971980e00a27786eef1c2537fdcb1de9c4bed7175c6704f0c39d14da07a8edf97525a0c8138686d6e2b8d90102027245729e944719894ebe079bf1ab2b7002c54c5c714bff93d9475ff23f653874321e4ecc1ebd2baa44aea86a1617e53fcc5683e5c7b14e5158239aebf96ef3b73359414993575bf4e880ac24d7fee38c5a22f6fae6a22a2185cd5a25b7bc11062d649340f8220bfa18cae94fd73afbb38b2fc20a263e091c5eb14ce630628aaf65b7ccab9b4d3b2c220153cd28c86e6c8e58903c66698fd27f4f22a9fd1dd67d70de664e3b985f20ada8c0f531865a9093fe6d3cd52c721dcfe391a812583c4e745b824429ce98f2a7928d22c9b5302719058f593fddbbb60ca7"], 0x1, 0x27a, &(0x7f0000000540)="$eJzs3DFrE38cx/FP0/zbNKVNhr+CgvhFF12ONj4ACdKCGFBqI+ogXO1FQ85cyYVKRGw3FwcfR3F0E9Qn0MXN3a2L4FJQjCRNTdKmitr0onm/oHff5pdP8rvkEr53kNu6+fxBqRA6BbeqWMIUk9a1LaUbVctIax1r1mPqtK7zk5/en7p+6/aVbC43t2A2n128kDGz6dOvHz5+ceZtdfLGy+lX49pM39n6mPmweXzzxNbXxfvF0IqhlYOqubYUBFV3yfdsuRiWHLNrvueGnhXLoVfpGi/4wcpKzdzy8lRypeKFobnlmpW8mlUDq1Zq5t5zi2VzHMemksLP5DcWFtxs1LNA38Qbi0ol645Kmtg3nN+IYlIAACBanf2/Bq7/b3QtP+7/1+n//wD9/zBo9P/J1ue3G/0/AAAAAAAAAAAAAAAAAAAAAAB/g+16PVWv11O7692/cUkJSbv/Rz1P9Afv/3Dr+OFeQvKfruZX85I/0lg2ZAsqypenGaX0pbk/tOzU85dzczPWlNYbf62VX1vNj3bnZ5VSund+didv3fn/lOzMZ5TS/73zmZ75MZ0725F3lNK7uwrka7m5X7fzT2bNLl3N7clPNO8HAAAAAMC/wLHveh6/O85B4zv5Xzg/sOf4Oq6T8Wi3HQAAAACAYRHWHpVc3/cq0RSfWycLIp7GgBfHJP1W/GLHVV/bQ/F9txx28SwYlJduAIuEpEN9wAn1Y6oRfikBAAAA6It20x/1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF5HccGzA546dsSbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAETuWwAAAP//AmwlzQ==")
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

1.086779595s ago: executing program 2 (id=1207):
socket$inet6(0xa, 0x80002, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0xa102, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x1d, 0xfffffff7, 0x964000, 0x4, 0x40470, r2, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
unshare(0x62040200)

916.596937ms ago: executing program 4 (id=1208):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[], 0x38}}, 0x0)

915.796667ms ago: executing program 3 (id=1209):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket(0x28, 0x3, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) (async)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000fbdbdf25250000000fba01006e657464657673696d0000000f1602006e650900657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) (async)
getpeername$l2tp(r2, &(0x7f0000000640), &(0x7f0000000580)=0x10) (async)
r4 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)=ANY=[], 0x0) (async)
r5 = eventfd(0x800a6)
write$eventfd(r5, 0x0, 0x0) (async)
r6 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r7=>0x0}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB="dfffae52", @ANYRES16=r6, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r7, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400fd8e0000"], 0x58}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYRES32=r4, @ANYBLOB="86b7004baab0ab945b58f6dad8bbcd2973b8537d5cd94769d0a283ff43890da364b0f280907835bc947658d644d5439bb23ad1241019d83b5432cd52334a0703f1d73f02ea606bbe1cd74fbbbafec7c716bf5de4b0a439a2c540ba7fd6cca58415e25c21378f619cf72fbb691d9755a7ff335098459716dd5756b2fb4e3a8ac81b5f5aba514dd2f67e8fa7e43012b32783f89929bb42c7", @ANYRESHEX=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='blkio.bfq.io_service_time_recursive\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000e9ff00000400000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES8, @ANYRES8=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xdeb9065d, @void, @value}, 0x94) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='mm_page_free_batched\x00', r8, 0x0, 0x334}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r9}, 0x10) (async)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r10, &(0x7f0000000180), 0x40010) (async, rerun: 64)
syz_emit_ethernet(0x3e, 0x0, 0x0) (rerun: 64)

856.036878ms ago: executing program 4 (id=1210):
perf_event_open(&(0x7f0000000b00)={0x5, 0x80, 0x0, 0x8, 0x5, 0xb, 0x0, 0xfffffffffffffffd, 0x84c0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000600), 0x4}, 0x100d07, 0x7ff, 0xa, 0x9, 0x9, 0x2, 0x15, 0x0, 0x100001ff, 0x0, 0x7ffffffffffffffe}, 0x0, 0xc, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00')
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000001400)=ANY=[@ANYBLOB="180000000000000000000000000000de13050200000000000000f8ff00000000b70800020000000058500fe8b37922b9bfa300000000000007010000f8ffffffbfa400000000401807040000f0ffffffb702000008000000182300003ca6e4535c22e4f58d8137adae834cd3c928fdd91cdc4fc16ba6705efe1ba9c7a38a0eb49f9d95de2ee1c9f6b54234428176f7bc5346f1a341ff48fd5b134374f0e4f785e6fd8c6d6c41c227e7f35dec95dfa24a14971f1850f1a6b6a056f7a7f4d367021dac7fbfd753602567b5e2a47e2218e272983d7f28709a26ac363e4f2216c9431b1af290517a2f549922308f609f446f95c6d3e12a50ee61cd37050ca998a7d18e17150b5875a8ac264c770d2a441caf6f765bebb8de28b2aafa2d2f173a97d3bd7207c83e6ce46f36b1205f71f8ca86aa0d5634ebee245414b5f7de358f9b4350e213e3db79b08a8ad3f518db7b1e7efc7b9e392c112d7861725450732e3b98d0870c8d3fe990111bf7522e4913f9af4b0e625e0cdc067dfe57c07e950c8d4bc706622420f12201c5d654dd0ab932725e6aac486472586dd3b3fb1bd344497c3474e4bfd5010a1bc88563c4b8c4feeda5fb31847914c9f9c9f97a51000000003129a9d407fab1a0ff92f54606f2bb896242c7e3b20a6641d63de1b9ac0a63e7e1bce6de06ef1cbfceca2c3f240a47343ad33ec1e02f95f249018041a9b8eff7d7316624aeed13744995c1b769d114d83fc536575b8c1814f2cdc780836c7e360df857e009cacc8f10771eda3f629e671a0b499e6ec161439ca9a9bdca54accb963a756670", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b705000008000000850000"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x2}]})
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x1a, &(0x7f0000000580)=[{}], 0x8, 0x10, &(0x7f0000000440), &(0x7f00000005c0), 0x8, 0x4000004, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r6, &(0x7f00000013c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {0x0}], 0x2)
ioctl$IMADDTIMER(r6, 0x80044940, &(0x7f0000000000))
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)=ANY=[@ANYBLOB="1eb1f2e08cfd49e756556cf53cabeaeb8eb1c3ecb7e4c01082e87d9d977e0548cf822495ee5d794133788e82489dbce7e979da75d4890ef95fdf4f05dfba96c80d92529dfb2e0fcc156b7c5f76543030532e9b99928985714f770fe893a0893d237626992277973961eef585aaadcb3d79b4fc9aa90584115dfcc18a2905896d591f1b46ece07a5bce16eae6b495902e992cd72fb9bfb53800000000", @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600"], 0x44}}, 0x0)
epoll_create1(0x80000)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x3)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
r8 = syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f0000000100), 0x1, 0x4c4, &(0x7f0000003700)="$eJzs209sFNUfAPDvbHdpCz9+9McPURB1EY2NxhYKCgcvGE08YGLEgx6bthCkUENrIoRISQweDYl349GrB6/qzXgy8YpHE0NCDBfA05rZnWn3b2nLtgvs55Ns+97sm3nvu/Pe7Nt5uwH0rXL6J4n4T0TciIgdtWxjgXLt393bl6fu3b48FYuVysm/k2q5O2k+k++3LcuMFiIKXyRNB6yZv3jp7OTs7MyFLD++cO6T8fmLl149c27y9MzpmfMTx44dOXzo6OsTr609qDb1pXHd2fv53L4973x0/d2pYr59KPtfH0e3lKPcrilVL3a7sh7bXpdOij1sCGsyEBHp6SpVx/+OGAgnD/pFpVKpDHZ+erHS7GrLFuCRlUSvWwD0Rv5Gn37+zR+bNPV4KNw6XvsAlMZ9N3vUnilGIStTavp8m1vsQv1DEfHh4j/fpI/YoPsQAAD1fjqezwQb5n+XD0TE7rpy/83WUEYi4n8RsTMi/h8RuyLiiazskxHxVNPxyxFRWaH+clO+df5TuPmgMa4knf+9ka1tNc7/8tlfjAxkue0R+YR55mD2moxGafDUmdmZQ/UHTRrXoH5+6/evOtVfrpv/pY+0/nwumLXjZrHpBt305MLkAweeuTUasbfYHH9STAOorQQMV//uiYi9azjuSF36zMvf7VvKlBrLtY+/ZdWsUt2ypWlrF5YqKt9GvFQ7/4vRcP6X25CsvD45PhSzMwfH015wsG0dv/527b1O9d/3/P/wZ/Mubx/98eSDhr3k1tWIrXX9P/L12+X4R5KIZGm9dn7tdVz748uOn2lW1/+vNOyT9v8tyQfVdN4lPptcWLhwKGJLcqJ1+8Tyvnk+L5/GP3qg/fjfme2TvhJPR0TaiZ+JiGcj4rms7fsj4vmIOLBC/L+8+cLH649/Y6XxT7e9/jWc/+X1+vkTeeLiahMDZ/ffuNfh4rG683+kmhrNtrS//iUNF43VNrALLyEAAAA89ApR/e5/YWwpXSiMjdXuAe2KrYXZufmFV07NfXp+uvYbgZEoFfI7XbX7waUkv/85UpefaMofzu4bfz0wXM2PTc3NTvc6eOhz26pjPmkZ/6m/BnrdOmDD+ckP9K+2479uOW339U1sDLCpvP9D/6ob/51+07LomzLweGr//l/a9HYAm6/d+L+yjn2AR0vFWIa+ZvxD/yrG+0vpworlgMeNcQ19afW/4l9PojLY/qmhaC0cQxvTjOE2dfUkkc6selL78Hr2yr/+1bFMFO53nGJDHxuM1jID0ZNzcXp31zt/JfuufLeb+v3K4zSfrm/AC7W51yEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICN8m8AAAD//2+z1xU=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000900)='.\x00', 0x0, 0x0)
getdents64(r9, &(0x7f0000000300)=""/59, 0x3b)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r9, 0x84, 0x18, &(0x7f00000002c0)={<r10=>0x0, 0x4}, &(0x7f0000000a40)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x82, &(0x7f0000000000)={r10, 0x1}, &(0x7f0000000400)=0x8)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
lgetxattr(0x0, &(0x7f0000000a80)=ANY=[@ANYRES8=r5, @ANYRES64=r8, @ANYBLOB="e9f6f1df89c04b9031de63ab270168459ef59b2787909225f8f2585d9fc7407084cc4894ff6ff944b7b33b214ad473ef6d1d39decd570c3f1aa90e915d4f7c468269a38db443ab31dc7ee23e3c0585dba6e17f55b864ac0585825a4b814865a52c09aa431fe1d195b7a70ac852659f185380b98377", @ANYRES8, @ANYRES8=r2], 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

748.34703ms ago: executing program 3 (id=1211):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x18}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x2, 0x8, 0xc, 0x7}, {0x1, 0x0, 0x9, 0x401, 0x0, 0x7fffffff}, 0x2000001, 0x1000, 0x575}}, @TCA_TBF_RATE64={0xc, 0x4, 0x274bdcb7db3981e2}, @TCA_TBF_PRATE64={0xc, 0x5, 0xe1e31d5aa9748ab8}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x404}, 0x0)

689.446531ms ago: executing program 3 (id=1212):
unshare(0x2c020400)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0xdfffffff, 0x800, 0x0, 0x1}, 0x20)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000001c0)={0x2c})
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080))
lchown(0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
close(r1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
pselect6(0x40, &(0x7f0000000000)={0x1, 0x1, 0x1, 0x9, 0x7, 0x1, 0x8, 0x6}, &(0x7f00000000c0)={0xd37, 0x2, 0xa1c, 0xe7c4, 0xdf5, 0x2, 0x5, 0x1}, &(0x7f0000000100)={0x6, 0x812, 0x2, 0x10, 0x1, 0x400, 0x401, 0xffff}, &(0x7f0000000140), &(0x7f0000000240)={&(0x7f0000000180)={[0x5]}, 0x8})
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a000000020000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="05130000"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000003c0)={0x0, 0x5}, 0x8)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, 0x0)
msgsnd(0x0, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
unshare(0x10000)
msgrcv(0x0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)

594.444412ms ago: executing program 1 (id=1213):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x3}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) (async)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10) (async, rerun: 64)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84) (async, rerun: 64)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x85, &(0x7f00000000c0)={r5, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0xfffffffc}, &(0x7f00000001c0)=0x9c) (async)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0) (async, rerun: 32)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000340)={'veth1_to_bond\x00'}) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="79129800000000006113280000000000bf2020000000000004000000080063033d030100000000009500003a000000006916000000000000bf6700000000000066060500fcff03006706000002000000760300000ee60060bf050000000000002c650000000000006507f9ff01000000070700004cdfffff1e75040000000000bf54000000000000070400000400f9ffad43010000000000d5000000000000000500000000000000950000000000000032410000000000000054bb12dc8c27df8ecfc7bdd2d17f2f1754558f22dd399703d6c4f6f3be0b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf7a13ba1fcf1111ce4fc0d742a81762bab8395fa64810b5b40d893ea8fe0ffffff7f1b546cad3f1d5af65706fd4f68795cce6cf16ab689b555202da2e0ec2871a51445dc8da39e5b0ab71ca9b901627b562ed84b026002d4519af619e3cca4d69e0dee080006774a8f3e691700ec88158f02001b0000c81c8b297dff0445a13d0045fb3cda32a673a6bb55d8c80800dce431e56723888fb126a1403d2b63f16fb2ad9bc117aba7cbebe174aba210d739a018f9bbec63222d20cedbc4d03723f1c932b3a6aa57f1ad2e99e0e67a993716d20000009f0f53acbb40b401e3738270b3156268784f2af9e4bcf8b07a10d6735154be1602f9dd1d7d4301e00000000000460bcc5989ec85e3cbcb6bcfaf0000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d0861cd64722cf74686ebfbe2562671cd47840f81d2a8f8f9be3bcd19dc6840aa7afaab43176e65ec1118d50d1e80100008000000000887a5ad103649afa17690884f800031e03a651bb96589a7eab049b1bd47287cd31cc43ea0ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f37ca363f601ae899a56715a0a62a26a0f6a5480a55c22fe394ae0000000000000000000000000000437d57defb79ea000500000000000000000000f014a4a318ba48d35ae9f438000000000000db894b62a614cb1fdd46619c5d2200000000000700000000000000000000006dcd2f421400f69947e4f26e099c9e8369080663c909b7e7c87e3b5e8e5a6df77c8f7338cd5a85f211a41b5d529d4243e47d7ab0d5991756b59d363ba30b18fc2ff189a4e8db38ab97c6a125e2785619e84c6a2b50f0e3ff83ef5149aff43dc899fdebdc2c496e6bdd4dd4d21f06fe133f4444272c5f0839ad663100452a6c6b6421f7e89a33b339401eee2cd466ab2a93a1ee7fb8a9e455ba1c6e17b02a1cd7bf35d36cf5b2a0f063469ae0d0b9fc042b48e98626eb0f9754d8cbbefa3079fe63063047baff09e9aaf7600000fba9a88db9ebef86f7cb522a784bb6d37e5f802757a15c6735138b493db9df53440a63fc565a0b190a710ae1e6807cbeb415ac841e94b706974160a60a14e571274f333d23186143b95514c79b50994cb39cda343bda8f01cf8ec7cdfdace0289e83ce50a57d69bfecfaf69fe7ff5b0375a47d3eb57b41d8a0589b82a1cf1149ba3f21ea2b65433321eb1a6f04ecc713c2b26d27baa49e54c2babec86335b9f418b5a5eb997bc9dd65197124b9aa80fc4aa8defb986bf05c41b919886bb81ecd3d24cf9ecc7004000000000000002c70d32f5d55ef2a2cf7560cb2884f46a92b3c25550f73e407fc5d514b2b7a6b690e290e676266addb7d96e723dec9c418eec8c48dffb6f432b4d5fef16e4f0051ba7efc690022c3f62b37cb5682d8bfdfc637ad3bf089ef0117bcd395322fcfb8e8e0a6e2babceb5f289b1d991770681192bcd0b584c3497e455f30ab918a690514a87a7d8e1d5f169a4e680e9c390071d26f2e0e26fc062f2785f14c0404fe01fb4000000000000000577dcb1698a9021a36d73ed03651c1937b2c84046023a1a0a87b208e33ad2d7c2892b176877264e1d699b7401eb917b289f6f67060fda0fa44b54bd87517a2bf09dba7209e41db4288b61bda5960952c45e5c55f2cd68bf9c6ff33e46109584bf42e8696ef1876564fef6f24cbbed0db8ab7fda1ffcc8c9fd4ab2cbe8f8df8e5535b12a942a948eacdaf308d48932064cfc3329da74f6f3e4409d6764a29680e312bf1a0143180e6493c9201ea916e6c9b2566c558ad88d9f7c0aebf82f5807eecefa97ada9bbd9e478e5d7748ee188bc719ca7a73dce5b6758a767c4c6b7572ab25eb2d73986379d5685cb438fe7091d097cc8f33fc0f83dee76603d6580f1c8fc4c37efd305ccc5a25678180425718bb9344e60dda8dae2677bb602d29aa0810616a2fdbca7020d72291b592b84223e2522ee01f5bdaa0fc4eb8d71d948a2baccf3ea2aa79d4d9069d8c0000000000000000000000321cd67859b4567badee56f158406f08683bdc5ffe2dedc916000c71f922fa2dfead7535999436a4aeb908781893479319b8b55e00d90ae6f09f06be2a0fc0bc17bef53331208112a0132350c0c5dd4607547079acc9471300dea6ae01742dccdae69f932cef80bca1bfcb57b9c852cf8358a580044772a80f20de36f707385380155be8907029d039a1d1447fc06b7020221e0d439f3f47edcf12f913dc8b6389a540340ae37804728ea65352e630c2e90424d58d72fdc1b28403e1dc7aad238b81df3b2d4166d656c6a9c73554bdf4f7312a4c0271e0eb45b4a596b7fa928ac3683f09fdaca46226c1df2c6c866cb4412d17d3d52c38cf0f7bd3b0eea2d4e06d061bb1b7c8c52f37f4036932d00028abd4527f5649bd60df638596fd639d7b16860033754ab13419429e5e39f290751ab6bd9392aef5519cd8c16e1f1cb1f225cc84a1a62497c1e436142fe28048a2b4d133905814a1808bc5b3e45eaa9eaebd946bee806968aeeb5a9eed87eba3d25d0b412a1b4cf2d419a58b09fc275c4395a0bd332eb538321465043e5967dd22459d0f52190a37f93ab823431a81fa6f54de61637fd473e19a6f567fead100e7d8cac149b66ebe9973af846146c62065a64854ed21e8b6f6fbe78474b753915a42efcb7da8ad18bacff8d69e0af1ca1f8174530a21820738412b100b54ee9b4a0dc22d5fe1cadecaea73fbfad087b19ce53177488d230539c5174f572a539d9d7c42698aa82bccf030ad393f25c10baa17e919f647d0e31877b7a6c1d8d86583f884a0c1da07b9b6dced06cdeb0094aa635a82f233b5993926b8970a0840ba116a7d20a40efb3bd03c4bdf380a2510a0a1ea69811ded68943c71218b42783b38959753978f222e1396b9b36dee2ce205122a000577cab29f48bff4f88c417e6bf5fb430d925596f29aca8677ca5a113aeaa5e0252ca17244d6c76e78ff1bbd81a71c4dfc72431d7f1126f8bdbf4056ee0f58a1bf83d53b1de07489541182dc4ee0f573c25b6c15dad930bc7a770b5a4f407d7a879db7185f15f80100000000000000739cc97db66ec6b925955d9a591808947fdd8d484ad27353230a449fdf87fc46c73b852fec931cfb6718acf3315bf5e577d00beb77c5514bc05d576a81345a03ad7aae74c5d2b77d45718348aed4fcbcd1441ff31b8f038824a989a9446a4a69367b228b3d174230b7320fc4d3c03368db573816dd0c04e65d6f8ce48283e76abdddbb965e0b2568e93c9cc5494a55421793f562c50c53f876cbde93c5cc7a3099c99d9775af010ba093f8a13b771782a3cfb24fbde6ef763e20c613164ab014d1906c4e098f1431b6b2886a155c4bac2911d7ee6a646f5913205ebd175e68975b93c330e4f9131788026b3b7cd5b6452c9e17452ac70000000000000000000000c71185f72436640fd4294fc3da230f9065095be47d7a848df12316c3c8b184fe110b061987fd79cf7d83443e69d08e2e839ae4fbe26ef7764f4870ef3bd0ec12eb45f60ca10dbfe329271f0bc93b28798e982e0dd32fc14bd4313c63b2dbb568f33fb45acad2dc7f438ea162c0709c0bbe1ea13e1e47399286e8143f400d7adf5f69e455706626814ee49274667f47769293451fd49885a152b8d2cf18febc7993f4a93893c6c7b7e46a230359ef2443e6bb9f50bb0faa5eaafd3ed6d551600c46b58a29fd7ccbbb0616f0be27302b683eccd742791d97f4a1daa0447f004426fd09b67d926f51525da63987bc73af35b28277879089b89fff6edab2fa1caf660a46a1a9f09e2d095b1c4be95c7c33dc81857f580e36c0a78d94dd879ee18de4a6475858d2ded2e3427ae007cc6f8e5e99aa146667f71ad83f3ddcf5db2dc396d7da499b65cd98125f20c284fc84d6a70be1de44b49c82022225292199c75cc26beab98dce4c331ed722f01d0d6314a72416814a565f4d90a5f8a255810f23541082f4b06f451e4724cd882f4d589600000000005854ca490d7df9cc293547c9a51aecc7a92f417f6a4d327737f1b198252358832dbe43507844a0cc112af4ce457c173fa64174ffd5ab9501eeb85508ebb60e169c0736c5960f2fe08735d6a7aa7c1f4a6433e77d3e547bbe6cf5b5d93a491ab4bba1ea7a1e6f37618b1d74cff3630d85a210092211be1ec12a30891eef590b19cdde055d626818c64e1c56b8918f33441a64b54946571b7bc70fb065d3bb1647f6f989ab8159e6d1cfa6c0ec7329d7d2263ca22144bf17d8692f03b592bd0f610096094da096233984e95b9a8216a6e60a104ae0bb5f77ac70b4390ea2cb6f6c40c928fae489f447240a25fd0a5bd9d5b6cd2a98f8804862922c11229c4e45c765e4d3348af3d3aadd5cc24b39437f1ea2df0000000000000000000000000022b90d93a267f3af4e02606f0ce6c2ffc4cab575a09d6e625f3248689005eb4a9c8df3c67e6b2b759cab3a7bedf1b927cd8ba6d13b3e7d7279515e3d6d20"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

434.100144ms ago: executing program 3 (id=1214):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r0, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

433.186404ms ago: executing program 3 (id=1215):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
listxattr(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000000c0)={[{@data_err_ignore}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000300)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
sendfile(r1, r0, 0x0, 0x7ffff000)
timer_gettime(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210003, &(0x7f0000000540)={[{@acl}, {@barrier}, {@prjquota}, {@journal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@noacl}, {@acl}, {@noquota}]}, 0x0, 0x595, &(0x7f0000000f80)="$eJzs3V1rFNcbAPBnNq8a/38jiLS9KIIXtVg3JumLhYL2srRSob3XJVmDZONKdiMmFaoX9aY3RQqlVCj9AL3vpfQL9FMIrSBFQntRCltmM5usyW5ikg0bs78fjJ4zLznzzMxzcmZnNxtAzzqZ/pOLeDUivkkijjYt649s4cmV9Zaf3ZlKpyRqtc/+TCLJ5jXWT7L/R7LKKxHx61cRZ3Ib260sLs0WSqXifFYfq87dHKssLp29PleYKc4Ub0xMTp5/Z3Li/ffe7Visb17++/tPH310/utTy9/9/OTYgyQuxpFsWXMcu3C3uXKy8G9WGoiL61Yc70Bj+0nS7R1gR/qyPB+ItA84Gn1Z1gMH35cRUVuRqwE9Jqnn/8haPwD0iMY4oHFv36H74JfG0w9XboDqsQ82x9+/8tpIDNfvjQ4vJ8/dGaX3u6MdaD9t45c/Hj5Ip9j8dYhDW9QBtuXuvYg419+/sf9Psv5v587VXzze3Po2eu33D3TTo3T881ar8V9udfwTLcY/Iy1ydye2zv/ckw4001Y6/vug5fh3tesa7ctq/6uP+QaSa9dLxXMR8f+IOB0DQ2l9s+c555cf19otax7/pVPafmMsmO3Hk/6h57eZLlQLETG4m7gbnt6LeK2/VfzJ6vlPWpz/9HhcbvkTBzbMOVF8+Hq79reOf2/Vfop4o+X5X3uilWz+fHKsfj2MNa6Kjf66f+K3du13O/70/B/ePP7RpPl5bWX7bfw4/E+x3bKdXv+Dyef1ciMJbheq1fnxiMHkk3p9uHn+xNq2jXpj/TT+06c27/9aXf/pzdfVF4z//vH7V9tl6344/9PbOv/bLzz++Isf2rX/Yuf/7XrpdDYn6/9ay66VF93B3R4/AAAAAAAA2E9yEXEkklx+tZzL5fMr7+84HodzpXKleuZaeeHGdNQ/KzsaA7nGk+6jTe+HGM/eD9uoT6yrT0bEsYj4tu9QvZ6fKpemux08AAAAAAAAAAAAAAAAAAAA7BMjbT7/n/q9r9t7B+y5+hcbDHV7L4Bu2PIr/zvxTU/AvrRl/gMHlvyH3iX/oXfJf+hd8h96l/yH3iX/oXfJfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOioy5cupVNt+dmdqbQ+fWtxYbZ86+x0sTKbn1uYyk+V52/mZ8rlmVIxP1WeW7/98Lp6qVy+OT4RC7fHqsVKdayyuHRlrrxwo3rl+lxhpnilOLC2am7vowMAAAAAAAAAAAAAAAAAAICXQ2VxabZQKhXnD3ShNrSbSC/E/ohizwoXsothR5v3d2o3Gn8PottH48AV7mUHdntbdalDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAW/gsAAP//OqIpkg==")
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r3, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81008e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

268.129136ms ago: executing program 1 (id=1216):
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000200), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000540)="8d", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000380)='asymmetric\x00', &(0x7f0000000500)=@keyring={'key_or_keyring:', r2})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r4)

0s ago: executing program 4 (id=1217):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
listxattr(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000000c0)={[{@data_err_ignore}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x3ffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000300)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_getoverrun(0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x7ffff000)
timer_gettime(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_free\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210003, &(0x7f0000000540)={[{@acl}, {@barrier}, {@prjquota}, {@journal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@noacl}, {@acl}, {@noquota}]}, 0x0, 0x595, &(0x7f0000000f80)="$eJzs3V1rFNcbAPBnNq8a/38jiLS9KIIXtVg3JumLhYL2srRSob3XJVmDZONKdiMmFaoX9aY3RQqlVCj9AL3vpfQL9FMIrSBFQntRCltmM5usyW5ikg0bs78fjJ4zLznzzMxzcmZnNxtAzzqZ/pOLeDUivkkijjYt649s4cmV9Zaf3ZlKpyRqtc/+TCLJ5jXWT7L/R7LKKxHx61cRZ3Ib260sLs0WSqXifFYfq87dHKssLp29PleYKc4Ub0xMTp5/Z3Li/ffe7Visb17++/tPH310/utTy9/9/OTYgyQuxpFsWXMcu3C3uXKy8G9WGoiL61Yc70Bj+0nS7R1gR/qyPB+ItA84Gn1Z1gMH35cRUVuRqwE9Jqnn/8haPwD0iMY4oHFv36H74JfG0w9XboDqsQ82x9+/8tpIDNfvjQ4vJ8/dGaX3u6MdaD9t45c/Hj5Ip9j8dYhDW9QBtuXuvYg419+/sf9Psv5v587VXzze3Po2eu33D3TTo3T881ar8V9udfwTLcY/Iy1ydye2zv/ckw4001Y6/vug5fh3tesa7ctq/6uP+QaSa9dLxXMR8f+IOB0DQ2l9s+c555cf19otax7/pVPafmMsmO3Hk/6h57eZLlQLETG4m7gbnt6LeK2/VfzJ6vlPWpz/9HhcbvkTBzbMOVF8+Hq79reOf2/Vfop4o+X5X3uilWz+fHKsfj2MNa6Kjf66f+K3du13O/70/B/ePP7RpPl5bWX7bfw4/E+x3bKdXv+Dyef1ciMJbheq1fnxiMHkk3p9uHn+xNq2jXpj/TT+06c27/9aXf/pzdfVF4z//vH7V9tl6344/9PbOv/bLzz++Isf2rX/Yuf/7XrpdDYn6/9ay66VF93B3R4/AAAAAAAA2E9yEXEkklx+tZzL5fMr7+84HodzpXKleuZaeeHGdNQ/KzsaA7nGk+6jTe+HGM/eD9uoT6yrT0bEsYj4tu9QvZ6fKpemux08AAAAAAAAAAAAAAAAAAAA7BMjbT7/n/q9r9t7B+y5+hcbDHV7L4Bu2PIr/zvxTU/AvrRl/gMHlvyH3iX/oXfJf+hd8h96l/yH3iX/oXfJfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOioy5cupVNt+dmdqbQ+fWtxYbZ86+x0sTKbn1uYyk+V52/mZ8rlmVIxP1WeW7/98Lp6qVy+OT4RC7fHqsVKdayyuHRlrrxwo3rl+lxhpnilOLC2am7vowMAAAAAAAAAAAAAAAAAAICXQ2VxabZQKhXnD3ShNrSbSC/E/ohizwoXsothR5v3d2o3Gn8PottH48AV7mUHdntbdalDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAW/gsAAP//OqIpkg==")
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r3, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81008e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

kernel console output (not intermixed with test programs):

ge from 0 to 128
[   90.095231][ T5731] EXT4-fs: Ignoring removed nobh option
[   90.134850][ T3524] loop4: p4 start 8388607 is beyond EOD, truncated
[   90.148727][ T5707]  loop4: p2 p3 p4
[   90.152708][ T5707] loop4: p2 start 452985600 is beyond EOD, truncated
[   90.159618][ T5707] loop4: p3 size 33554432 extends beyond EOD, truncated
[   90.161912][ T5731] ext4 filesystem being mounted at /147/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.167427][ T5707] loop4: p4 start 8388607 is beyond EOD, truncated
[   90.218035][ T5744] loop1: detected capacity change from 0 to 512
[   90.298028][ T5744] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.358325][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   90.419274][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   90.504278][ T5768] capability: warning: `syz.0.740' uses deprecated v2 capabilities in a way that may be insecure
[   90.523106][ T5770] netlink: 36 bytes leftover after parsing attributes in process `syz.3.742'.
[   90.532033][ T5770] netlink: 16 bytes leftover after parsing attributes in process `syz.3.742'.
[   90.535939][ T5774] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   90.540953][ T5770] netlink: 36 bytes leftover after parsing attributes in process `syz.3.742'.
[   90.558137][ T5773] netlink: 16 bytes leftover after parsing attributes in process `syz.1.741'.
[   90.592416][ T5770] netlink: 36 bytes leftover after parsing attributes in process `syz.3.742'.
[   90.627590][ T5779] loop3: detected capacity change from 0 to 128
[   90.636401][ T5779] EXT4-fs: Ignoring removed nobh option
[   90.646325][ T5782] FAULT_INJECTION: forcing a failure.
[   90.646325][ T5782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.654563][ T5783] loop0: detected capacity change from 0 to 128
[   90.659852][ T5782] CPU: 0 UID: 0 PID: 5782 Comm: syz.1.745 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   90.659892][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.659956][ T5782] Call Trace:
[   90.659964][ T5782]  <TASK>
[   90.660002][ T5782]  __dump_stack+0x1d/0x30
[   90.660089][ T5782]  dump_stack_lvl+0xe8/0x140
[   90.660117][ T5782]  dump_stack+0x15/0x1b
[   90.660140][ T5782]  should_fail_ex+0x265/0x280
[   90.660187][ T5782]  should_fail+0xb/0x20
[   90.660220][ T5782]  should_fail_usercopy+0x1a/0x20
[   90.660251][ T5782]  _copy_to_user+0x20/0xa0
[   90.660378][ T5782]  bpf_verifier_vlog+0x2c5/0x5b0
[   90.660481][ T5782]  ? __rcu_read_unlock+0x4f/0x70
[   90.660514][ T5782]  __btf_verifier_log+0x7f/0xb0
[   90.660552][ T5782]  ? btf_parse_hdr+0x1aa/0x3b0
[   90.660673][ T5782]  ? should_failslab+0x8c/0xb0
[   90.660710][ T5782]  btf_parse_hdr+0x1bd/0x3b0
[   90.660737][ T5782]  btf_new_fd+0x241/0x790
[   90.660846][ T5782]  bpf_btf_load+0x112/0x130
[   90.660876][ T5782]  __sys_bpf+0x561/0x790
[   90.660911][ T5782]  __x64_sys_bpf+0x41/0x50
[   90.660962][ T5782]  x64_sys_call+0x2478/0x2fb0
[   90.660991][ T5782]  do_syscall_64+0xd2/0x200
[   90.661033][ T5782]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   90.661126][ T5782]  ? clear_bhb_loop+0x40/0x90
[   90.661156][ T5782]  ? clear_bhb_loop+0x40/0x90
[   90.661188][ T5782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.661220][ T5782] RIP: 0033:0x7f58f791e969
[   90.661241][ T5782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.661274][ T5782] RSP: 002b:00007f58f5f87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.661299][ T5782] RAX: ffffffffffffffda RBX: 00007f58f7b45fa0 RCX: 00007f58f791e969
[   90.661403][ T5782] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 0000000000000012
[   90.661421][ T5782] RBP: 00007f58f5f87090 R08: 0000000000000000 R09: 0000000000000000
[   90.661438][ T5782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.661454][ T5782] R13: 0000000000000000 R14: 00007f58f7b45fa0 R15: 00007ffe9ff962f8
[   90.661483][ T5782]  </TASK>
[   90.888163][ T5783] EXT4-fs: Ignoring removed nobh option
[   90.889442][ T5779] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.911375][ T5783] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.991322][ T5797] FAULT_INJECTION: forcing a failure.
[   90.991322][ T5797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.004667][ T5797] CPU: 1 UID: 0 PID: 5797 Comm: syz.1.751 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   91.004699][ T5797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.004777][ T5797] Call Trace:
[   91.004785][ T5797]  <TASK>
[   91.004795][ T5797]  __dump_stack+0x1d/0x30
[   91.004821][ T5797]  dump_stack_lvl+0xe8/0x140
[   91.004846][ T5797]  dump_stack+0x15/0x1b
[   91.004868][ T5797]  should_fail_ex+0x265/0x280
[   91.004896][ T5797]  should_fail+0xb/0x20
[   91.004923][ T5797]  should_fail_usercopy+0x1a/0x20
[   91.004963][ T5797]  _copy_from_user+0x1c/0xb0
[   91.004994][ T5797]  __sys_bpf+0x178/0x790
[   91.005021][ T5797]  __x64_sys_bpf+0x41/0x50
[   91.005070][ T5797]  x64_sys_call+0x2478/0x2fb0
[   91.005147][ T5797]  do_syscall_64+0xd2/0x200
[   91.005191][ T5797]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.005227][ T5797]  ? clear_bhb_loop+0x40/0x90
[   91.005255][ T5797]  ? clear_bhb_loop+0x40/0x90
[   91.005304][ T5797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.005332][ T5797] RIP: 0033:0x7f58f791e969
[   91.005348][ T5797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.005367][ T5797] RSP: 002b:00007f58f5f87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.005385][ T5797] RAX: ffffffffffffffda RBX: 00007f58f7b45fa0 RCX: 00007f58f791e969
[   91.005397][ T5797] RDX: 0000000000000018 RSI: 0000200000000380 RDI: 0000000000000006
[   91.005418][ T5797] RBP: 00007f58f5f87090 R08: 0000000000000000 R09: 0000000000000000
[   91.005434][ T5797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.005450][ T5797] R13: 0000000000000000 R14: 00007f58f7b45fa0 R15: 00007ffe9ff962f8
[   91.005488][ T5797]  </TASK>
[   91.017265][ T5801] loop2: detected capacity change from 0 to 128
[   91.211129][ T5801] EXT4-fs: Ignoring removed nobh option
[   91.224807][ T5801] ext4 filesystem being mounted at /168/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   91.273800][ T5808] netlink: 36 bytes leftover after parsing attributes in process `syz.1.754'.
[   91.282932][ T5808] netlink: 16 bytes leftover after parsing attributes in process `syz.1.754'.
[   91.291906][ T5808] netlink: 36 bytes leftover after parsing attributes in process `syz.1.754'.
[   91.300922][ T5808] netlink: 36 bytes leftover after parsing attributes in process `syz.1.754'.
[   91.360476][ T5813] FAULT_INJECTION: forcing a failure.
[   91.360476][ T5813] name failslab, interval 1, probability 0, space 0, times 0
[   91.373385][ T5813] CPU: 1 UID: 0 PID: 5813 Comm: syz.1.756 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   91.373453][ T5813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.373470][ T5813] Call Trace:
[   91.373479][ T5813]  <TASK>
[   91.373490][ T5813]  __dump_stack+0x1d/0x30
[   91.373519][ T5813]  dump_stack_lvl+0xe8/0x140
[   91.373545][ T5813]  dump_stack+0x15/0x1b
[   91.373575][ T5813]  should_fail_ex+0x265/0x280
[   91.373596][ T5813]  should_failslab+0x8c/0xb0
[   91.373628][ T5813]  kmem_cache_alloc_noprof+0x50/0x310
[   91.373666][ T5813]  ? skb_clone+0x151/0x1f0
[   91.373777][ T5813]  skb_clone+0x151/0x1f0
[   91.373878][ T5813]  __netlink_deliver_tap+0x2c9/0x500
[   91.373927][ T5813]  netlink_sendskb+0x126/0x150
[   91.373964][ T5813]  netlink_unicast+0x28a/0x670
[   91.374052][ T5813]  netlink_ack+0x4c8/0x500
[   91.374095][ T5813]  netlink_rcv_skb+0x192/0x220
[   91.374132][ T5813]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.374190][ T5813]  rtnetlink_rcv+0x1c/0x30
[   91.374207][ T5813]  netlink_unicast+0x5a1/0x670
[   91.374300][ T5813]  netlink_sendmsg+0x58b/0x6b0
[   91.374346][ T5813]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.374409][ T5813]  __sock_sendmsg+0x142/0x180
[   91.374431][ T5813]  ____sys_sendmsg+0x31e/0x4e0
[   91.374471][ T5813]  ___sys_sendmsg+0x17b/0x1d0
[   91.374554][ T5813]  __x64_sys_sendmsg+0xd4/0x160
[   91.374601][ T5813]  x64_sys_call+0x2999/0x2fb0
[   91.374630][ T5813]  do_syscall_64+0xd2/0x200
[   91.374702][ T5813]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.374729][ T5813]  ? clear_bhb_loop+0x40/0x90
[   91.374750][ T5813]  ? clear_bhb_loop+0x40/0x90
[   91.374798][ T5813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.374827][ T5813] RIP: 0033:0x7f58f791e969
[   91.374878][ T5813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.374938][ T5813] RSP: 002b:00007f58f5f87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.374960][ T5813] RAX: ffffffffffffffda RBX: 00007f58f7b45fa0 RCX: 00007f58f791e969
[   91.374973][ T5813] RDX: 0000000004000080 RSI: 0000200000001200 RDI: 0000000000000003
[   91.374985][ T5813] RBP: 00007f58f5f87090 R08: 0000000000000000 R09: 0000000000000000
[   91.374998][ T5813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.375013][ T5813] R13: 0000000000000000 R14: 00007f58f7b45fa0 R15: 00007ffe9ff962f8
[   91.375039][ T5813]  </TASK>
[   91.621249][ T3422] net_ratelimit: 18 callbacks suppressed
[   91.621267][ T3422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   91.635794][ T1040] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   91.644361][ T1040] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   91.730664][ T5825] FAULT_INJECTION: forcing a failure.
[   91.730664][ T5825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.744430][ T5825] CPU: 1 UID: 0 PID: 5825 Comm: syz.2.759 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   91.744652][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.744670][ T5825] Call Trace:
[   91.744679][ T5825]  <TASK>
[   91.744688][ T5825]  __dump_stack+0x1d/0x30
[   91.744715][ T5825]  dump_stack_lvl+0xe8/0x140
[   91.744784][ T5825]  dump_stack+0x15/0x1b
[   91.744806][ T5825]  should_fail_ex+0x265/0x280
[   91.744833][ T5825]  should_fail+0xb/0x20
[   91.744852][ T5825]  should_fail_usercopy+0x1a/0x20
[   91.744876][ T5825]  _copy_to_user+0x20/0xa0
[   91.744977][ T5825]  simple_read_from_buffer+0xb5/0x130
[   91.745003][ T5825]  proc_fail_nth_read+0x100/0x140
[   91.745038][ T5825]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.745093][ T5825]  vfs_read+0x1a0/0x6f0
[   91.745115][ T5825]  ? percpu_counter_add_batch+0xb6/0x130
[   91.745185][ T5825]  ? __rcu_read_unlock+0x4f/0x70
[   91.745217][ T5825]  ? __fget_files+0x184/0x1c0
[   91.745250][ T5825]  ksys_read+0xda/0x1a0
[   91.745299][ T5825]  __x64_sys_read+0x40/0x50
[   91.745368][ T5825]  x64_sys_call+0x2d77/0x2fb0
[   91.745402][ T5825]  do_syscall_64+0xd2/0x200
[   91.745593][ T5825]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.745641][ T5825]  ? clear_bhb_loop+0x40/0x90
[   91.745675][ T5825]  ? clear_bhb_loop+0x40/0x90
[   91.745702][ T5825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.745771][ T5825] RIP: 0033:0x7fa1f54cd37c
[   91.745793][ T5825] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   91.745817][ T5825] RSP: 002b:00007fa1f3b37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.745842][ T5825] RAX: ffffffffffffffda RBX: 00007fa1f56f5fa0 RCX: 00007fa1f54cd37c
[   91.745860][ T5825] RDX: 000000000000000f RSI: 00007fa1f3b370a0 RDI: 0000000000000006
[   91.745944][ T5825] RBP: 00007fa1f3b37090 R08: 0000000000000000 R09: 0000000000000000
[   91.745958][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.745971][ T5825] R13: 0000000000000000 R14: 00007fa1f56f5fa0 R15: 00007ffe23d33688
[   91.745991][ T5825]  </TASK>
[   92.032841][ T5835] loop1: detected capacity change from 0 to 512
[   92.079427][ T5844] netlink: 36 bytes leftover after parsing attributes in process `syz.4.766'.
[   92.094539][ T5830] loop0: detected capacity change from 0 to 8192
[   92.145307][ T5835] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.764: corrupted in-inode xattr: invalid ea_ino
[   92.160007][ T5835] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.764: couldn't read orphan inode 15 (err -117)
[   92.172917][ T5747]  loop0: p2 p3 p4
[   92.176852][ T5747] loop0: p2 start 452985600 is beyond EOD, truncated
[   92.183642][ T5747] loop0: p3 size 33554432 extends beyond EOD, truncated
[   92.207605][ T5848] loop4: detected capacity change from 0 to 128
[   92.214702][ T5848] EXT4-fs: Ignoring removed nobh option
[   92.251286][ T5747] loop0: p4 start 8388607 is beyond EOD, truncated
[   92.251948][ T5848] ext4 filesystem being mounted at /145/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.270187][ T5830]  loop0: p2 p3 p4
[   92.274793][ T5830] loop0: p2 start 452985600 is beyond EOD, truncated
[   92.281583][ T5830] loop0: p3 size 33554432 extends beyond EOD, truncated
[   92.286999][ T5851] loop3: detected capacity change from 0 to 1024
[   92.306633][ T5830] loop0: p4 start 8388607 is beyond EOD, truncated
[   92.306906][ T5851] EXT4-fs: Ignoring removed i_version option
[   92.321844][ T5851] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.328675][ T5851] EXT4-fs: Ignoring removed nobh option
[   92.334439][ T5851] EXT4-fs: Ignoring removed bh option
[   92.423255][ T5858] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 145:freeing already freed block (bit 9); block bitmap corrupt.
[   92.440806][ T5859] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   92.449863][ T5859] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   92.458743][ T5859] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   92.467617][ T5859] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   92.502789][ T5861] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   92.557848][ T5864] loop0: detected capacity change from 0 to 128
[   92.611978][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   92.731529][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   92.763298][ T5870] loop3: detected capacity change from 0 to 2048
[   92.807335][ T5870] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.014344][ T5879] loop3: detected capacity change from 0 to 128
[   93.243506][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   93.393128][ T5891] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[   93.608691][ T5897] loop4: detected capacity change from 0 to 512
[   93.618432][ T5898] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   93.654645][ T5897] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.783: iget: bad i_size value: 38620345925642
[   93.669044][ T5897] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.783: couldn't read orphan inode 15 (err -117)
[   94.053098][  T296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   94.473867][ T1040] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   94.483017][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   94.491514][ T3391] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   94.492553][ T5907] ref_ctr_offset mismatch. inode: 0x33c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[   94.810868][   T37] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   94.829379][  T122] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   94.868418][   T29] kauditd_printk_skb: 152 callbacks suppressed
[   94.868439][   T29] audit: type=1400 audit(1748931624.060:3047): avc:  denied  { write } for  pid=5906 comm="syz.4.787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   94.936056][ T5911] loop1: detected capacity change from 0 to 128
[   94.956936][ T5911] EXT4-fs: Ignoring removed nobh option
[   94.964665][   T29] audit: type=1326 audit(1748931624.180:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[   95.010104][   T29] audit: type=1326 audit(1748931624.180:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[   95.033862][   T29] audit: type=1326 audit(1748931624.190:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa1f54cd2d0 code=0x7ffc0000
[   95.057596][   T29] audit: type=1326 audit(1748931624.190:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[   95.081121][   T29] audit: type=1326 audit(1748931624.190:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[   95.115242][ T5911] ext4 filesystem being mounted at /174/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.255925][   T29] audit: type=1326 audit(1748931624.441:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[   95.279461][   T29] audit: type=1326 audit(1748931624.441:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5912 comm="syz.2.790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[   95.302953][   T29] audit: type=1326 audit(1748931624.471:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5924 comm="syz.2.794" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x0
[   95.417983][ T5930] loop3: detected capacity change from 0 to 512
[   95.463077][ T5930] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.792: iget: bad i_size value: 38620345925642
[   95.479641][ T5930] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.792: couldn't read orphan inode 15 (err -117)
[   96.043783][   T29] audit: type=1326 audit(1748931625.253:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5940 comm="syz.4.798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x0
[   96.374519][ T5958] loop0: detected capacity change from 0 to 512
[   96.407366][ T5958] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.500176][ T5962] infiniband syz2: set active
[   96.505004][ T5962] infiniband syz2: added veth0_to_bond
[   96.521248][ T5962] RDS/IB: syz2: added
[   96.527482][ T5962] smc: adding ib device syz2 with port count 1
[   96.533824][ T5962] smc:    ib device syz2 port 1 has pnetid 
[   96.572221][ T5963] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #19: comm syz.0.805: corrupted inode contents
[   96.623538][ T5963] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #19: comm syz.0.805: mark_inode_dirty error
[   96.645009][ T5963] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #19: comm syz.0.805: corrupted inode contents
[   96.674232][ T5963] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #19: comm syz.0.805: mark_inode_dirty error
[   96.691788][ T5963] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #19: comm syz.0.805: mark inode dirty (error -117)
[   96.705001][ T5963] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[   96.802014][ T5967] loop2: detected capacity change from 0 to 2048
[   96.833107][ T5973] net_ratelimit: 57 callbacks suppressed
[   96.833124][ T5973] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.847219][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.856027][ T5967]  loop2: p1 < > p4
[   96.861477][ T5967] loop2: p4 size 8388608 extends beyond EOD, truncated
[   96.861661][ T5973] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.876801][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.878634][ T5967] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[   96.885213][ T5973] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.920812][ T3007]  loop2: p1 < > p4
[   96.929271][ T3007] loop2: p4 size 8388608 extends beyond EOD, truncated
[   96.931008][ T5973] __nla_validate_parse: 4 callbacks suppressed
[   96.931026][ T5973] netlink: 36 bytes leftover after parsing attributes in process `syz.0.810'.
[   96.951367][ T5973] netlink: 16 bytes leftover after parsing attributes in process `syz.0.810'.
[   96.960530][ T5973] netlink: 36 bytes leftover after parsing attributes in process `syz.0.810'.
[   96.975433][ T5973] netlink: 36 bytes leftover after parsing attributes in process `syz.0.810'.
[   96.986249][ T5973] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.994871][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   97.007571][ T5978] netlink: zone id is out of range
[   97.012898][ T5978] netlink: zone id is out of range
[   97.018242][ T5978] netlink: zone id is out of range
[   97.077135][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   97.089133][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   97.443989][ T6011] loop4: detected capacity change from 0 to 8192
[   97.522093][ T3308]  loop4: p2 p3 p4
[   97.528706][ T3308] loop4: p2 start 452985600 is beyond EOD, truncated
[   97.535581][ T3308] loop4: p3 size 33554432 extends beyond EOD, truncated
[   97.578104][ T3308] loop4: p4 start 8388607 is beyond EOD, truncated
[   97.747537][ T6029] bond0: entered promiscuous mode
[   97.752800][ T6029] bond_slave_0: entered promiscuous mode
[   97.758714][ T6029] bond_slave_1: entered promiscuous mode
[   97.831161][ T6029] batadv0: entered promiscuous mode
[   97.843216][ T6030] loop1: detected capacity change from 0 to 8192
[   97.862119][ T6029] 8021q: adding VLAN 0 to HW filter on device hsr1
[   97.886382][ T6029] bond0: left promiscuous mode
[   97.891347][ T6029] bond_slave_0: left promiscuous mode
[   97.897025][ T6029] bond_slave_1: left promiscuous mode
[   97.907327][ T5747]  loop1: p2 p3 p4
[   97.911555][ T5747] loop1: p2 start 452985600 is beyond EOD, truncated
[   97.918308][ T5747] loop1: p3 size 33554432 extends beyond EOD, truncated
[   97.928746][ T5747] loop1: p4 start 8388607 is beyond EOD, truncated
[   97.970816][ T6032] loop3: detected capacity change from 0 to 8192
[   98.007176][ T6029] batadv0: left promiscuous mode
[   98.466061][ T6042] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   98.474612][ T6011]  loop4: p2 p3 p4
[   98.481447][ T6032]  loop3: p2 p3 p4
[   98.486121][ T6030]  loop1: p2 p3 p4
[   98.490335][ T6011] loop4: p2 start 452985600 is beyond EOD, truncated
[   98.497061][ T6011] loop4: p3 size 33554432 extends beyond EOD, truncated
[   98.505937][ T6032] loop3: p2 start 452985600 is beyond EOD, truncated
[   98.512868][ T6032] loop3: p3 size 33554432 extends beyond EOD, truncated
[   98.520657][ T6030] loop1: p2 start 452985600 is beyond EOD, truncated
[   98.527432][ T6030] loop1: p3 size 33554432 extends beyond EOD, truncated
[   98.540205][ T6011] loop4: p4 start 8388607 is beyond EOD, truncated
[   98.548410][ T6030] loop1: p4 start 8388607 is beyond EOD, truncated
[   98.558802][ T6032] loop3: p4 start 8388607 is beyond EOD, truncated
[   98.685780][ T6045] netlink: 24 bytes leftover after parsing attributes in process `syz.4.831'.
[   98.741987][ T6047] bond0: entered promiscuous mode
[   98.747148][ T6047] bond_slave_0: entered promiscuous mode
[   98.753011][ T6047] bond_slave_1: entered promiscuous mode
[   98.771595][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   98.789297][ T6047] batadv0: entered promiscuous mode
[   98.795155][ T6047] 8021q: adding VLAN 0 to HW filter on device hsr1
[   98.796675][ T3846] udevd[3846]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   98.835584][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   98.869629][ T6047] bond0: left promiscuous mode
[   98.874577][ T6047] bond_slave_0: left promiscuous mode
[   98.880186][ T6047] bond_slave_1: left promiscuous mode
[   98.914587][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   98.946304][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   99.033958][ T6047] batadv0: left promiscuous mode
[   99.044659][ T6053] loop1: detected capacity change from 0 to 8192
[   99.096472][ T6055] loop3: detected capacity change from 0 to 8192
[   99.122210][ T6058] FAULT_INJECTION: forcing a failure.
[   99.122210][ T6058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.135475][ T6058] CPU: 1 UID: 0 PID: 6058 Comm: syz.2.835 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   99.135631][ T6058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.135644][ T6058] Call Trace:
[   99.135651][ T6058]  <TASK>
[   99.135660][ T6058]  __dump_stack+0x1d/0x30
[   99.135702][ T6058]  dump_stack_lvl+0xe8/0x140
[   99.135736][ T6058]  dump_stack+0x15/0x1b
[   99.135756][ T6058]  should_fail_ex+0x265/0x280
[   99.135798][ T6058]  should_fail+0xb/0x20
[   99.135820][ T6058]  should_fail_usercopy+0x1a/0x20
[   99.135876][ T6058]  _copy_from_user+0x1c/0xb0
[   99.135910][ T6058]  kstrtouint_from_user+0x69/0xf0
[   99.135935][ T6058]  ? 0xffffffff81000000
[   99.135948][ T6058]  ? selinux_file_permission+0x1e4/0x320
[   99.136019][ T6058]  proc_fail_nth_write+0x50/0x160
[   99.136163][ T6058]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   99.136194][ T6058]  vfs_write+0x269/0x8e0
[   99.136218][ T6058]  ? vfs_read+0x47f/0x6f0
[   99.136243][ T6058]  ? __rcu_read_unlock+0x4f/0x70
[   99.136273][ T6058]  ? __fget_files+0x184/0x1c0
[   99.136305][ T6058]  ? finish_task_switch+0xad/0x2b0
[   99.136334][ T6058]  ksys_write+0xda/0x1a0
[   99.136357][ T6058]  __x64_sys_write+0x40/0x50
[   99.136381][ T6058]  x64_sys_call+0x2cdd/0x2fb0
[   99.136450][ T6058]  do_syscall_64+0xd2/0x200
[   99.136598][ T6058]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.136634][ T6058]  ? clear_bhb_loop+0x40/0x90
[   99.136662][ T6058]  ? clear_bhb_loop+0x40/0x90
[   99.136684][ T6058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.136736][ T6058] RIP: 0033:0x7fa1f54cd41f
[   99.136770][ T6058] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   99.136794][ T6058] RSP: 002b:00007fa1f3b37030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   99.136819][ T6058] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa1f54cd41f
[   99.136888][ T6058] RDX: 0000000000000001 RSI: 00007fa1f3b370a0 RDI: 0000000000000008
[   99.136904][ T6058] RBP: 00007fa1f3b37090 R08: 0000000000000000 R09: 0000000000000000
[   99.136917][ T6058] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   99.136929][ T6058] R13: 0000000000000000 R14: 00007fa1f56f5fa0 R15: 00007ffe23d33688
[   99.136949][ T6058]  </TASK>
[   99.366728][ T6055]  loop3: p2 p3 p4
[   99.370725][ T6055] loop3: p2 start 452985600 is beyond EOD, truncated
[   99.377621][ T6055] loop3: p3 size 33554432 extends beyond EOD, truncated
[   99.398145][ T6055] loop3: p4 start 8388607 is beyond EOD, truncated
[   99.422632][ T6053]  loop1: p2 p3 p4
[   99.427918][ T6053] loop1: p2 start 452985600 is beyond EOD, truncated
[   99.434860][ T6053] loop1: p3 size 33554432 extends beyond EOD, truncated
[   99.466982][ T6065] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   99.484549][ T6053] loop1: p4 start 8388607 is beyond EOD, truncated
[   99.535450][ T6072] FAULT_INJECTION: forcing a failure.
[   99.535450][ T6072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.549125][ T6072] CPU: 1 UID: 0 PID: 6072 Comm: syz.2.841 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[   99.549156][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.549168][ T6072] Call Trace:
[   99.549175][ T6072]  <TASK>
[   99.549240][ T6072]  __dump_stack+0x1d/0x30
[   99.549269][ T6072]  dump_stack_lvl+0xe8/0x140
[   99.549349][ T6072]  dump_stack+0x15/0x1b
[   99.549370][ T6072]  should_fail_ex+0x265/0x280
[   99.549399][ T6072]  should_fail+0xb/0x20
[   99.549417][ T6072]  should_fail_usercopy+0x1a/0x20
[   99.549440][ T6072]  _copy_from_user+0x1c/0xb0
[   99.549510][ T6072]  copy_from_sockptr_offset+0x66/0xa0
[   99.549548][ T6072]  do_ipt_set_ctl+0x5c8/0x820
[   99.549579][ T6072]  ? __local_bh_enable_ip+0x70/0x80
[   99.549605][ T6072]  ? _raw_spin_unlock_bh+0x36/0x40
[   99.549631][ T6072]  ? tcp_release_cb+0xf1/0x370
[   99.549666][ T6072]  nf_setsockopt+0x196/0x1b0
[   99.549708][ T6072]  ip_setsockopt+0x102/0x110
[   99.549739][ T6072]  tcp_setsockopt+0x98/0xb0
[   99.549793][ T6072]  sock_common_setsockopt+0x66/0x80
[   99.549818][ T6072]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   99.549844][ T6072]  __sys_setsockopt+0x184/0x200
[   99.549884][ T6072]  __x64_sys_setsockopt+0x64/0x80
[   99.549983][ T6072]  x64_sys_call+0x2bd5/0x2fb0
[   99.550005][ T6072]  do_syscall_64+0xd2/0x200
[   99.550080][ T6072]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.550114][ T6072]  ? clear_bhb_loop+0x40/0x90
[   99.550185][ T6072]  ? clear_bhb_loop+0x40/0x90
[   99.550212][ T6072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.550234][ T6072] RIP: 0033:0x7fa1f54ce969
[   99.550252][ T6072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.550276][ T6072] RSP: 002b:00007fa1f3b37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   99.550308][ T6072] RAX: ffffffffffffffda RBX: 00007fa1f56f5fa0 RCX: 00007fa1f54ce969
[   99.550321][ T6072] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[   99.550333][ T6072] RBP: 00007fa1f3b37090 R08: 0000000000000570 R09: 0000000000000000
[   99.550345][ T6072] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000001
[   99.550357][ T6072] R13: 0000000000000000 R14: 00007fa1f56f5fa0 R15: 00007ffe23d33688
[   99.550378][ T6072]  </TASK>
[   99.926660][   T29] kauditd_printk_skb: 159 callbacks suppressed
[   99.926677][   T29] audit: type=1400 audit(1748931629.062:3216): avc:  denied  { create } for  pid=6076 comm="syz.3.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   99.928973][ T6081] netlink: 20 bytes leftover after parsing attributes in process `syz.3.844'.
[   99.932973][   T29] audit: type=1400 audit(1748931629.072:3217): avc:  denied  { connect } for  pid=6076 comm="syz.3.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   99.981559][   T29] audit: type=1400 audit(1748931629.092:3218): avc:  denied  { bind } for  pid=6076 comm="syz.3.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   99.983084][ T6082] siw: device registration error -23
[  100.056208][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  100.116131][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  100.130764][   T29] audit: type=1326 audit(1748931629.353:3219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.154334][   T29] audit: type=1326 audit(1748931629.353:3220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.177854][   T29] audit: type=1326 audit(1748931629.353:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.201144][   T29] audit: type=1326 audit(1748931629.353:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.224827][   T29] audit: type=1326 audit(1748931629.353:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.227561][ T6085] loop1: detected capacity change from 0 to 8192
[  100.248380][   T29] audit: type=1326 audit(1748931629.353:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.258427][ T6092] FAULT_INJECTION: forcing a failure.
[  100.258427][ T6092] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.278163][   T29] audit: type=1326 audit(1748931629.353:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.0.843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  100.314812][ T6092] CPU: 1 UID: 0 PID: 6092 Comm: syz.2.845 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  100.314851][ T6092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.314864][ T6092] Call Trace:
[  100.314869][ T6092]  <TASK>
[  100.314876][ T6092]  __dump_stack+0x1d/0x30
[  100.314897][ T6092]  dump_stack_lvl+0xe8/0x140
[  100.314920][ T6092]  dump_stack+0x15/0x1b
[  100.315013][ T6092]  should_fail_ex+0x265/0x280
[  100.315083][ T6092]  should_fail+0xb/0x20
[  100.315101][ T6092]  should_fail_usercopy+0x1a/0x20
[  100.315131][ T6092]  _copy_from_user+0x1c/0xb0
[  100.315158][ T6092]  __x64_sys_sendfile64+0x88/0x150
[  100.315188][ T6092]  x64_sys_call+0xb39/0x2fb0
[  100.315232][ T6092]  do_syscall_64+0xd2/0x200
[  100.315271][ T6092]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.315319][ T6092]  ? clear_bhb_loop+0x40/0x90
[  100.315404][ T6092]  ? clear_bhb_loop+0x40/0x90
[  100.315434][ T6092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.315456][ T6092] RIP: 0033:0x7fa1f54ce969
[  100.315473][ T6092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.315492][ T6092] RSP: 002b:00007fa1f3b37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  100.315516][ T6092] RAX: ffffffffffffffda RBX: 00007fa1f56f5fa0 RCX: 00007fa1f54ce969
[  100.315646][ T6092] RDX: 0000200000000100 RSI: 0000000000000007 RDI: 0000000000000006
[  100.315658][ T6092] RBP: 00007fa1f3b37090 R08: 0000000000000000 R09: 0000000000000000
[  100.315671][ T6092] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000001
[  100.315688][ T6092] R13: 0000000000000000 R14: 00007fa1f56f5fa0 R15: 00007ffe23d33688
[  100.315722][ T6092]  </TASK>
[  100.533329][ T3308]  loop1: p2 p3 p4
[  100.537410][ T3308] loop1: p2 start 452985600 is beyond EOD, truncated
[  100.544152][ T3308] loop1: p3 size 33554432 extends beyond EOD, truncated
[  100.558196][ T6101] loop3: detected capacity change from 0 to 1024
[  100.565134][ T6101] EXT4-fs: Ignoring removed i_version option
[  100.578829][ T6101] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.604768][ T3308] loop1: p4 start 8388607 is beyond EOD, truncated
[  100.764217][ T6085]  loop1: p2 p3 p4
[  100.773943][ T6085] loop1: p2 start 452985600 is beyond EOD, truncated
[  100.780747][ T6085] loop1: p3 size 33554432 extends beyond EOD, truncated
[  100.797398][ T6108] netlink: 'syz.0.848': attribute type 4 has an invalid length.
[  100.809037][ T6109] netlink: 36 bytes leftover after parsing attributes in process `syz.2.849'.
[  100.818255][ T6109] netlink: 16 bytes leftover after parsing attributes in process `syz.2.849'.
[  100.827338][ T6109] netlink: 36 bytes leftover after parsing attributes in process `syz.2.849'.
[  100.840720][ T6101] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.846: Invalid block bitmap block 0 in block_group 0
[  100.855035][ T6101] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.846: Failed to acquire dquot type 0
[  100.867187][ T6101] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.846: Freeing blocks not in datazone - block = 0, count = 4096
[  100.881266][ T6101] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.846: Invalid inode bitmap blk 0 in block_group 0
[  100.894841][ T6101] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  100.903657][ T6101] EXT4-fs (loop3): 1 orphan inode deleted
[  100.910108][ T6101] EXT4-fs mount: 41 callbacks suppressed
[  100.910121][ T6101] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.069497][ T6085] loop1: p4 start 8388607 is beyond EOD, truncated
[  101.209284][ T6109] netlink: 36 bytes leftover after parsing attributes in process `syz.2.849'.
[  101.406528][ T6120] loop4: detected capacity change from 0 to 128
[  101.523497][ T6123] loop1: detected capacity change from 0 to 512
[  101.682329][ T4130] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 0
[  101.694282][ T6120] EXT4-fs: Ignoring removed nobh option
[  101.713701][ T6123] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.852: iget: bad i_size value: 38620345925642
[  101.714073][ T6120] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  102.088790][ T6123] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.852: couldn't read orphan inode 15 (err -117)
[  102.115526][ T6128] loop0: detected capacity change from 0 to 128
[  102.123467][ T6123] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.143711][ T6120] ext4 filesystem being mounted at /162/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  102.144417][    T9] net_ratelimit: 43 callbacks suppressed
[  102.144431][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  102.170099][ T6128] EXT4-fs: Ignoring removed nobh option
[  102.189035][ T6128] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  102.218224][ T6128] ext4 filesystem being mounted at /145/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  102.340800][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  102.379543][ T6132] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  102.411978][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  102.471596][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  102.589790][ T6141] loop2: detected capacity change from 0 to 2048
[  102.637958][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.696189][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.717001][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.856613][ T6143] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[  103.125140][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.126469][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.134743][ T6141]  loop2: p1 < > p4
[  103.163969][ T6145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.172381][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.174378][ T6141] loop2: p4 size 8388608 extends beyond EOD, truncated
[  103.222992][ T6145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.231320][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.239602][ T6145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.248495][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.253651][ T6151] netlink: 12 bytes leftover after parsing attributes in process `syz.3.862'.
[  103.259669][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.305057][ T6154] netlink: 36 bytes leftover after parsing attributes in process `syz.1.857'.
[  103.314027][ T6154] netlink: 16 bytes leftover after parsing attributes in process `syz.1.857'.
[  103.322969][ T6154] netlink: 36 bytes leftover after parsing attributes in process `syz.1.857'.
[  103.348589][ T6154] netlink: 36 bytes leftover after parsing attributes in process `syz.1.857'.
[  103.444056][ T6167] FAULT_INJECTION: forcing a failure.
[  103.444056][ T6167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.457270][ T6167] CPU: 0 UID: 0 PID: 6167 Comm: syz.2.866 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  103.457335][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.457359][ T6167] Call Trace:
[  103.457366][ T6167]  <TASK>
[  103.457375][ T6167]  __dump_stack+0x1d/0x30
[  103.457403][ T6167]  dump_stack_lvl+0xe8/0x140
[  103.457429][ T6167]  dump_stack+0x15/0x1b
[  103.457451][ T6167]  should_fail_ex+0x265/0x280
[  103.457516][ T6167]  should_fail+0xb/0x20
[  103.457538][ T6167]  should_fail_usercopy+0x1a/0x20
[  103.457568][ T6167]  _copy_from_user+0x1c/0xb0
[  103.457674][ T6167]  ___sys_sendmsg+0xc1/0x1d0
[  103.457770][ T6167]  __x64_sys_sendmsg+0xd4/0x160
[  103.457818][ T6167]  x64_sys_call+0x2999/0x2fb0
[  103.457923][ T6167]  do_syscall_64+0xd2/0x200
[  103.457963][ T6167]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.457999][ T6167]  ? clear_bhb_loop+0x40/0x90
[  103.458027][ T6167]  ? clear_bhb_loop+0x40/0x90
[  103.458096][ T6167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.458124][ T6167] RIP: 0033:0x7fa1f54ce969
[  103.458157][ T6167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.458182][ T6167] RSP: 002b:00007fa1f3b37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.458206][ T6167] RAX: ffffffffffffffda RBX: 00007fa1f56f5fa0 RCX: 00007fa1f54ce969
[  103.458274][ T6167] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  103.458289][ T6167] RBP: 00007fa1f3b37090 R08: 0000000000000000 R09: 0000000000000000
[  103.458304][ T6167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.458320][ T6167] R13: 0000000000000000 R14: 00007fa1f56f5fa0 R15: 00007ffe23d33688
[  103.458346][ T6167]  </TASK>
[  103.656272][ T6171] netlink: 4 bytes leftover after parsing attributes in process `syz.3.867'.
[  103.700377][ T6155] siw: device registration error -23
[  103.705855][ T6156] siw: device registration error -23
[  103.719099][ T6161] loop1: detected capacity change from 0 to 8192
[  103.722745][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  103.759543][ T6171] loop3: detected capacity change from 0 to 512
[  103.766262][ T6171] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  103.767879][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  103.785170][ T3308]  loop1: p2 p3 p4
[  103.789800][ T6171] netlink: 12 bytes leftover after parsing attributes in process `syz.3.867'.
[  103.789839][ T3308] loop1: p2 start 452985600 is beyond EOD, truncated
[  103.805630][ T3308] loop1: p3 size 33554432 extends beyond EOD, truncated
[  103.835694][ T3308] loop1: p4 start 8388607 is beyond EOD, truncated
[  103.849953][ T6161]  loop1: p2 p3 p4
[  103.854155][ T6161] loop1: p2 start 452985600 is beyond EOD, truncated
[  103.860932][ T6161] loop1: p3 size 33554432 extends beyond EOD, truncated
[  103.866430][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  103.886368][ T3846] udevd[3846]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  103.897153][ T6161] loop1: p4 start 8388607 is beyond EOD, truncated
[  103.927871][ T6183] loop3: detected capacity change from 0 to 128
[  103.945637][ T6183] EXT4-fs: Ignoring removed nobh option
[  103.954864][ T6185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.870'.
[  103.973620][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  103.983658][ T3854] udevd[3854]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  103.986180][ T6183] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  104.054870][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  104.080128][ T6183] ext4 filesystem being mounted at /176/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  104.228136][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  104.528125][ T6203] FAULT_INJECTION: forcing a failure.
[  104.528125][ T6203] name failslab, interval 1, probability 0, space 0, times 0
[  104.540882][ T6203] CPU: 1 UID: 0 PID: 6203 Comm: syz.2.874 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  104.540910][ T6203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.540926][ T6203] Call Trace:
[  104.540933][ T6203]  <TASK>
[  104.540943][ T6203]  __dump_stack+0x1d/0x30
[  104.541043][ T6203]  dump_stack_lvl+0xe8/0x140
[  104.541087][ T6203]  dump_stack+0x15/0x1b
[  104.541109][ T6203]  should_fail_ex+0x265/0x280
[  104.541134][ T6203]  ? pkcs7_parse_message+0x3b/0x350
[  104.541171][ T6203]  should_failslab+0x8c/0xb0
[  104.541205][ T6203]  __kmalloc_cache_noprof+0x4c/0x320
[  104.541262][ T6203]  pkcs7_parse_message+0x3b/0x350
[  104.541294][ T6203]  verify_pkcs7_signature+0x30/0x90
[  104.541330][ T6203]  valid_regdb+0x16b/0x3a0
[  104.541365][ T6203]  reg_reload_regdb+0x9b/0x250
[  104.541404][ T6203]  nl80211_reload_regdb+0xe/0x20
[  104.541475][ T6203]  genl_family_rcv_msg_doit+0x143/0x1b0
[  104.541506][ T6203]  genl_rcv_msg+0x422/0x460
[  104.541530][ T6203]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  104.541554][ T6203]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  104.541604][ T6203]  ? __pfx_nl80211_post_doit+0x10/0x10
[  104.541631][ T6203]  netlink_rcv_skb+0x123/0x220
[  104.541669][ T6203]  ? __pfx_genl_rcv_msg+0x10/0x10
[  104.541759][ T6203]  genl_rcv+0x28/0x40
[  104.541777][ T6203]  netlink_unicast+0x5a1/0x670
[  104.541811][ T6203]  netlink_sendmsg+0x58b/0x6b0
[  104.541885][ T6203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.541917][ T6203]  __sock_sendmsg+0x142/0x180
[  104.541942][ T6203]  ____sys_sendmsg+0x31e/0x4e0
[  104.541976][ T6203]  ___sys_sendmsg+0x17b/0x1d0
[  104.542080][ T6203]  __x64_sys_sendmsg+0xd4/0x160
[  104.542126][ T6203]  x64_sys_call+0x2999/0x2fb0
[  104.542154][ T6203]  do_syscall_64+0xd2/0x200
[  104.542236][ T6203]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.542286][ T6203]  ? clear_bhb_loop+0x40/0x90
[  104.542308][ T6203]  ? clear_bhb_loop+0x40/0x90
[  104.542337][ T6203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.542365][ T6203] RIP: 0033:0x7fa1f54ce969
[  104.542384][ T6203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.542462][ T6203] RSP: 002b:00007fa1f3af5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.542485][ T6203] RAX: ffffffffffffffda RBX: 00007fa1f56f6160 RCX: 00007fa1f54ce969
[  104.542502][ T6203] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000006
[  104.542518][ T6203] RBP: 00007fa1f3af5090 R08: 0000000000000000 R09: 0000000000000000
[  104.542534][ T6203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.542546][ T6203] R13: 0000000000000000 R14: 00007fa1f56f6160 R15: 00007ffe23d33688
[  104.542582][ T6203]  </TASK>
[  104.876224][ T6198] loop1: detected capacity change from 0 to 2048
[  104.885673][ T6206] loop0: detected capacity change from 0 to 512
[  104.902865][ T6206] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.877: iget: bad i_size value: 38620345925642
[  104.922077][ T6206] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.877: couldn't read orphan inode 15 (err -117)
[  104.985882][ T3308]  loop1: p1 < > p4
[  104.995155][ T3308] loop1: p4 size 8388608 extends beyond EOD, truncated
[  105.005095][ T6206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.106449][ T6198]  loop1: p1 < > p4
[  105.119002][ T6198] loop1: p4 size 8388608 extends beyond EOD, truncated
[  105.168496][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  105.189272][ T6198] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[  105.456947][ T6219] loop1: detected capacity change from 0 to 8192
[  105.465766][   T29] kauditd_printk_skb: 90 callbacks suppressed
[  105.465784][   T29] audit: type=1326 audit(1748931634.702:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.495372][   T29] audit: type=1326 audit(1748931634.702:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.546072][ T3308]  loop1: p2 p3 p4
[  105.551174][ T3308] loop1: p2 start 452985600 is beyond EOD, truncated
[  105.557955][ T3308] loop1: p3 size 33554432 extends beyond EOD, truncated
[  105.570753][   T29] audit: type=1326 audit(1748931634.752:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.594322][   T29] audit: type=1326 audit(1748931634.752:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.617794][   T29] audit: type=1326 audit(1748931634.752:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.641256][   T29] audit: type=1326 audit(1748931634.752:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.664803][   T29] audit: type=1326 audit(1748931634.752:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.667002][ T3308] loop1: p4 start 8388607 is beyond EOD, 
[  105.688170][   T29] audit: type=1326 audit(1748931634.752:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.693977][ T3308] truncated
[  105.720488][   T29] audit: type=1326 audit(1748931634.752:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.721238][ T6233] siw: device registration error -23
[  105.743976][   T29] audit: type=1326 audit(1748931634.752:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.4.885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  105.774885][ T6219]  loop1: p2 p3 p4
[  105.779199][ T6219] loop1: p2 start 452985600 is beyond EOD, truncated
[  105.786261][ T6219] loop1: p3 size 33554432 extends beyond EOD, truncated
[  105.796182][ T6219] loop1: p4 start 8388607 is beyond EOD, truncated
[  105.843039][ T6235] netlink: 20 bytes leftover after parsing attributes in process `syz.4.886'.
[  105.971336][ T6242] netlink: 12 bytes leftover after parsing attributes in process `syz.2.888'.
[  105.986159][    T9] IPVS: starting estimator thread 0...
[  106.006445][ T6242] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.062903][ T6244] loop1: detected capacity change from 0 to 8192
[  106.063509][ T6242] bond0 (unregistering): Released all slaves
[  106.075605][ T6245] IPVS: using max 2256 ests per chain, 112800 per kthread
[  106.086720][ T6244] vfat: Unknown parameter 'â
'
[  106.358496][ T6271] loop2: detected capacity change from 0 to 1024
[  106.368933][ T6271] EXT4-fs: Ignoring removed bh option
[  106.414897][ T6126] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  106.490879][ T6271] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  106.624928][ T6278] loop3: detected capacity change from 0 to 512
[  106.661887][ T6280] loop4: detected capacity change from 0 to 512
[  106.696657][ T6271] EXT4-fs error (device loop2): ext4_quota_enable:7124: comm syz.2.900: inode #2304: comm syz.2.900: iget: illegal inode #
[  106.710757][ T6278] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.901: iget: bad i_size value: 38620345925642
[  106.725676][ T6278] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.901: couldn't read orphan inode 15 (err -117)
[  106.738933][ T6278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.778874][ T6280] EXT4-fs: Mount option(s) incompatible with ext2
[  106.842471][ T6271] EXT4-fs (loop2): Remounting filesystem read-only
[  106.849139][ T6271] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  106.994813][ T6271] EXT4-fs (loop2): mount failed
[  107.157378][ T6280] loop4: detected capacity change from 0 to 512
[  107.180684][ T6280] EXT4-fs: Ignoring removed i_version option
[  107.258848][ T6280] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  107.262025][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.284172][ T6280] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  107.301928][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.330886][ T6280] EXT4-fs (loop4): 1 truncate cleaned up
[  107.343615][ T6280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.383233][ T6280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.411753][ T6280] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  107.463571][ T6280] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  107.470154][ T6280] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  107.477776][ T6280] vhci_hcd vhci_hcd.0: Device attached
[  107.498956][ T6313] loop0: detected capacity change from 0 to 128
[  107.523118][ T6307] vhci_hcd: connection closed
[  107.523372][  T122] vhci_hcd: stop threads
[  107.532450][ T6313] EXT4-fs: Ignoring removed nobh option
[  107.532479][  T122] vhci_hcd: release socket
[  107.542575][  T122] vhci_hcd: disconnect device
[  107.574747][ T6313] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  107.590693][ T6314] siw: device registration error -23
[  107.622391][ T6321] loop1: detected capacity change from 0 to 1024
[  107.636952][ T6313] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  107.649579][ T6321] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.718466][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.193594][ T6353] $Hÿ: entered promiscuous mode
[  108.198832][ T6353] bond_slave_0: entered promiscuous mode
[  108.204611][ T6353] bond_slave_1: entered promiscuous mode
[  108.255880][ T3422] net_ratelimit: 128 callbacks suppressed
[  108.255899][ T3422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  108.270428][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  108.279190][ T3391] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  108.420135][ T6351] loop1: detected capacity change from 0 to 8192
[  108.515660][ T6382] loop4: detected capacity change from 0 to 2048
[  108.580611][ T3308]  loop1: p2 p3 p4
[  108.588004][ T3308] loop1: p2 start 452985600 is beyond EOD, truncated
[  108.594973][ T3308] loop1: p3 size 33554432 extends beyond EOD, truncated
[  108.604281][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  108.614176][ T3308] loop1: p4 start 8388607 is beyond EOD, truncated
[  108.634525][ T6351]  loop1: p2 p3 p4
[  108.638578][ T6351] loop1: p2 start 452985600 is beyond EOD, truncated
[  108.645359][ T6351] loop1: p3 size 33554432 extends beyond EOD, truncated
[  108.653828][ T5747]  loop4: p1 < > p4
[  108.662585][ T5747] loop4: p4 size 8388608 extends beyond EOD, truncated
[  108.671634][ T6351] loop1: p4 start 8388607 is beyond EOD, truncated
[  108.685199][ T6382]  loop4: p1 < > p4
[  108.690161][ T6382] loop4: p4 size 8388608 extends beyond EOD, truncated
[  108.700192][ T6391] loop0: detected capacity change from 0 to 2048
[  108.794649][ T6392] loop2: detected capacity change from 0 to 512
[  108.822742][ T3007]  loop4: p1 < > p4
[  108.828903][ T3007] loop4: p4 size 8388608 extends beyond EOD, truncated
[  108.837481][ T6392] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.928: iget: bad i_size value: 38620345925642
[  108.851898][ T6392] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.928: couldn't read orphan inode 15 (err -117)
[  108.865276][ T6392] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.892540][ T3846]  loop0: p1 < > p4
[  108.906456][ T3846] loop0: p4 size 8388608 extends beyond EOD, truncated
[  108.940341][ T6399] .] calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  108.995106][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  109.211330][   T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  109.220240][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  109.299216][ T6409] syzkaller1: entered promiscuous mode
[  109.304882][ T6409] syzkaller1: entered allmulticast mode
[  109.315058][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  109.324731][ T6391]  loop0: p1 < > p4
[  109.344238][ T6391] loop0: p4 size 8388608 extends beyond EOD, truncated
[  109.351311][ T6409] loop4: detected capacity change from 0 to 1024
[  109.381924][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  109.397571][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  109.421255][ T4130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  109.427112][ T3524] udevd[3524]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  109.430564][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  109.446625][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.448572][ T3391] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  109.502061][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  109.521928][ T3846] udevd[3846]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  109.575464][ T6424] loop4: detected capacity change from 0 to 128
[  109.592498][ T6424] EXT4-fs: Ignoring removed nobh option
[  109.606371][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  109.610481][ T6424] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  109.622585][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  109.645557][ T6421] __nla_validate_parse: 1 callbacks suppressed
[  109.645576][ T6421] netlink: 12 bytes leftover after parsing attributes in process `syz.0.935'.
[  109.701433][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  109.751483][ T6437] loop1: detected capacity change from 0 to 128
[  109.753878][ T6424] ext4 filesystem being mounted at /178/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  109.789458][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  109.877109][ T6437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'.
[  109.886132][ T6437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.941'.
[  110.037433][ T6448] loop1: detected capacity change from 0 to 512
[  110.096113][ T6439] netlink: 'syz.3.942': attribute type 1 has an invalid length.
[  110.103946][ T6439] netlink: 224 bytes leftover after parsing attributes in process `syz.3.942'.
[  110.153475][ T6452] loop2: detected capacity change from 0 to 512
[  110.203565][ T6448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.259723][ T6448] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.352077][ T6452] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.944: iget: bad i_size value: 38620345925642
[  110.365184][ T6452] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.944: couldn't read orphan inode 15 (err -117)
[  110.379943][ T6452] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.537103][ T6448] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #19: comm syz.1.945: corrupted inode contents
[  110.624626][ T6448] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #19: comm syz.1.945: mark_inode_dirty error
[  110.687820][ T6448] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #19: comm syz.1.945: corrupted inode contents
[  110.743474][ T6448] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #19: comm syz.1.945: mark_inode_dirty error
[  110.774347][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.790289][ T6448] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #19: comm syz.1.945: mark inode dirty (error -117)
[  110.848910][ T6448] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  110.872238][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.911218][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.952369][ T6469] loop3: detected capacity change from 0 to 128
[  110.969034][ T6469] EXT4-fs: Ignoring removed nobh option
[  110.990275][ T6469] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.011793][ T6469] ext4 filesystem being mounted at /193/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  111.140764][ T6484] netlink: 32 bytes leftover after parsing attributes in process `syz.1.960'.
[  111.153254][ T6489] netlink: 'syz.2.962': attribute type 10 has an invalid length.
[  111.169405][ T6489] batman_adv: batadv0: Adding interface: team0
[  111.175645][ T6489] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.200996][ T6489] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  111.237038][   T29] kauditd_printk_skb: 258 callbacks suppressed
[  111.237104][   T29] audit: type=1326 audit(1748931640.480:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.269563][   T29] audit: type=1326 audit(1748931640.480:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.293045][   T29] audit: type=1326 audit(1748931640.480:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.296405][ T6492] loop4: detected capacity change from 0 to 512
[  111.316420][   T29] audit: type=1326 audit(1748931640.480:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.346006][   T29] audit: type=1326 audit(1748931640.480:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.356469][ T6494] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.369344][   T29] audit: type=1326 audit(1748931640.480:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.401039][   T29] audit: type=1326 audit(1748931640.480:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.424479][   T29] audit: type=1326 audit(1748931640.480:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.447925][   T29] audit: type=1326 audit(1748931640.490:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.471388][   T29] audit: type=1326 audit(1748931640.490:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6488 comm="syz.2.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  111.495304][ T6494] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.506820][ T6492] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.519700][ T6492] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.576563][ T6492] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #19: comm syz.4.964: corrupted inode contents
[  111.589818][ T6492] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #19: comm syz.4.964: mark_inode_dirty error
[  111.601553][ T6492] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #19: comm syz.4.964: corrupted inode contents
[  111.614632][ T6492] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #19: comm syz.4.964: mark_inode_dirty error
[  111.627057][ T6492] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #19: comm syz.4.964: mark inode dirty (error -117)
[  111.640133][ T6492] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  111.672731][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.813103][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.885442][ T6509] loop0: detected capacity change from 0 to 128
[  111.894236][ T6509] EXT4-fs: Ignoring removed nobh option
[  111.911285][ T6509] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.927106][ T6509] ext4 filesystem being mounted at /159/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  112.139074][ T6522] loop1: detected capacity change from 0 to 128
[  112.145775][ T6522] EXT4-fs: Ignoring removed nobh option
[  112.158401][ T6522] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.246975][ T6522] ext4 filesystem being mounted at /208/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  113.264059][ T6532] loop4: detected capacity change from 0 to 128
[  113.388227][ T6532] EXT4-fs: Ignoring removed nobh option
[  113.423826][ T6532] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.483337][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.495420][ T6532] ext4 filesystem being mounted at /186/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  113.622710][ T6546] netlink: 'syz.2.978': attribute type 10 has an invalid length.
[  113.646237][ T6546] ipvlan0: entered allmulticast mode
[  113.651635][ T6546] veth0_vlan: entered allmulticast mode
[  113.662820][ T6546] team0: Device ipvlan0 failed to register rx_handler
[  113.670724][ T6545] loop0: detected capacity change from 0 to 2048
[  113.726694][ T6545]  loop0: p1 < > p4
[  113.732334][ T6545] loop0: p4 size 8388608 extends beyond EOD, truncated
[  113.834406][ T3007]  loop0: p1 < > p4
[  113.839473][ T3007] loop0: p4 size 8388608 extends beyond EOD, truncated
[  113.905230][ T3315] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.208955][ T6565] netlink: zone id is out of range
[  114.214169][ T6565] netlink: zone id is out of range
[  114.219384][ T6565] netlink: zone id is out of range
[  114.224585][ T6565] netlink: zone id is out of range
[  114.229780][ T6565] netlink: zone id is out of range
[  114.234997][ T6565] netlink: zone id is out of range
[  114.240184][ T6565] netlink: zone id is out of range
[  114.245332][ T6565] netlink: zone id is out of range
[  114.250612][ T6565] netlink: zone id is out of range
[  114.255869][ T6565] netlink: zone id is out of range
[  114.326839][ T6561] loop1: detected capacity change from 0 to 8192
[  114.376809][ T3308]  loop1: p2 p3 p4
[  114.380647][ T3308] loop1: p2 start 452985600 is beyond EOD, truncated
[  114.387434][ T3308] loop1: p3 size 33554432 extends beyond EOD, truncated
[  114.403073][ T3308] loop1: p4 start 8388607 is beyond EOD, truncated
[  114.410749][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.435959][ T6561]  loop1: p2 p3 p4
[  114.448132][ T6561] loop1: p2 start 452985600 is beyond EOD, truncated
[  114.454966][ T6561] loop1: p3 size 33554432 extends beyond EOD, truncated
[  114.466575][ T6569] ipt_ECN: cannot use operation on non-tcp rule
[  114.497278][ T6561] loop1: p4 start 8388607 is beyond EOD, truncated
[  114.509921][ T6569] syz.0.990: attempt to access beyond end of device
[  114.509921][ T6569] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  114.601356][ T6577] loop1: detected capacity change from 0 to 512
[  114.637945][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  114.675914][ T6577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.699993][ T6577] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.706870][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  114.766133][ T6577] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #19: comm syz.1.992: corrupted inode contents
[  114.831183][ T6577] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #19: comm syz.1.992: mark_inode_dirty error
[  114.878980][ T6577] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #19: comm syz.1.992: corrupted inode contents
[  114.898976][ T6577] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #19: comm syz.1.992: mark_inode_dirty error
[  114.932940][ T6577] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #19: comm syz.1.992: mark inode dirty (error -117)
[  114.971291][ T6577] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  115.062293][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.112604][ T6592] loop3: detected capacity change from 0 to 128
[  115.134386][ T6592] EXT4-fs: Ignoring removed nobh option
[  115.165535][ T6592] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  115.183350][ T6592] ext4 filesystem being mounted at /201/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  115.309556][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  115.356571][ T6608] loop3: detected capacity change from 0 to 128
[  115.416510][ T6615] loop4: detected capacity change from 0 to 128
[  115.483604][ T6618] SELinux: failed to load policy
[  115.571199][ T6608] infiniband syz!: set active
[  115.576009][ T6608] infiniband syz!: added team_slave_0
[  115.587122][ T6608] RDS/IB: syz!: added
[  115.591158][ T6608] smc: adding ib device syz! with port count 1
[  115.597407][ T6608] smc:    ib device syz! port 1 has pnetid 
[  115.664009][ T6632] loop0: detected capacity change from 0 to 128
[  115.673169][ T6622] loop4: detected capacity change from 0 to 512
[  115.682323][ T6634] loop2: detected capacity change from 0 to 128
[  115.690898][ T6632] EXT4-fs: Ignoring removed nobh option
[  115.698446][ T6634] EXT4-fs: Ignoring removed nobh option
[  115.708742][ T6632] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  115.721871][ T6632] ext4 filesystem being mounted at /173/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  115.755725][ T6634] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  115.773102][ T6634] ext4 filesystem being mounted at /227/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  115.810560][ T6622] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.846495][ T6622] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.872456][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  115.890111][  T296] kworker/u8:5: attempt to access beyond end of device
[  115.890111][  T296] loop3: rw=1, sector=145, nr_sectors = 16 limit=128
[  115.904437][  T296] kworker/u8:5: attempt to access beyond end of device
[  115.904437][  T296] loop3: rw=1, sector=169, nr_sectors = 8 limit=128
[  115.918112][  T296] kworker/u8:5: attempt to access beyond end of device
[  115.918112][  T296] loop3: rw=1, sector=185, nr_sectors = 8 limit=128
[  115.924122][ T6622] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #19: comm syz.4.1008: corrupted inode contents
[  115.931880][  T296] kworker/u8:5: attempt to access beyond end of device
[  115.931880][  T296] loop3: rw=1, sector=201, nr_sectors = 8 limit=128
[  115.968840][  T296] kworker/u8:5: attempt to access beyond end of device
[  115.968840][  T296] loop3: rw=1, sector=217, nr_sectors = 8 limit=128
[  115.982710][  T296] kworker/u8:5: attempt to access beyond end of device
[  115.982710][  T296] loop3: rw=1, sector=233, nr_sectors = 8 limit=128
[  115.996423][ T6622] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #19: comm syz.4.1008: mark_inode_dirty error
[  116.010632][  T296] kworker/u8:5: attempt to access beyond end of device
[  116.010632][  T296] loop3: rw=1, sector=249, nr_sectors = 8 limit=128
[  116.027510][  T296] kworker/u8:5: attempt to access beyond end of device
[  116.027510][  T296] loop3: rw=1, sector=265, nr_sectors = 8 limit=128
[  116.041072][  T296] kworker/u8:5: attempt to access beyond end of device
[  116.041072][  T296] loop3: rw=1, sector=281, nr_sectors = 8 limit=128
[  116.041105][ T6622] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #19: comm syz.4.1008: corrupted inode contents
[  116.101823][ T6622] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #19: comm syz.4.1008: mark_inode_dirty error
[  116.139703][ T6622] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #19: comm syz.4.1008: mark inode dirty (error -117)
[  116.210781][ T6622] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  116.264769][ T6642] loop0: detected capacity change from 0 to 8192
[  116.317731][ T6642]  loop0: p2 p3 p4
[  116.335731][ T6642] loop0: p2 start 452985600 is beyond EOD, truncated
[  116.342501][ T6642] loop0: p3 size 33554432 extends beyond EOD, truncated
[  116.419343][ T6642] loop0: p4 start 8388607 is beyond EOD, truncated
[  116.419581][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.450296][ T6665] loop3: detected capacity change from 0 to 2048
[  116.577706][ T6673] loop1: detected capacity change from 0 to 512
[  116.599186][ T6665]  loop3: p1 < > p4
[  116.604716][   T29] kauditd_printk_skb: 68 callbacks suppressed
[  116.604733][   T29] audit: type=1326 audit(1748931645.834:3659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.634395][   T29] audit: type=1326 audit(1748931645.834:3660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.657869][   T29] audit: type=1326 audit(1748931645.834:3661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.681341][   T29] audit: type=1326 audit(1748931645.834:3662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.704976][   T29] audit: type=1326 audit(1748931645.834:3663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.728464][   T29] audit: type=1326 audit(1748931645.834:3664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.752034][   T29] audit: type=1326 audit(1748931645.834:3665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.775462][   T29] audit: type=1326 audit(1748931645.834:3666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.798971][   T29] audit: type=1326 audit(1748931645.834:3667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.822388][   T29] audit: type=1326 audit(1748931645.834:3668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6667 comm="syz.4.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  116.983928][ T6665] loop3: p4 size 8388608 extends beyond EOD, truncated
[  117.032392][ T6673] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1022: iget: bad i_size value: 38620345925642
[  117.053193][ T6673] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1022: couldn't read orphan inode 15 (err -117)
[  117.090104][ T6673] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.112600][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  117.137362][ T3322] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  117.149077][ T3007]  loop3: p1 < > p4
[  117.154163][ T3007] loop3: p4 size 8388608 extends beyond EOD, truncated
[  117.268290][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.297591][ T3846] udevd[3846]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  117.312147][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  117.357608][ T6698] loop3: detected capacity change from 0 to 512
[  117.417494][ T6698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.439349][ T6698] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.452636][ T6701] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1036'.
[  117.471259][ T6709] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1038'.
[  117.482971][ T6709] hsr_slave_0: left promiscuous mode
[  117.489673][ T6698] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #19: comm syz.3.1033: corrupted inode contents
[  117.502508][ T6709] hsr_slave_1: left promiscuous mode
[  117.509538][ T6698] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #19: comm syz.3.1033: mark_inode_dirty error
[  117.528159][ T6698] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #19: comm syz.3.1033: corrupted inode contents
[  117.541232][ T6698] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #19: comm syz.3.1033: mark_inode_dirty error
[  117.548051][ T6706] lo speed is unknown, defaulting to 1000
[  117.560719][ T6706] lo speed is unknown, defaulting to 1000
[  117.567224][ T6701] loop0: detected capacity change from 0 to 1024
[  117.574387][ T6706] lo speed is unknown, defaulting to 1000
[  117.576341][ T6701] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.597012][ T6706] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  117.624719][ T6698] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #19: comm syz.3.1033: mark inode dirty (error -117)
[  117.636368][ T6701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.690809][ T6698] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  117.712757][ T6701] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.741648][ T6706] lo speed is unknown, defaulting to 1000
[  117.752267][ T6706] lo speed is unknown, defaulting to 1000
[  117.757887][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.772485][ T6706] lo speed is unknown, defaulting to 1000
[  117.810843][ T6706] lo speed is unknown, defaulting to 1000
[  117.829886][ T6706] lo speed is unknown, defaulting to 1000
[  118.439782][ T6730] loop2: detected capacity change from 0 to 512
[  118.769110][ T6730] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1043: iget: bad i_size value: 38620345925642
[  118.782227][ T6730] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1043: couldn't read orphan inode 15 (err -117)
[  118.798120][ T6730] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.142892][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.204404][ T6755] loop4: detected capacity change from 0 to 128
[  119.214563][ T6755] EXT4-fs: Ignoring removed nobh option
[  119.224434][ T6751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.243172][ T6755] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  119.256642][ T6755] ext4 filesystem being mounted at /203/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.284808][ T6751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.296927][ T6751] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1054'.
[  119.306125][ T6751] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1054'.
[  119.318109][ T6751] dummy0: entered promiscuous mode
[  119.323953][ T6751] dummy0: left promiscuous mode
[  119.387197][ T6758] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1057'.
[  119.438994][ T6758] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6758 comm=syz.1.1057
[  119.506685][ T6774] loop1: detected capacity change from 0 to 128
[  119.513854][ T6774] EXT4-fs: Ignoring removed nobh option
[  119.540454][ T6774] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  119.565018][ T6774] ext4 filesystem being mounted at /224/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.831604][ T6781] loop3: detected capacity change from 0 to 512
[  120.580206][ T6781] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.1062: iget: bad i_size value: 38620345925642
[  120.666909][ T6781] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1062: couldn't read orphan inode 15 (err -117)
[  120.679639][ T6781] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.869753][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.967042][ T6788] loop0: detected capacity change from 0 to 512
[  120.998346][ T6788] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1064: iget: bad i_size value: 38620345925642
[  121.011387][ T6788] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1064: couldn't read orphan inode 15 (err -117)
[  121.024579][ T6788] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.063671][ T3315] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  121.076144][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  121.154621][ T6793] bond0: entered promiscuous mode
[  121.159736][ T6793] bond_slave_0: entered promiscuous mode
[  121.165609][ T6793] bond_slave_1: entered promiscuous mode
[  121.342314][ T6795] loop2: detected capacity change from 0 to 1024
[  121.398993][ T6793] batadv0: entered promiscuous mode
[  121.435080][ T6795] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  121.446054][ T6795] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  121.525199][ T6793] 8021q: adding VLAN 0 to HW filter on device hsr1
[  121.531266][   T51] net_ratelimit: 61 callbacks suppressed
[  121.531285][   T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  121.546774][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  121.562158][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  121.609715][ T6795] JBD2: no valid journal superblock found
[  121.615585][ T6795] EXT4-fs (loop2): Could not load journal inode
[  121.625501][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  121.633804][ T6800] loop3: detected capacity change from 0 to 8192
[  121.635007][ T6793] bond0: left promiscuous mode
[  121.645053][ T6793] bond_slave_0: left promiscuous mode
[  121.650529][ T6793] bond_slave_1: left promiscuous mode
[  121.663806][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.673662][ T6795] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1069'.
[  121.673665][   T29] kauditd_printk_skb: 118 callbacks suppressed
[  121.673680][   T29] audit: type=1400 audit(1748931650.927:3787): avc:  denied  { nlmsg_read } for  pid=6794 comm="syz.2.1069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  121.710395][ T6793] batadv0: left promiscuous mode
[  121.720379][ T6807] loop1: detected capacity change from 0 to 2048
[  121.730757][ T5747]  loop3: p2 p3 p4
[  121.734676][ T5747] loop3: p2 start 452985600 is beyond EOD, truncated
[  121.741479][ T5747] loop3: p3 size 33554432 extends beyond EOD, truncated
[  121.765875][ T5747] loop3: p4 start 8388607 is beyond EOD, truncated
[  121.802742][ T6800]  loop3: p2 p3 p4
[  121.806838][ T6807]  loop1: p1 < > p4
[  121.814264][ T6800] loop3: p2 start 452985600 is beyond EOD, truncated
[  121.821072][ T6800] loop3: p3 size 33554432 extends beyond EOD, truncated
[  121.837695][ T6807] loop1: p4 size 8388608 extends beyond EOD, truncated
[  121.849404][ T6818] loop0: detected capacity change from 0 to 128
[  121.860939][ T6818] EXT4-fs: Ignoring removed nobh option
[  121.872834][ T6818] ext4 filesystem being mounted at /188/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  121.897966][ T6800] loop3: p4 start 8388607 is beyond EOD, truncated
[  122.002792][ T6822] loop4: detected capacity change from 0 to 128
[  122.026361][ T6825] loop1: detected capacity change from 0 to 2048
[  122.056725][ T6822] EXT4-fs: Ignoring removed nobh option
[  122.081976][ T3846]  loop1: p1 < > p4
[  122.097723][   T29] audit: type=1326 audit(1748931651.348:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.121565][   T29] audit: type=1326 audit(1748931651.348:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.122219][ T3846] loop1: p4 size 8388608 extends beyond EOD, truncated
[  122.154637][   T29] audit: type=1326 audit(1748931651.348:3790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.156268][ T6827] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1079'.
[  122.178064][   T29] audit: type=1326 audit(1748931651.348:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.187023][ T6827] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1079'.
[  122.187047][ T6827] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1079'.
[  122.190682][ T6827] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1079'.
[  122.210603][   T29] audit: type=1326 audit(1748931651.358:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.246562][ T6822] ext4 filesystem being mounted at /208/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  122.260890][   T29] audit: type=1326 audit(1748931651.358:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.295035][   T29] audit: type=1326 audit(1748931651.358:3794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.318470][   T29] audit: type=1326 audit(1748931651.358:3795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.321990][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  122.341937][   T29] audit: type=1326 audit(1748931651.358:3796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb090f9e969 code=0x7ffc0000
[  122.363647][ T6825] loop_reread_partitions: partition scan of loop1 () failed (rc=-16)
[  122.515430][ T6838] loop3: detected capacity change from 0 to 128
[  122.529073][ T6838] EXT4-fs: Ignoring removed nobh option
[  122.589933][ T6838] ext4 filesystem being mounted at /216/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  122.734304][ T6846] loop4: detected capacity change from 0 to 512
[  122.773692][ T6846] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1082: iget: bad i_size value: 38620345925642
[  122.786811][ T6846] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1082: couldn't read orphan inode 15 (err -117)
[  123.235767][ T6854] loop2: detected capacity change from 0 to 2048
[  123.408346][ T6854]  loop2: p1 < > p4
[  123.419295][ T6854] loop2: p4 size 8388608 extends beyond EOD, truncated
[  123.440442][  T384] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  123.450090][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  123.579995][ T6868] loop1: detected capacity change from 0 to 512
[  123.591685][ T6868] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1089: iget: bad i_size value: 38620345925642
[  123.605434][ T6868] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1089: couldn't read orphan inode 15 (err -117)
[  123.719466][ T3007]  loop2: p1 < > p4
[  123.778252][ T3007] loop2: p4 size 8388608 extends beyond EOD, truncated
[  124.061274][ T6078] udevd[6078]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  124.102173][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  124.156549][ T6874] loop0: detected capacity change from 0 to 8192
[  124.203931][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  124.214217][ T3846] udevd[3846]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  124.224210][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  124.239422][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  124.251590][ T6874]  loop0: p2 p3 p4
[  124.277860][ T6874] loop0: p2 start 452985600 is beyond EOD, truncated
[  124.284667][ T6874] loop0: p3 size 33554432 extends beyond EOD, truncated
[  124.496928][ T6874] loop0: p4 start 8388607 is beyond EOD, truncated
[  125.093226][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  125.207851][ T6901] loop1: detected capacity change from 0 to 512
[  125.269360][ T6901] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1101: iget: bad i_size value: 38620345925642
[  125.286660][ T6901] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1101: couldn't read orphan inode 15 (err -117)
[  125.448779][ T6877] lo speed is unknown, defaulting to 1000
[  125.777275][ T6907] loop3: detected capacity change from 0 to 128
[  125.840051][ T6907] EXT4-fs: Ignoring removed nobh option
[  125.890736][ T6907] ext4 filesystem being mounted at /219/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.016791][ T6883] lo speed is unknown, defaulting to 1000
[  126.034922][ T6918] loop1: detected capacity change from 0 to 2048
[  126.045635][ T6918] EXT4-fs (loop1): Couldn't mount because of unsupported optional features (8)
[  126.696615][ T6927] loop0: detected capacity change from 0 to 8192
[  126.738641][ T5747]  loop0: p2 p3 p4
[  126.742590][ T5747] loop0: p2 start 452985600 is beyond EOD, truncated
[  126.749610][ T5747] loop0: p3 size 33554432 extends beyond EOD, truncated
[  126.774817][ T5747] loop0: p4 start 8388607 is beyond EOD, truncated
[  126.795967][ T6927]  loop0: p2 p3 p4
[  126.800151][ T6927] loop0: p2 start 452985600 is beyond EOD, truncated
[  126.807025][ T6927] loop0: p3 size 33554432 extends beyond EOD, truncated
[  126.852472][ T6927] loop0: p4 start 8388607 is beyond EOD, truncated
[  126.966786][   T29] kauditd_printk_skb: 225 callbacks suppressed
[  126.966802][   T29] audit: type=1326 audit(1748931656.220:4022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6933 comm="syz.0.1111" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb090f9e969 code=0x0
[  127.019935][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  127.068257][   T29] audit: type=1326 audit(1748931656.270:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.075836][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  127.091721][   T29] audit: type=1326 audit(1748931656.270:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.124936][   T29] audit: type=1326 audit(1748931656.270:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.148321][   T29] audit: type=1326 audit(1748931656.270:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.171751][   T29] audit: type=1326 audit(1748931656.270:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.195118][   T29] audit: type=1326 audit(1748931656.270:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.218638][   T29] audit: type=1326 audit(1748931656.280:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.242126][   T29] audit: type=1326 audit(1748931656.280:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.265644][   T29] audit: type=1326 audit(1748931656.280:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6935 comm="syz.1.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f58f791e969 code=0x7ffc0000
[  127.308323][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.316398][ T6948] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.324691][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.339434][ T6948] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1116'.
[  128.348624][ T6948] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1116'.
[  128.357583][ T6948] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1116'.
[  128.393367][ T6948] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1116'.
[  128.454477][ T6950] loop0: detected capacity change from 0 to 2048
[  128.489091][ T3308]  loop0: p1 < > p4
[  128.508090][ T3308] loop0: p4 size 8388608 extends beyond EOD, truncated
[  128.530556][ T6950]  loop0: p1 < > p4
[  128.535375][ T6950] loop0: p4 size 8388608 extends beyond EOD, truncated
[  128.561887][   T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.570834][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.579438][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.595106][ T3007]  loop0: p1 < > p4
[  128.608045][ T3007] loop0: p4 size 8388608 extends beyond EOD, truncated
[  128.869710][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  128.882550][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  128.900829][ T6961] loop3: detected capacity change from 0 to 512
[  129.209613][   T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.218437][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.227179][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.300208][ T6972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  129.354940][ T6972] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  129.418591][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.426930][ T6961] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.1121: iget: bad i_size value: 38620345925642
[  129.441032][ T6961] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.1121: couldn't read orphan inode 15 (err -117)
[  129.476127][ T6972] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1124'.
[  129.485291][ T6972] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1124'.
[  129.499427][ T6972] dummy0: entered promiscuous mode
[  129.505428][ T6972] dummy0: left promiscuous mode
[  130.061243][ T6983] loop4: detected capacity change from 0 to 128
[  130.087633][ T6983] EXT4-fs: Ignoring removed nobh option
[  130.102958][ T6983] ext4 filesystem being mounted at /212/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  130.139950][ T6986] loop0: detected capacity change from 0 to 1024
[  130.146740][ T6986] EXT4-fs: Ignoring removed i_version option
[  130.153942][ T6986] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  130.166705][ T6986] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1129: Invalid block bitmap block 0 in block_group 0
[  130.181487][ T6986] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1129: Failed to acquire dquot type 0
[  130.193625][ T6986] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.1129: Freeing blocks not in datazone - block = 0, count = 4096
[  130.207445][ T6986] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.1129: Invalid inode bitmap blk 0 in block_group 0
[  130.220515][ T6986] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  130.229538][ T6986] EXT4-fs (loop0): 1 orphan inode deleted
[  130.236215][ T3422] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0
[  130.240215][ T6991] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1131'.
[  130.373977][ T6986] lo speed is unknown, defaulting to 1000
[  130.425746][ T6996] loop2: detected capacity change from 0 to 128
[  130.478906][ T6993] loop1: detected capacity change from 0 to 8192
[  130.488414][ T7004] loop0: detected capacity change from 0 to 128
[  130.495254][ T7004] EXT4-fs: Ignoring removed nobh option
[  130.508244][ T7004] ext4 filesystem being mounted at /205/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  130.539879][ T3846]  loop1: p2 p3 p4
[  130.543787][ T3846] loop1: p2 start 452985600 is beyond EOD, truncated
[  130.550816][ T3846] loop1: p3 size 33554432 extends beyond EOD, truncated
[  130.600516][ T3846] loop1: p4 start 8388607 is beyond EOD, truncated
[  130.657305][ T6993]  loop1: p2 p3 p4
[  130.661922][ T6993] loop1: p2 start 452985600 is beyond EOD, truncated
[  130.668746][ T6993] loop1: p3 size 33554432 extends beyond EOD, truncated
[  130.748285][ T6993] loop1: p4 start 8388607 is beyond EOD, truncated
[  130.943857][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  130.992382][ T3321] EXT4-fs unmount: 20 callbacks suppressed
[  130.992419][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.016690][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  131.209841][ T7034] loop3: detected capacity change from 0 to 128
[  131.226768][ T7034] EXT4-fs: Ignoring removed nobh option
[  131.301589][ T7024] loop2: detected capacity change from 0 to 8192
[  131.310470][ T7034] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  131.363921][ T7034] ext4 filesystem being mounted at /229/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  131.417235][ T3308]  loop2: p2 p3 p4
[  131.421299][ T3308] loop2: p2 start 452985600 is beyond EOD, truncated
[  131.428117][ T3308] loop2: p3 size 33554432 extends beyond EOD, truncated
[  131.498265][ T7023] lo speed is unknown, defaulting to 1000
[  131.505235][ T3308] loop2: p4 start 8388607 is beyond EOD, truncated
[  131.524227][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.548923][ T7024]  loop2: p2 p3 p4
[  131.553092][ T7024] loop2: p2 start 452985600 is beyond EOD, truncated
[  131.560115][ T7024] loop2: p3 size 33554432 extends beyond EOD, truncated
[  131.586078][ T7024] loop2: p4 start 8388607 is beyond EOD, truncated
[  131.724089][ T7048] netlink: 'syz.2.1146': attribute type 3 has an invalid length.
[  131.732027][ T7048] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1146'.
[  131.744211][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  131.818627][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  131.960694][ T7045] lo speed is unknown, defaulting to 1000
[  131.967596][ T7053] siw: device registration error -23
[  131.968940][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.202375][ T7059] loop2: detected capacity change from 0 to 8192
[  132.268476][ T3308]  loop2: p2 p3 p4
[  132.276896][ T3308] loop2: p2 start 452985600 is beyond EOD, truncated
[  132.283674][ T3308] loop2: p3 size 33554432 extends beyond EOD, truncated
[  132.305199][ T3308] loop2: p4 start 8388607 is beyond EOD, truncated
[  132.320098][ T7059]  loop2: p2 p3 p4
[  132.329195][ T7059] loop2: p2 start 452985600 is beyond EOD, truncated
[  132.335937][ T7059] loop2: p3 size 33554432 extends beyond EOD, truncated
[  132.378925][ T7059] loop2: p4 start 8388607 is beyond EOD, truncated
[  132.453766][ T7068] loop2: detected capacity change from 0 to 1024
[  132.496996][ T7068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.517535][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  132.537148][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  132.556595][ T5161] net_ratelimit: 3 callbacks suppressed
[  132.556610][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  132.878820][ T7080] pim6reg: entered allmulticast mode
[  132.893157][ T7080] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1152'.
[  133.104072][ T7082] loop4: detected capacity change from 0 to 128
[  133.182775][ T7082] EXT4-fs: Ignoring removed nobh option
[  133.200626][ T7084] loop0: detected capacity change from 0 to 164
[  133.279013][ T7082] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.312691][ T7084] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  133.356405][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.419098][ T7082] ext4 filesystem being mounted at /217/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.516441][   T29] kauditd_printk_skb: 205 callbacks suppressed
[  133.516461][   T29] audit: type=1400 audit(1748931662.662:4234): avc:  denied  { mount } for  pid=7083 comm="syz.0.1156" name="/" dev="loop0" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  133.596571][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.608748][ T7084] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  133.618752][ T7084] Symlink component flag not implemented
[  133.623222][ T7087] loop3: detected capacity change from 0 to 1024
[  133.624434][ T7084] Symlink component flag not implemented
[  133.624812][ T7084] Symlink component flag not implemented (7)
[  133.632215][ T7087] ext4: Unknown parameter 'noacl'
[  133.636672][ T7084] Symlink component flag not implemented (116)
[  133.691013][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.711016][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.724802][   T29] audit: type=1400 audit(1748931662.982:4235): avc:  denied  { unmount } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  133.786236][   T29] audit: type=1326 audit(1748931663.042:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  133.827812][ T7093] loop3: detected capacity change from 0 to 256
[  133.949829][   T29] audit: type=1326 audit(1748931663.042:4237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  133.973389][   T29] audit: type=1326 audit(1748931663.072:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  133.996851][   T29] audit: type=1326 audit(1748931663.072:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  134.020457][   T29] audit: type=1326 audit(1748931663.072:4240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  134.043971][   T29] audit: type=1326 audit(1748931663.072:4241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  134.067524][   T29] audit: type=1326 audit(1748931663.072:4242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  134.091070][   T29] audit: type=1326 audit(1748931663.072:4243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7088 comm="syz.3.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dccd6e969 code=0x7ffc0000
[  134.824708][   T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.887816][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.897023][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  135.086704][ T7115] loop3: detected capacity change from 0 to 2048
[  135.249033][ T7134] FAULT_INJECTION: forcing a failure.
[  135.249033][ T7134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.262339][ T7134] CPU: 1 UID: 0 PID: 7134 Comm: syz.0.1171 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  135.262369][ T7134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  135.262400][ T7134] Call Trace:
[  135.262408][ T7134]  <TASK>
[  135.262418][ T7134]  __dump_stack+0x1d/0x30
[  135.262445][ T7134]  dump_stack_lvl+0xe8/0x140
[  135.262471][ T7134]  dump_stack+0x15/0x1b
[  135.262487][ T7134]  should_fail_ex+0x265/0x280
[  135.262509][ T7134]  should_fail+0xb/0x20
[  135.262580][ T7134]  should_fail_usercopy+0x1a/0x20
[  135.262603][ T7134]  _copy_from_user+0x1c/0xb0
[  135.262636][ T7134]  ___sys_sendmsg+0xc1/0x1d0
[  135.262709][ T7134]  __x64_sys_sendmsg+0xd4/0x160
[  135.262751][ T7134]  x64_sys_call+0x2999/0x2fb0
[  135.262832][ T7134]  do_syscall_64+0xd2/0x200
[  135.262864][ T7134]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.262897][ T7134]  ? clear_bhb_loop+0x40/0x90
[  135.262925][ T7134]  ? clear_bhb_loop+0x40/0x90
[  135.262954][ T7134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.262995][ T7134] RIP: 0033:0x7fb090f9e969
[  135.263014][ T7134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.263038][ T7134] RSP: 002b:00007fb08f607038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.263062][ T7134] RAX: ffffffffffffffda RBX: 00007fb0911c5fa0 RCX: 00007fb090f9e969
[  135.263144][ T7134] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  135.263160][ T7134] RBP: 00007fb08f607090 R08: 0000000000000000 R09: 0000000000000000
[  135.263173][ T7134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.263195][ T7134] R13: 0000000000000000 R14: 00007fb0911c5fa0 R15: 00007ffdff3a59c8
[  135.263220][ T7134]  </TASK>
[  135.681846][ T7138] loop0: detected capacity change from 0 to 2048
[  135.848873][ T7115]  loop3: p1 < > p4
[  135.856436][ T7138]  loop0: p1 < > p4
[  135.863606][ T7115] loop3: p4 size 8388608 extends beyond EOD, truncated
[  135.871153][ T7138] loop0: p4 size 8388608 extends beyond EOD, truncated
[  135.872306][ T7141] loop2: detected capacity change from 0 to 128
[  135.888084][ T3007]  loop0: p1 < > p4
[  135.893190][ T3007] loop0: p4 size 8388608 extends beyond EOD, truncated
[  135.975165][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  135.986149][ T3846] udevd[3846]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  136.066645][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  136.077413][ T3854] udevd[3854]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  136.120732][ T5747] udevd[5747]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  136.121610][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  136.146869][ T7157] netlink: 'syz.4.1178': attribute type 1 has an invalid length.
[  136.154672][ T7157] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1178'.
[  136.396128][ T3422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.831480][ T7172] FAULT_INJECTION: forcing a failure.
[  136.831480][ T7172] name failslab, interval 1, probability 0, space 0, times 0
[  136.844316][ T7172] CPU: 1 UID: 0 PID: 7172 Comm: syz.3.1184 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  136.844348][ T7172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  136.844364][ T7172] Call Trace:
[  136.844371][ T7172]  <TASK>
[  136.844379][ T7172]  __dump_stack+0x1d/0x30
[  136.844477][ T7172]  dump_stack_lvl+0xe8/0x140
[  136.844501][ T7172]  dump_stack+0x15/0x1b
[  136.844520][ T7172]  should_fail_ex+0x265/0x280
[  136.844547][ T7172]  should_failslab+0x8c/0xb0
[  136.844574][ T7172]  kmem_cache_alloc_node_noprof+0x57/0x320
[  136.844615][ T7172]  ? __alloc_skb+0x101/0x320
[  136.844650][ T7172]  __alloc_skb+0x101/0x320
[  136.844682][ T7172]  netlink_alloc_large_skb+0xba/0xf0
[  136.844738][ T7172]  netlink_sendmsg+0x3cf/0x6b0
[  136.844831][ T7172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.844862][ T7172]  __sock_sendmsg+0x142/0x180
[  136.844886][ T7172]  ____sys_sendmsg+0x31e/0x4e0
[  136.844927][ T7172]  ___sys_sendmsg+0x17b/0x1d0
[  136.844984][ T7172]  __x64_sys_sendmsg+0xd4/0x160
[  136.845032][ T7172]  x64_sys_call+0x2999/0x2fb0
[  136.845061][ T7172]  do_syscall_64+0xd2/0x200
[  136.845113][ T7172]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  136.845140][ T7172]  ? clear_bhb_loop+0x40/0x90
[  136.845162][ T7172]  ? clear_bhb_loop+0x40/0x90
[  136.845191][ T7172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.845295][ T7172] RIP: 0033:0x7f9dccd6e969
[  136.845310][ T7172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.845329][ T7172] RSP: 002b:00007f9dcb3d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.845348][ T7172] RAX: ffffffffffffffda RBX: 00007f9dccf95fa0 RCX: 00007f9dccd6e969
[  136.845364][ T7172] RDX: 0000000000000040 RSI: 0000200000000780 RDI: 0000000000000005
[  136.845380][ T7172] RBP: 00007f9dcb3d7090 R08: 0000000000000000 R09: 0000000000000000
[  136.845394][ T7172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.845436][ T7172] R13: 0000000000000000 R14: 00007f9dccf95fa0 R15: 00007fff9ab500a8
[  136.845456][ T7172]  </TASK>
[  136.888472][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  137.085569][ T3391] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  137.242271][ T7180] netlink: 'syz.4.1186': attribute type 1 has an invalid length.
[  137.250168][ T7180] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1186'.
[  137.326551][ T7183] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.335088][ T7183] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.376940][ T7183] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1188'.
[  137.385994][ T7183] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1188'.
[  138.048772][ T7201] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  138.155981][   T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.164756][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.173741][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.307330][ T7216] loop4: detected capacity change from 0 to 8192
[  138.372716][ T7219] lo speed is unknown, defaulting to 1000
[  138.379596][ T3308]  loop4: p2 p3 p4
[  138.383464][ T3308] loop4: p2 start 452985600 is beyond EOD, truncated
[  138.390240][ T3308] loop4: p3 size 33554432 extends beyond EOD, truncated
[  138.409225][ T3308] loop4: p4 start 8388607 is beyond EOD, truncated
[  138.427249][ T7216]  loop4: p2 p3 p4
[  138.431217][ T7216] loop4: p2 start 452985600 is beyond EOD, truncated
[  138.438136][ T7216] loop4: p3 size 33554432 extends beyond EOD, truncated
[  138.461077][ T7216] loop4: p4 start 8388607 is beyond EOD, truncated
[  138.561716][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  138.606832][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  138.634145][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  138.634164][   T29] audit: type=1326 audit(1748931667.883:4415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7247 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  138.686819][ T7250] loop1: detected capacity change from 0 to 512
[  138.695856][   T29] audit: type=1326 audit(1748931667.913:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7247 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  138.719340][   T29] audit: type=1326 audit(1748931667.923:4417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7247 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  138.742959][   T29] audit: type=1326 audit(1748931667.923:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7247 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  138.766562][   T29] audit: type=1326 audit(1748931667.923:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7247 comm="syz.4.1202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bf1d8e969 code=0x7ffc0000
[  138.790147][   T29] audit: type=1400 audit(1748931667.933:4420): avc:  denied  { ioctl } for  pid=7249 comm="syz.1.1203" path="socket:[15659]" dev="sockfs" ino=15659 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  138.794795][ T7250] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.845380][ T7250] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.882683][ T7261] loop3: detected capacity change from 0 to 128
[  138.926880][ T7250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1203'.
[  138.944177][   T29] audit: type=1326 audit(1748931668.153:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7257 comm="syz.2.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  138.949005][ T7250] bridge0: port 3(macvlan2) entered blocking state
[  138.967689][   T29] audit: type=1326 audit(1748931668.153:4422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7257 comm="syz.2.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  138.974153][ T7250] bridge0: port 3(macvlan2) entered disabled state
[  138.997525][   T29] audit: type=1326 audit(1748931668.153:4423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7257 comm="syz.2.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  139.027554][   T29] audit: type=1326 audit(1748931668.153:4424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7257 comm="syz.2.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1f54ce969 code=0x7ffc0000
[  139.058262][ T7250] macvlan2: entered allmulticast mode
[  139.063731][ T7250] bridge0: entered allmulticast mode
[  139.074868][ T7250] macvlan2: left allmulticast mode
[  139.080082][ T7250] bridge0: left allmulticast mode
[  139.159932][ T7274] random: crng reseeded on system resumption
[  139.350714][ T7250] binfmt_misc: register: failed to install interpreter file ./file0
[  139.387674][ T7282] loop4: detected capacity change from 0 to 512
[  139.407915][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.450364][ T7282] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.1210: bad orphan inode 11
[  139.485492][ T7282] ext4_test_bit(bit=10, block=4) = 1
[  139.490846][ T7282] is_bad_inode(inode)=0
[  139.495010][ T7282] NEXT_ORPHAN(inode)=2080374784
[  139.500001][ T7282] max_ino=32
[  139.503326][ T7282] i_nlink=0
[  139.548310][ T7282] EXT4-fs (loop4): 1 truncate cleaned up
[  139.554434][ T7282] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.586558][ T7276] lo speed is unknown, defaulting to 1000
[  139.627574][ T7291] loop3: detected capacity change from 0 to 128
[  139.634336][ T7291] EXT4-fs: Ignoring removed nobh option
[  139.674651][ T7291] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  139.706432][ T7291] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.012087][ T7299] ==================================================================
[  140.015060][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.020225][ T7299] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark
[  140.037642][ T7299] 
[  140.039979][ T7299] write to 0xffff888106b60b3c of 4 bytes by task 7291 on cpu 0:
[  140.047632][ T7299]  xas_set_mark+0x12b/0x140
[  140.052170][ T7299]  __folio_start_writeback+0x1dd/0x440
[  140.057674][ T7299]  ext4_bio_write_folio+0x5ad/0x9f0
[  140.062941][ T7299]  mpage_submit_folio+0xe4/0x170
[  140.067935][ T7299]  mpage_process_page_bufs+0x39b/0x4a0
[  140.073429][ T7299]  mpage_prepare_extent_to_map+0x741/0xaa0
[  140.079281][ T7299]  ext4_do_writepages+0xa1a/0x21c0
[  140.084417][ T7299]  ext4_writepages+0x176/0x300
[  140.089208][ T7299]  do_writepages+0x1c3/0x310
[  140.093836][ T7299]  file_write_and_wait_range+0x156/0x2c0
[  140.099507][ T7299]  generic_buffers_fsync_noflush+0x45/0x120
[  140.105425][ T7299]  ext4_sync_file+0x1ab/0x690
[  140.110147][ T7299]  vfs_fsync_range+0x10d/0x130
[  140.114940][ T7299]  ext4_buffered_write_iter+0x34f/0x3c0
[  140.120530][ T7299]  ext4_file_write_iter+0xdbf/0xf00
[  140.125762][ T7299]  iter_file_splice_write+0x5f2/0x970
[  140.131372][ T7299]  direct_splice_actor+0x153/0x2a0
[  140.136503][ T7299]  splice_direct_to_actor+0x30f/0x680
[  140.141889][ T7299]  do_splice_direct+0xda/0x150
[  140.146674][ T7299]  do_sendfile+0x380/0x650
[  140.151124][ T7299]  __x64_sys_sendfile64+0x105/0x150
[  140.156351][ T7299]  x64_sys_call+0xb39/0x2fb0
[  140.160962][ T7299]  do_syscall_64+0xd2/0x200
[  140.165494][ T7299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.171410][ T7299] 
[  140.173739][ T7299] read to 0xffff888106b60b3c of 4 bytes by task 7299 on cpu 1:
[  140.181290][ T7299]  filemap_write_and_wait_range+0xfc/0x340
[  140.187124][ T7299]  filemap_invalidate_pages+0xa4/0x1a0
[  140.192594][ T7299]  kiocb_invalidate_pages+0x6e/0x80
[  140.197810][ T7299]  __iomap_dio_rw+0x5d4/0x1250
[  140.202585][ T7299]  iomap_dio_rw+0x40/0x90
[  140.206932][ T7299]  ext4_file_write_iter+0xad9/0xf00
[  140.212153][ T7299]  iter_file_splice_write+0x5f2/0x970
[  140.217560][ T7299]  direct_splice_actor+0x153/0x2a0
[  140.222693][ T7299]  splice_direct_to_actor+0x30f/0x680
[  140.228083][ T7299]  do_splice_direct+0xda/0x150
[  140.232858][ T7299]  do_sendfile+0x380/0x650
[  140.237384][ T7299]  __x64_sys_sendfile64+0x105/0x150
[  140.242865][ T7299]  x64_sys_call+0xb39/0x2fb0
[  140.247470][ T7299]  do_syscall_64+0xd2/0x200
[  140.251996][ T7299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.257905][ T7299] 
[  140.260232][ T7299] value changed: 0x0a000021 -> 0x04000021
[  140.265983][ T7299] 
[  140.268313][ T7299] Reported by Kernel Concurrency Sanitizer on:
[  140.274470][ T7299] CPU: 1 UID: 0 PID: 7299 Comm: syz.3.1215 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  140.286548][ T7299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.296624][ T7299] ==================================================================
[  140.384189][ T7302] loop4: detected capacity change from 0 to 128
[  140.425284][ T7302] EXT4-fs: Ignoring removed nobh option
[  140.455897][ T7302] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.488904][ T7302] ext4 filesystem being mounted at /235/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.547121][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.635532][ T3321] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  141.995750][   T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.004496][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.013158][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.021726][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.034971][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.074584][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.114875][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.155393][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.195601][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.754699][   T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.763436][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.771978][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  148.235336][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.274028][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog