last executing test programs:

8m25.430378152s ago: executing program 3 (id=658):
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000000c0)={0x0, 0x0})
munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000)
madvise(&(0x7f0000ad2000/0x4000)=nil, 0x4000, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x39000, 0x0)
splice(r1, 0x0, r0, 0x0, 0x408cd, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000140)={0x42}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0xdbdd9df066949823, 0x3, 0x4}}, 0x10, 0x0, 0x36}, 0x4004)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_io_uring_setup(0x10d, &(0x7f00000004c0)={0x0, 0x2b7a, 0x8, 0x2, 0x4}, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x4c42bb4f92, 0x0)
shutdown(r5, 0x0)
syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0xd431, 0x10100}, &(0x7f0000000240), &(0x7f0000000380))
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x1}, 0x50)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x4e20, 0x100, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000000c80)='|', 0x1, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x3, 0x10}, 0xc)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

8m24.571650989s ago: executing program 3 (id=674):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r1, 0x101)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='qdisc_enqueue\x00', r4}, 0x18)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x5e20, @rand_addr=0x64010100}, 0x10)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000040)={0x0, 0xfff}, 0x8)
sendmmsg$inet(r5, &(0x7f0000002a00)=[{{0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000880)="10ae49", 0x3}], 0x1}}], 0x1, 0x800)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x8010, r0, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x8001, 0xdf)

8m24.362381798s ago: executing program 3 (id=675):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000200)={0x3, 0x3, 0x8e30})
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="fc000000190001000400000000000000ac1414bb000000000000000000000000e000000100000000000000000000000000000000000000000a0000003b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009db70000000000000000000000000000000000000007000000000000000000000000000000000000000000000000008000000000000000000044000800fc020000000000000000000000000000000000002b00000000000000ac14142a0000000000000000000600"/172], 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x800)

8m24.278289628s ago: executing program 3 (id=677):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1000410, &(0x7f0000000040)={[{@barrier_val={'barrier', 0x3d, 0x7}}, {@i_version}]}, 0x4, 0x504, &(0x7f0000019940)="$eJzs3c9vG1kdAPDvOHGTZt1NF/YACNiyLBRU6vzobrRaDnQvILRaCbFCQuLQDYk3imLXUZwsTcghPXJHohIn+BO4cUDqiQM3bnDjUg5IBSJQg8Rh0IyniZvEdWiTeGt/PtJ45r1x/H3PznvP8xznBTC0rkTETkRciIgPI2KyyE+KLW62t+x+j3a3F/Z2txeSSNMP/pHk57O86PiZzEvFY45HxPe/E/Hj5Gjc1ubWyny9Xlsr0lPrjdWp1ubW9eVSkTM7NzM3/faNt2ZPra6vNX7z8NvL7/3gd7/9woM/7nz9p1mxKj+7lJ/rrMdpale9HJWOvNGIeO8sgvXJaPH7w4sna22fiojX8/Y/GSP5qwkADLI0nYx0sjMNAAy67Pq/EkmpWswFVKJUqlbbc3ivxkSp3mytX5tsbtxejHwO63KUSx8t12vTxVzh5SgnWXomPz5Izx5K34iIVyLi52MX83R1oVlf7OcbHwAYYi8dGv//PdYe/wGAATfe7wIAAOfO+A8Aw8f4DwDD5/8Y/307EAAGhOt/ABg+xn8AGD49x/+751MOAOBcfO/997Mt3Sv+//Xix5sb36x8fH2x1lqpNjYWqgvNtdXqUrO5VK9VF9K01+PVm83VmTf3k63NrVuN5sbt9VvLjfml2q1a+YzrAwD09spr9/+cRMTOOxfzLTrWcjBWw2ArPZE6ZqEeYGCN9LsAQN/4Pg8MrxNc45sGgAHX68q/658I3bP4K7yorn7W/D8Mq1K/CwD0zbPN/3/r1MsBnD/z/zC80jSx5j8ADBlz/MCzfP7/wyg+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAhVcm3pFTN1wLfyW5L1WrEpYi4HOXko+V6bToiXo6IP42Vx7L0TL8LDQA8p9LfkmL9r6uTb1QOn72Q/Gcs30fET375wS/uzK+vr81k+f/cz1+/V+TPXuhHBQCATjePZrXH6WLfcSH/aHd74fF2nkV8+G57cdEs7l6xtc+Mxmi+H49yREz8KynSbdn7lZFTiL9zNyI+c1D/Ox0RKvkcSHvl08Pxs9iXziD+wfOfRJqm6UH80hPxS3nZsn05fy4+fQplgWFz/912P5m1u4u721kTK9pfKa7k++Pb/3jeQz2/x/3f3pH+r7Tf/40ciZ/kbf7KfvrpJXn45u+/eyQznWyfuxvxudHj4if78ZMu/e8bJ6zjXz7/xde7nUt/FXE1jo/f1si72an1xupUa3Pr+nJjfqm2VLs9Ozs3Mzf99o23ZqfyOer27R+Oi/H3d6693C1+Vv+JLvHHe9T/Kyes/6//++GPvvSU+F/78vGv/6tPiZ+NiV89Yfz5iZvHLd+9H3+xS/17vf7XThj/wV+3Fk94VwDgHLQ2t1bm6/XaWo+D7L1mr/s4eDEPYifinIN+YzziE1F3B90O+t0zAWftoNH3uyQAAAAAAAAAAAAAAEA3rc2tlbE4268T9buOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7/BQAA//+TAtDE")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', 0x0})
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff}, 0x0)
r8 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}})
connect$unix(r8, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e)
r9 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00c5"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r10, 0x0, 0x4}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@getpolicy={0x50, 0x15, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@dev}}}, 0x50}}, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r9, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmmsg$inet(r0, &(0x7f0000002f00)=[{{&(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10, 0x0}}], 0x1, 0x20004000)

8m23.550946795s ago: executing program 3 (id=690):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x7055217b4fc23f3)
perf_event_open(&(0x7f0000000140)={0x4, 0xfffffffffffffee1, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_bp={0x0, 0x7}, 0x120, 0x5dd8, 0x1000003, 0x0, 0x0, 0xc7a, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000000), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x70)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1})
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x2e2d43, 0x1cd)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x8, 0x6}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0xb8, 0x7ffc0002}]})
getcwd(&(0x7f00000003c0)=""/214, 0xd6)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r0, 0x0, r6, 0x0, 0x400000, 0x0)
socket$kcm(0x11, 0xa, 0x300)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r7], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x20, '\x00', 0x0, @fallback=0x7, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f00000002c0)={0x6, 0x4, 0x0, 'queue0\x00'})
close_range(0xffffffffffffffff, r9, 0x0)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r10, 0x40605346, &(0x7f0000000180)={0x0, 0x0, {0x0, 0x1}})

8m19.083533999s ago: executing program 3 (id=760):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_read_part_table(0x5fd, &(0x7f0000000d00)="$eJzs2z9olGccB/DvxVzOP9B0cHKpcegkFMXRDFWSU7EQTqUQHLS1iJgpQuCkhwc6tBkUM0jHLlK4ReNkzOBQFIXORRxahAwuBV2kdshbrvc2rfaPR8kNxc9n+T338rvn+/zgWZ/wvzaUarkqar+VDz751/5i9I91O8c6E5MHi6IojiaVHE81Y9++s5hkOK/umh1JRv60z/WvNy9/+fxAtfP4yIv3T9ybH1rbs5Z3k2wZeePRa/1PyaDcGL8/evHSbP1y90e9tbL6cXLz2URj6fD8wuKh6v5T3e8Xkgdlf+9ibMq5NHM+Z3Ny+L+kVl7Jb3fzm+NnHtVbK191nuxa3Vbv3D699+X25St3dydz3Yip1/6XN9+vvqzNX+bPjV2dXmjt23lr67U9zTsPG083/Fz0lJHV9ckFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAwbozfH714abZ+uTl+5lG9tfLF9999dPPZRGPp8PzC4qGR/afKvgdlHS7ruTRzPmdzMjOZyWeZ7T9yuvKP+b9sTp7sWt1W79w+vffl5PKVu7vLvqn1GPZvvD7/3NjV6YXWvp23tl7b07zzsPF0Q69vppZPU+2tawM6CwAAAAAAAAAAAAAAAAAAAG+vicmD26c+bBxNKjm+MclPnw91vxflI/ff3+rvKOsPtWRTkusbk/bzA9XO4yMvRk7cm/+x7G+nlnaSLd8sHUveW8u58JfkyqBHow+/BgAA//8hVpWc")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40044)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x60, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x30, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x3}, @TCA_CAKE_RAW={0x8}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x9}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x101}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
getsockname$packet(r3, &(0x7f0000001d00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001d40)=0x14)
close_range(r3, 0xffffffffffffffff, 0x0)

8m19.058220049s ago: executing program 32 (id=760):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_read_part_table(0x5fd, &(0x7f0000000d00)="$eJzs2z9olGccB/DvxVzOP9B0cHKpcegkFMXRDFWSU7EQTqUQHLS1iJgpQuCkhwc6tBkUM0jHLlK4ReNkzOBQFIXORRxahAwuBV2kdshbrvc2rfaPR8kNxc9n+T338rvn+/zgWZ/wvzaUarkqar+VDz751/5i9I91O8c6E5MHi6IojiaVHE81Y9++s5hkOK/umh1JRv60z/WvNy9/+fxAtfP4yIv3T9ybH1rbs5Z3k2wZeePRa/1PyaDcGL8/evHSbP1y90e9tbL6cXLz2URj6fD8wuKh6v5T3e8Xkgdlf+9ibMq5NHM+Z3Ny+L+kVl7Jb3fzm+NnHtVbK191nuxa3Vbv3D699+X25St3dydz3Yip1/6XN9+vvqzNX+bPjV2dXmjt23lr67U9zTsPG083/Fz0lJHV9ckFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAwbozfH714abZ+uTl+5lG9tfLF9999dPPZRGPp8PzC4qGR/afKvgdlHS7ruTRzPmdzMjOZyWeZ7T9yuvKP+b9sTp7sWt1W79w+vffl5PKVu7vLvqn1GPZvvD7/3NjV6YXWvp23tl7b07zzsPF0Q69vppZPU+2tawM6CwAAAAAAAAAAAAAAAAAAAG+vicmD26c+bBxNKjm+MclPnw91vxflI/ff3+rvKOsPtWRTkusbk/bzA9XO4yMvRk7cm/+x7G+nlnaSLd8sHUveW8u58JfkyqBHow+/BgAA//8hVpWc")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40044)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x60, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x30, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x3}, @TCA_CAKE_RAW={0x8}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x9}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x101}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
getsockname$packet(r3, &(0x7f0000001d00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001d40)=0x14)
close_range(r3, 0xffffffffffffffff, 0x0)

3.452679752s ago: executing program 2 (id=8397):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES32=r1], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x40, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x9, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

2.585716009s ago: executing program 0 (id=8418):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r4, 0xfffffffffffffffb, 0xfffffffffffffffe, 0x1)
keyctl$KEYCTL_MOVE(0x1e, r2, r2, r4, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
add_key$fscrypt_provisioning(&(0x7f00000001c0), &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000580)={0x1, 0x0, @auto=[0x39, 0x2f]}, 0xa, r2)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
listen(r0, 0x51)
ioctl$TCSETSW2(r6, 0x5425, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r5, 0x0, 0xd6, 0x6d, &(0x7f0000000280)="45888c0486d57dda0c75acf73bc8d83245a6cce9286ec5b4f06aefd357b835d9068740a7a983c79c5522eca3f8eddbd59b0423d6e95cd65fdc7b456e61f8e76a422af080f93db36970807749e5dd1618422048e110f6989d6712a3cd4c1ad818ef439dc10c4450a6849ce024f6ab4bc92712e0b260e77621a41a41dafd5f5d7c55dd4e0fc933d0c4f263373dc593048556660335b6c69cb347929ed8a5ff9b599bd3692869f1020368e4a1e1342e0f34ef1b5945fae9ad34d9ce95834496673f2d4c65e37985413263aa7c19214297ababae00862692", &(0x7f0000000380)=""/109, 0x4, 0x0, 0x1000, 0xde, &(0x7f0000001640)="2bbfb1b04b59813a60b22f1b51b383e1d268cc0b05c019eb22d2f11d47c14ebdee6ea5cf4d8adce331b3490699cdbbac1d98de6ef83e8ced9180bf5450071a3421cdcd7e11fa4f77a600f04d67e8f17759b3ff7c1c0d9a680294e165ac012912c6769bc7a166e29326ba37b55a5e8ca15e0e7b4e0a3067bb1832920f219c00dcbd94e6a4b5ed320c7e55c8ee7b0fe2923da76330f82bb86786224f324f231019c5b7de9ffd3b6b8f4d748409a1a478b6ce40b6ec4a0e268a7bd6414b31888ad8fd88e0e44c9cc97ffa3078b4946bae09b873c66ad1c34c2f46187d73448a4594ec1b0eecccb72264dc104aa0ccdb3c7cce973f5d161989b9a5e5bbc981a4f0d18e99ce7156e38d94aba13caffcd75956f92b9e9cdfcef2c25fb1e73c7ee8156f8e924d2a1c3d2472eecdf9385e4d3e6ba427b76cc6c370e639da598348f1d8a9d3501599ce0b9d291f58911639a6e83749a30f056aee905551aba4a2dbee40688b9e9b1a1ec483cff8984e4f56f04beebe6a3adeaa5b8541d910d6bbac4335d22aeb120223870b7330c52acdd8f9cf4582897d0e127ba222766d291fa6b1e9e9197d4e0cb4c0c80d8972c648202af8ab1ee88ec8fbd39a470a93e3e501890fbbe0bec0af2afd77960bf220272847a1cdf8466af0dbe53931929efdc5ce6d839e4d5635d2ae216ad1cb263d741f8f546ca7cdce6ed342d8c77e1deb48ff2a5792591da70990e7de7c1ddd22815d8529473891ce8438f397d5264a79e2ae9730f52a6353078ee2d25ba600921c6b8e1c058be7d74714ca71fe4184513dcec68c6bb8090b30f107f6d390b6f37bc6e09c8358d3d73c2b2ead0b2edbfd690394f414f7fa535b5eec29f00781c7f5555ed012d157aaa0da37afa5a1eab59511a4ad3a5d643a8769863eb6f423166f8967ef526a08590a41b0759df4f0197bd4f22ef01350088f0962f2492267bb90089828439d19fa6b1a4e28caa26ad773494a3cbf22bab0302fde67c10142483d438e2b6dc95c0ccbe091b890c99d0242c329245e61deea20de0ef1b7865a8c79d5b1ffc145b0862dfe6688f0f31b598c9730a91924866ccbaa3fd2263c02278cec78e025d2100af117b67159535e28540ae75d27cf18761a21017292069ffe0d4d5da1e869f0cd25cada1118732474d7a7b022082099d3a4ff372e4e0f8b241e180b425b02f76622497bc19cb84c7f7420b7b12a1c27452d20b9c258ac6b8afa405ceaed409597332a51ae88a2efbe46dd6bce5ea51e82c6deffaa9e739a2214e35010516214d0004ad96d78904ea65f606111c3a380a22816dfda95f685065221bd2a77942355737e99b744f4c609967f4800b4e23833182f9d1e2163f0ba2e639539fb295c985b8bb41f41d1d8fdf48179605559dc5e3053ec05e955f46bda3b936fa7e8dfedfc9b81306825b07a322abe9b193e93bd3aedc6741262b96479b690dcc702b24e689f4486dcb91fe72916fb34c1e392bf35ef8f4d7c4b7385509cabb4566d3a0952005a3304300465cd7ad1fbef3f9ec37c4634abdd3fb0989366fb1cc9d5ee08a7e7d7feac6cfad32448709d9c78a901f70928f7de79dbcddcfa49feeabcebab7d20b78fe9a2264d399171521451949d2515fcac5488340c29d4fa7159457c6696914ffdeb22c4d8f0db6fbbc85b6d45c20840acfd2e84ca6d3ffde46a977abccd56c3eb0870f3ef09e715d22271e77eb45fa78abfc6bbbc5ff54f5bd20b8cd90e50df43bf0b1986cbd210cf965f64e401e2ca6b1464e847875c70cbca5eb3e6a0e0c889f9da6e6f3fcd698382f7f16ef75f8eca53cfe04082ca5301383239ffd7891691177d3a2daec3f34fff81b2e27d460606881e015d2bb74169fe1df05ea0c7a820171a4db5497ac00a1535575ae860f111ba5ebc7d3a7e7a93409fc5ccc1e3cf249ff9983c30c30f14405041bab2e6b9fe3aaf9386bf9c29956fac829b18ad7b814a3da12fd7c35771cd033305cc7f934a9589a0339b973359bb051eb967ff27141f79fc0bb3d9f60292f3192165cebf9e0c7646e2f1fc1dcabec0c1908f3dcadc6549adf8ea24f1280191dda8dc87181c9874fbee3066d10312b8091ba9060d2f2caf84019acbc4ad00f08e53b70dfa7db6592d2d691ce36231ab30652fdb4f42fc630b47a8e86e346f4b00dbfd80ba5d7f7fe1c190fdf8e117a64c64ec9016d3bf1ad977c0cbcb07e37166522f74a737f50737689043fcef795b1a0d6e326648d7601cf6dea41896c2da7c20b18ccc91750b8528f1dde967f2f52354f6699159376ad8eea8f91a94d1d45c00ba8857e187595e11f3c19fd716f39eaa59f76d96b85a96bd9cbbd1ea79026cb88aa8fbf8cdbec3f2cb8378aede080c850627b2987a99ee6dae6d9222985ac89b009cab0553cf129072aef5c0d881fbc1083dcc6b0a064a6a2a6199b94367c1b89ab735a95540178af23422dbe4ec3d5ac9941602bfbec13480a1b9e654a6552e31a5b262b861bbadd5943c1df37d5625e4070be6a07a321e08d9d7acbe9ff0f26d70874d71802e7887a6cdd8cbea08ce32c06bc3ce736feba8a6cf1a53ff2501c3931ad6997ad7386d0f269d126f4b74a20eb866430e8d033ba112934fdd401cef399d7bacbfa8a4534f70e3f576c11c017a16c66ce47ac5f55b616c5ee4631ab38433e42918ab5ab9fbfa53c60bd43489d01a6f5fc2860cd5e7109e59c9d61cf060fdf6b5bab8c274de24cf076a600c7f32c812121b730d6c8b8d8de43663f4e5f7396cf6371729ec2900d3c25e268a7ecfc14affec0c435482c336101a3baea7c13b071a9d8d0a0754f70965c602da66163880e6f76fef4e4aa5f0de17f20ada5cdfab8b5ff25dccb3fb75ec7360bc2e59bad2dcb56d6e87cc97ce100c9ebbf3a3a5175de65c231a26a4956d7f2f7f30384ced961f79199c78cecf6aa892e4554add0337c961a0527aa9e2d25c1ace07d1c347851d7c710431bd278da1c202829d8c6ec0703bf61f1f04433e80426ff73f7c9adfb707518dc183e02ef551be9cbcd795464da50bc2ed3c7912ab4850abca57f2ff038f6b268402dec42d5d04a931080f76962a164fd2d68afa73d6454e57a8d557d2b096678d74e7a9848b12994cc43e1e984365ea56f28083078a595e765170d6cf25bf2207bdd2a81f5ee013d6b148a35dfeff04f45ada2aafc495a51558f361b15b2ac5d83e700bd27e8c83610e053eaaea3a72c6f984f8eb9df8318df5594579cda0ca5fd594cfb40e6058da5e0ea2ee45df1d7d8d70500ccda7f8bf0fb01ea7508785b4dfe7fd2f38ca3665e1a22daea96c4dbf54b3bca7035c796b4c9cc1f9fee1410b61fd89288b4b74b9347ba841cb5206404fb0a5e4c6a60a8e842ce8f38f44cff7cbc2e22f72b0df7f8ced1a0d308ef75a9a4fca36c3837f087fa609b6384eb192088f7838ac0ce4c5a0f16dd63bfd7a4c21154e0fa2ff1261984b1e039a66b8616526683b8fc67eecd25594ff7604e6d770695d6ba08c8caf123022995d39c04bc25164e6223ede925b7b88812adfba1d5a84dd7d53e8b12e45100a2a69d3e61493b3a301cbb5f5a20b0dad1974d008eaa746da6cdefdbf4c742120b2b756c60054deba5ce082f06af9ec905ca3bacaca3298f2f63f8c3019255efaae319a62e1b49d8b8bba756834c62a4eabb158db7cbd45ae00099ee06fe5c79a9d9df8b7f3b033cbaeb1ddb95817d7fcb356ca953c814d71e9e5baa42e8c103016b0521f9e0f5fbd44a0ba4ab0a6e1134516aa6b748c384112afa2e82c6c230d9426cd06c62a04f85d1b18ce5c0bb7706a568ac95b75dbec9306b3dea70d260fea48402e3874afb61012259d9fcf58bc59fab985bca5a4a6abaa8605fa86b20d9c5103c66ab89f5faf293d496445597dc8a42027fdc4d5fcad37cd0936845a7e18ed5063bdfb1eb13a81fd19b93ebba73540b9a5bd9f8e277a461a0d9d7762df5eb0db5d7dd151ca657e7749838a92ba6417a2adb881d7e545b53ff941dad0bbb61cc5c1879cdbb751d65362e262c9bcf8ae358ebcbbde4d5020608ac12828dba9d677301aecc9172c8d8d00ee74237284d80fbeb077a81f68a7e36aaeb25d51ca5420296bd050027f4a3e94033d2eff76f6cdcfac0f5f6c8aeb997a5960c48864cd9c5e4b5b8a677adce508c9cf9ad1b700748c5b79e6acfbb995841bf9cdb06e4c97962a59fe0377df7a6d1223b668da3c4e807de819937db71cb321ccb84c4b9ecab1517e87d4195b8a0591e8a1bf3d2a495e60b982d52233a945c90a4e0fb61756b3308c3d0da9ba1b93aa27f231ba15679d84d2492e533a945eb2045cbf419bf91a0be407c9b740c506e0f30c62566297b3cde72fbc6bf20a275cb3ac2b179ed8ee700ae6be088394d154bd6352e695d7e21b0c79580b398781a7f36df325cc944a216f5fe01905160396ced6425079de61d861c736f62a4cd9751095d629db9e10128f3104ffea984d649a43baf4841feb5c03c347420c7a57b96238dd301058ae834a9aeb27ff54cd4183ae703abca9181c90098a7118bc55ee9169376eafb7673c8e44955ed973ed9bf3f5810639e1d41778cae8e83184a9fa2353cc182d5bed90dda55d333801cd5903dffd62f5093e3e89c09a83bc44b672b4f535e60a310f8965b1dff13b010651807ab96541e0b1280b78d1145c98c3a0d037dc79fa44a01234895a4178d8332e0ac0b6b9fb21b5c0b08ab3743d46bf8d9200a8b45929016b6c46dfe6a93b6e6cb63175d038c5d5b2450693f5d58dcb56af3b7c3f37f994de3abdb4da085341bf639aa234df7251eaaf97d9263312b47bf9ae34f22bd65c33292c2db56e74cf6407cafaedcc885791ea7476ba3fe4da283556fad6ba46a78738ba141d956e5cba821e308b669e156a6297ea0c878a15f5695f5746b1ecc304e6a83617ff19abca1203ee107e6d68dfe5aead3d414421a0f945bfd627634ca5687a493226c588e62922cac2e5fd08fcf0493049ccb25b2d1d8c44cafe54549ac8f13a7669c50e860c86ac355b978c896f12ad9986c01dff1e30e906fdd70b0a270fefb08fcaabe657381119c87bc1882cc806125e2cf900e6570c5483ac72334885a40ffe43d7a82e513dd3fdb88abbed4269128fef0479bbc5e88c26ecf561f053af4d106937f348e0f591a7d47e66276911ee6e6705461b22dc3e2dfa7e35f2794e1aeb3af2a7875c049789dea44363e6981fc095d1831033e298c6baf86277a87dfa4f1038978c873c90ad9d62b30191c64ea5161650277544fd20b1c085c942b0f0238a21e4ccabafd12413c425cc1d9f6064d88ebc60e82dc9af8f80f710eaad98d58fa8bbe3b33944f512bf5068afbc56ad7e7fea1e0653da1a94815296dc71309d9af3dfdb8ec600731771e5a353635333beb3a0ef44f55bedc2d41bce0571870c745b10f49f3722e7d2ee83d510f8213438c4ce3a23513f75b50b9f2e8afc3e132b85fde0e4ba025ec1eafcf4e2086153b5b68c9d633848040c41ef6dcd33a514964085f3742b296cd81401dac1680ce6d30a082a2559efd547e7b2ef82aa8ac6a2951006d1dbd85fe2ba2fc0a5ed8c60abc885a730105ec08b49118a42cc425b2f0287b586041b5e9b6d3e680a9d53871a66e8d208c77389417b9d71b56bcea1e7d679ebcaa9236f719b6f1ca269e403d7051a92009edaa78047ee51f9d20ed5343c96865ad6f95207206a6c87a5ed7cafb8de12de8af48b9c99f70a7ccd51c40a3902084f92b9782ffee3ea81e9f8bab2905d3e33d478ed371c588eda6b", &(0x7f0000000680)="88c5a4de5574c956a1bac97b42b2cb2e145455b3755e85347757fd1e421fe7bc1fedf004e5373c7db1fce95ed3c8f16f58a38924afb856b35bb3ee2f597226623cc2124a9993e09196b1021a67ba6531955fb6dd7a290078e33c10ca71f7d691b961403c3e216b97d0137af69408b6c0a27c6713265f84d21602b465b4ecd03854f6d6e5030d164a463754f4545c3160a8bd4c9d122b0753fd5d921858aebcbf0dafc9c89a6f4807a8a30682a4d935a72df29cc708d71deda78de96abd551ff57e8d76969828b94cc4aad4e91993a4a6b84dca69f39cb34a699712ea82f4", 0x7, 0x0, 0x3}, 0x50)
keyctl$search(0xa, r2, &(0x7f0000000200)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, r2)

2.466046479s ago: executing program 0 (id=8421):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12000000290000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r1, &(0x7f0000000240)="e2bd"}, 0x20)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x13)

2.363514849s ago: executing program 0 (id=8423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x18)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe0200108500000007000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r2, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x7, 0x7], 0x0, 0x0, 0x2}}, 0x40)

2.346448608s ago: executing program 0 (id=8424):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000040000000000001d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r2, &(0x7f0000000340)=ANY=[], 0xff2e)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x3)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c000000100003042cbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000003c00128009000100766c616e000000002c00028006000100000000001c0003800c00010000010000800000000c00010000000000ffffff7f0400048008000a00", @ANYRES32=r6, @ANYBLOB="08000500", @ANYRES32=r6], 0x6c}, 0x1, 0xba01}, 0x0)

1.954876377s ago: executing program 1 (id=8426):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0xa, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="20000000021401002abd700001dcdf250800010000000000080044"], 0x20}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10)
inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x200000d0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170005800500000099db973b91aa057972513500b0406700912deb5b85932234", 0x3c)

1.793345866s ago: executing program 1 (id=8427):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4ca31, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084524, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, 0x0, 0x1f0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
madvise(&(0x7f00004ec000/0x1000)=nil, 0x1000, 0x10)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x11)
syz_open_dev$sg(0x0, 0x0, 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
write$binfmt_aout(r2, 0x0, 0xff2e)
ioctl$TCSETS(r2, 0x40045431, 0x0)
r3 = syz_open_pts(r2, 0x0)
dup3(r3, r2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01", @ANYRES64=r6, @ANYRES8=r0, @ANYRESHEX=r4, @ANYBLOB="3b55de7d95404eac371ac30b6574f98009bbc1736aee869c3d952fb4cc3f61d140dac9a56ef20bbd349be89308f09d162d36f5ce454e797aa2323a359dc4994b78aba5f4c74be6af82634ee71f24cd9d27d410648e56787b147d4a94678449551b687b5fd4ab408fc4289906918ea87a06780f48a27e7d7bcbbc43eeeb99c76e12aabc383ace28c9b9594ad0a37aaedc6500825e2b751893d986f782818a4d2baced1ba3c83ca831fbd199e0fb0b47e0784a0e1322155441bb5ce7e9db17b661fe8649c32fcc1b007ac19eae4fd616ab7f565d251c8246bce6d497867f738b2278972a5a238941c1873bead89b2a6be9dedb01"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r5], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r6}, 0x4)

1.671152336s ago: executing program 5 (id=8429):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4ca31, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084524, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x1f0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
madvise(&(0x7f00004ec000/0x1000)=nil, 0x1000, 0x10)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x11)
syz_open_dev$sg(0x0, 0x0, 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
write$binfmt_aout(r1, 0x0, 0xff2e)
ioctl$TCSETS(r1, 0x40045431, 0x0)
r2 = syz_open_pts(r1, 0x0)
dup3(r2, r1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) (fail_nth: 2)

1.526407565s ago: executing program 5 (id=8433):
syz_clone3(&(0x7f00000008c0)={0x14860000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, &(0x7f00000002c0)}, 0x58)

1.524957845s ago: executing program 5 (id=8434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x18)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe0200108500000007000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r2, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x7, 0x7], 0x0, 0x0, 0x2}}, 0x40)

1.500327815s ago: executing program 5 (id=8435):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14000000100001000000ddffffff00000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000114000000110001"], 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000150a0102"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.489614606s ago: executing program 0 (id=8436):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)

1.454684985s ago: executing program 0 (id=8437):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x40, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x9, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

1.285971735s ago: executing program 5 (id=8438):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='net/sockstat\x00')
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000140)=""/196, 0xc4}], 0x1, 0x200000, 0x0)
r1 = syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), r0)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_FREE_STREAMS(r3, 0x8008551d, &(0x7f0000000040)=ANY=[@ANYBLOB="a0f900000200000081"])
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x64, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @remote}}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x64}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000040000000000000000000a000000070001001b000000"], 0x1c}}, 0x0)
syz_open_dev$evdev(&(0x7f0000000100), 0x2, 0x862b01)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1d7)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4ff, 0x100000001})
sendfile(r6, r6, 0x0, 0xfffe80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r8}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)

980.784464ms ago: executing program 5 (id=8439):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x298)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x10005, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00'}, 0x3d)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xffb, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usbip_server_init(0x3)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/mnt\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/61}, 0x33)

903.774793ms ago: executing program 1 (id=8440):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x1f0, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x250)

903.435683ms ago: executing program 1 (id=8441):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x4, &(0x7f0000013d40)=ANY=[@ANYBLOB="18000000000000100000000000000700b5000000087c9a0095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2074, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r0, r2, 0x25, 0x2, @void}, 0x10) (fail_nth: 2)

756.483023ms ago: executing program 4 (id=8442):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
munmap(&(0x7f0000000000/0x3000)=nil, 0x3000)

342.945941ms ago: executing program 4 (id=8443):
bpf$TOKEN_CREATE(0x24, &(0x7f00000005c0), 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="180100004301800000000e0000000000850000007b00000095687f9f3c7b952b7a342956e951f544c4ae6d65916fc0b48794a7e17abf16dad3abcf7b3885523e57a1d17c20f9a85880a14a27fd92ee86cd7523500e23dfd9024dcd651c04ae9c59f2ed20f4b6abe04af39aad6f48ebbedd6ee728b12438b0ffb438edc4847c84af129b5dadab85ee0d52a6767ab4ec31141b97563f7f267bd5d64d44e8ac59d2f85d6aa6769a4c8358c052e89536f2218db2e3bb55073a42d88b895847445bd192e0b645357c6bbbcbf240c448145e9527e487d2e733c020b4365269eea5e6c7b7df6c85"], &(0x7f00000006c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000000800000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="fd00000000000000280012800a00010076786c616e"], 0x3}}, 0x0) (async)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x6}, 0x18) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x510, 0x0, 0x138, 0x210, 0x0, 0x138, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x2000000}}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x570) (async)
socket(0x15, 0x80000, 0x5)

266.842021ms ago: executing program 2 (id=8444):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x3c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000004)
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@empty, @random="6a2ddcf6177a", @val={@void, {0x8100, 0x1, 0x1, 0x1}}, {@ipv4={0x8864, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x57, 0x0, 0x6, 0x0, @empty, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x5}}}}}}, 0x0)

266.573051ms ago: executing program 4 (id=8445):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="5402"], 0x69)
close(r1)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='mountinfo\x00')
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000002c0)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@min_batch_time={'min_batch_time', 0x3d, 0x6}}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
lseek(r2, 0x0, 0x3)
mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x5, &(0x7f00000001c0)=0x5, 0x7e, 0x2)

205.838271ms ago: executing program 2 (id=8446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x20, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1e, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000580)='kfree\x00', r5}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a0001"], 0x118}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYRES16=r4, @ANYBLOB="0700000000000000000005000000180001801400020073797a"], 0x3c}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)

177.656091ms ago: executing program 4 (id=8447):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
munmap(&(0x7f0000000000/0x3000)=nil, 0x3000)

154.976201ms ago: executing program 4 (id=8448):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14000000100001000000ddffffff00000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000114000000110001"], 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000150a0102"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

144.21241ms ago: executing program 2 (id=8449):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14000000100001000000ddffffff00000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000114000000110001"], 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000150a0102"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

130.744511ms ago: executing program 4 (id=8450):
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r1=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r1, &(0x7f00000006c0)=ANY=[], 0xcfa4)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x6, 0x12, 0xf, 0x8, "9c50513463bc62b11edbd9d7eab9b2b4b5968e319f11259d0ed6e4b9ade1f00abc6a8c01b45872570febdd5f22a5314d90480ac6b5f4e3895333db5c51c2d79c", "d517e05a6434bbb7324bbf6c2323043603c965afe6cd7357ecd1e82f46b371e5", [0x1, 0x7fffffffffffffff]})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r3=>0x0})
connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)

120.17011ms ago: executing program 2 (id=8451):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8") (async)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710004000000000095000300"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000370b000000000000f8ffffff18ec00000000000000fcffffff95000000000000009500000000000000"], &(0x7f0000000380)='syzkaller\x00', 0x2, 0x44, &(0x7f0000000440)=""/68, 0x41000, 0x30, '\x00', r3, 0x25, r0, 0x8, &(0x7f00000004c0)={0x7, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000500)=[{0x3, 0x1, 0x0, 0x5}, {0x5, 0x4, 0x3}, {0x0, 0x1, 0x2, 0x3}, {0x2, 0x2, 0xf, 0x3}, {0x1, 0x4, 0x4, 0x8}, {0x4, 0x4, 0x0, 0x5}, {0x0, 0x4, 0xa, 0x4}], 0x10, 0x0, @void, @value}, 0x94) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c0000001a000100a483fb3afbdbdf2581bc"], 0x1c}}, 0x884) (async)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e24, 0x0, @loopback, 0xfffffffd}, 0x4f)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4) (async)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", "5d362ced", "bc3a20b10f4ad11e"}, 0x38) (async)
close(r2) (async)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x102092, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x8)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10) (async)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=ANY=[@ANYBLOB="1000000004000000040000000700000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000001"], 0x48) (async)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000040)={0x1d, r8, 0x1, {0x2, 0x0, 0x4}, 0x42bfd90a51382d58}, 0x18) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff000000000000000000000000fe80000000000000000000000000001a00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff3400000a0002"], 0x138}, 0x1, 0xe}, 0x0) (async)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r10, &(0x7f0000000940)=[{&(0x7f0000000080)='\x00', 0x1}], 0x1, 0xe7b, 0x0, 0x10)

51.93805ms ago: executing program 2 (id=8452):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1000410, &(0x7f0000000040)={[{@barrier_val={'barrier', 0x3d, 0x7}}, {@i_version}]}, 0x4, 0x504, &(0x7f0000019940)="$eJzs3c9vG1kdAPDvOHGTZt1NF/YACNiyLBRU6vzobrRaDnQvILRaCbFCQuLQDYk3imLXUZwsTcghPXJHohIn+BO4cUDqiQM3bnDjUg5IBSJQg8Rh0IyniZvEdWiTeGt/PtJ45r1x/H3PznvP8xznBTC0rkTETkRciIgPI2KyyE+KLW62t+x+j3a3F/Z2txeSSNMP/pHk57O86PiZzEvFY45HxPe/E/Hj5Gjc1ubWyny9Xlsr0lPrjdWp1ubW9eVSkTM7NzM3/faNt2ZPra6vNX7z8NvL7/3gd7/9woM/7nz9p1mxKj+7lJ/rrMdpale9HJWOvNGIeO8sgvXJaPH7w4sna22fiojX8/Y/GSP5qwkADLI0nYx0sjMNAAy67Pq/EkmpWswFVKJUqlbbc3ivxkSp3mytX5tsbtxejHwO63KUSx8t12vTxVzh5SgnWXomPz5Izx5K34iIVyLi52MX83R1oVlf7OcbHwAYYi8dGv//PdYe/wGAATfe7wIAAOfO+A8Aw8f4DwDD5/8Y/307EAAGhOt/ABg+xn8AGD49x/+751MOAOBcfO/997Mt3Sv+//Xix5sb36x8fH2x1lqpNjYWqgvNtdXqUrO5VK9VF9K01+PVm83VmTf3k63NrVuN5sbt9VvLjfml2q1a+YzrAwD09spr9/+cRMTOOxfzLTrWcjBWw2ArPZE6ZqEeYGCN9LsAQN/4Pg8MrxNc45sGgAHX68q/658I3bP4K7yorn7W/D8Mq1K/CwD0zbPN/3/r1MsBnD/z/zC80jSx5j8ADBlz/MCzfP7/wyg+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAhVcm3pFTN1wLfyW5L1WrEpYi4HOXko+V6bToiXo6IP42Vx7L0TL8LDQA8p9LfkmL9r6uTb1QOn72Q/Gcs30fET375wS/uzK+vr81k+f/cz1+/V+TPXuhHBQCATjePZrXH6WLfcSH/aHd74fF2nkV8+G57cdEs7l6xtc+Mxmi+H49yREz8KynSbdn7lZFTiL9zNyI+c1D/Ox0RKvkcSHvl08Pxs9iXziD+wfOfRJqm6UH80hPxS3nZsn05fy4+fQplgWFz/912P5m1u4u721kTK9pfKa7k++Pb/3jeQz2/x/3f3pH+r7Tf/40ciZ/kbf7KfvrpJXn45u+/eyQznWyfuxvxudHj4if78ZMu/e8bJ6zjXz7/xde7nUt/FXE1jo/f1si72an1xupUa3Pr+nJjfqm2VLs9Ozs3Mzf99o23ZqfyOer27R+Oi/H3d6693C1+Vv+JLvHHe9T/Kyes/6//++GPvvSU+F/78vGv/6tPiZ+NiV89Yfz5iZvHLd+9H3+xS/17vf7XThj/wV+3Fk94VwDgHLQ2t1bm6/XaWo+D7L1mr/s4eDEPYifinIN+YzziE1F3B90O+t0zAWftoNH3uyQAAAAAAAAAAAAAAEA3rc2tlbE4268T9buOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7/BQAA//+TAtDE")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', 0x0})
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff}, 0x0)
r8 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}})
connect$unix(r8, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e)
r9 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00c5"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@getpolicy={0x50, 0x15, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@dev}}}, 0x50}}, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r9, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmmsg$inet(r0, &(0x7f0000002f00)=[{{&(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10, 0x0}}], 0x1, 0x20004000)

16.67614ms ago: executing program 1 (id=8453):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
munmap(&(0x7f0000000000/0x3000)=nil, 0x3000)

0s ago: executing program 1 (id=8454):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000001811", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES32=r1], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x40, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x9, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

kernel console output (not intermixed with test programs):

netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.532834][T28295] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.8037: Failed to acquire dquot type 1
[  549.589539][T28295] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  549.618346][T28318] FAULT_INJECTION: forcing a failure.
[  549.618346][T28318] name failslab, interval 1, probability 0, space 0, times 0
[  549.631125][T28318] CPU: 0 UID: 0 PID: 28318 Comm: syz.0.8046 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  549.631156][T28318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  549.631171][T28318] Call Trace:
[  549.631179][T28318]  <TASK>
[  549.631187][T28318]  dump_stack_lvl+0xf2/0x150
[  549.631215][T28318]  dump_stack+0x15/0x1a
[  549.631288][T28318]  should_fail_ex+0x24a/0x260
[  549.631353][T28318]  should_failslab+0x8f/0xb0
[  549.631377][T28318]  __kmalloc_node_noprof+0xad/0x410
[  549.631420][T28318]  ? qdisc_alloc+0x65/0x450
[  549.631457][T28318]  qdisc_alloc+0x65/0x450
[  549.631526][T28318]  qdisc_create+0xe5/0xae0
[  549.631575][T28318]  ? __kfree_skb+0x102/0x150
[  549.631608][T28318]  ? __nla_parse+0x40/0x60
[  549.631632][T28318]  tc_modify_qdisc+0x668/0x1100
[  549.631669][T28318]  ? ns_capable+0x7d/0xb0
[  549.631693][T28318]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  549.631797][T28318]  rtnetlink_rcv_msg+0x6aa/0x710
[  549.631895][T28318]  ? ref_tracker_free+0x3a5/0x410
[  549.631969][T28318]  ? __dev_queue_xmit+0x186/0x2090
[  549.632003][T28318]  netlink_rcv_skb+0x12c/0x230
[  549.632039][T28318]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  549.632079][T28318]  rtnetlink_rcv+0x1c/0x30
[  549.632186][T28318]  netlink_unicast+0x599/0x670
[  549.632222][T28318]  netlink_sendmsg+0x5cc/0x6e0
[  549.632299][T28318]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.632336][T28318]  __sock_sendmsg+0x140/0x180
[  549.632359][T28318]  ____sys_sendmsg+0x312/0x410
[  549.632499][T28318]  __sys_sendmsg+0x19d/0x230
[  549.632678][T28318]  __x64_sys_sendmsg+0x46/0x50
[  549.632714][T28318]  x64_sys_call+0x2734/0x2dc0
[  549.632749][T28318]  do_syscall_64+0xc9/0x1c0
[  549.632824][T28318]  ? clear_bhb_loop+0x55/0xb0
[  549.632852][T28318]  ? clear_bhb_loop+0x55/0xb0
[  549.632878][T28318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.632907][T28318] RIP: 0033:0x7f822a6bcda9
[  549.632963][T28318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.632985][T28318] RSP: 002b:00007f8228d27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  549.633007][T28318] RAX: ffffffffffffffda RBX: 00007f822a8d5fa0 RCX: 00007f822a6bcda9
[  549.633022][T28318] RDX: 0000000000000000 RSI: 00000000200012c0 RDI: 0000000000000003
[  549.633037][T28318] RBP: 00007f8228d27090 R08: 0000000000000000 R09: 0000000000000000
[  549.633051][T28318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  549.633065][T28318] R13: 0000000000000000 R14: 00007f822a8d5fa0 R15: 00007ffc73fc5388
[  549.633098][T28318]  </TASK>
[  549.634794][T28289] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.695468][T28323] loop0: detected capacity change from 0 to 1024
[  549.699115][T28322] syz.1.8048: attempt to access beyond end of device
[  549.699115][T28322] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  549.742088][T28323] EXT4-fs: Ignoring removed nobh option
[  549.752565][T28322] loop1: detected capacity change from 0 to 128
[  549.761934][T28323] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  549.784337][T28322] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  549.791428][T28323] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.8047: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  549.973461][T28323] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8047: couldn't read orphan inode 11 (err -117)
[  549.996429][T28323] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.8047: Invalid block bitmap block 0 in block_group 0
[  550.014040][T28323] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.8047: Failed to acquire dquot type 0
[  550.041694][T28289] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.145734][T28289] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  550.152176][T28341] syz.1.8048: attempt to access beyond end of device
[  550.152176][T28341] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  550.157565][T28289] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  550.180801][T28289] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  550.195355][T28289] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  550.333478][T28350] hub 6-0:1.0: USB hub found
[  550.338283][T28350] hub 6-0:1.0: 8 ports detected
[  550.396933][T28354] pim6reg1: entered promiscuous mode
[  550.402494][T28354] pim6reg1: entered allmulticast mode
[  550.705796][T28364] syz.1.8061: attempt to access beyond end of device
[  550.705796][T28364] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  550.722713][T28364] loop1: detected capacity change from 0 to 128
[  550.743795][T28364] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  550.873002][T28366] syz.2.8062: attempt to access beyond end of device
[  550.873002][T28366] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  550.894017][T28366] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  550.956127][T28364] syz.1.8061: attempt to access beyond end of device
[  550.956127][T28364] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  551.090155][T28368] loop5: detected capacity change from 0 to 512
[  551.109416][T28368] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #15: comm syz.5.8063: casefold flag without casefold feature
[  551.141267][T28366] Invalid ELF header magic: != ELF
[  551.142427][T28368] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.8063: couldn't read orphan inode 15 (err -117)
[  551.232910][T28372] loop5: detected capacity change from 0 to 512
[  551.240997][T28372] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #15: comm syz.5.8064: casefold flag without casefold feature
[  551.256864][T28372] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.8064: couldn't read orphan inode 15 (err -117)
[  551.311302][T28375] loop5: detected capacity change from 0 to 512
[  551.317810][T28375] EXT4-fs: Ignoring removed i_version option
[  551.341105][T28375] ext4 filesystem being mounted at /203/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  551.357917][T28375] 9pnet_fd: Insufficient options for proto=fd
[  551.365384][T28375] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  551.382146][T28375] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #4: comm syz.5.8065: corrupted inode contents
[  551.394444][T28375] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #4: comm syz.5.8065: mark_inode_dirty error
[  551.406532][T28375] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #4: comm syz.5.8065: corrupted inode contents
[  551.418814][T28375] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #4: comm syz.5.8065: mark_inode_dirty error
[  551.431245][T28375] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.8065: Failed to acquire dquot type 1
[  551.442818][T28375] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  551.455114][T28375] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.501079][T28375] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.543494][T28385] loop1: detected capacity change from 0 to 256
[  551.552742][T28375] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.613320][T28375] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.633081][T28391] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  551.640495][T28391] vhci_hcd: invalid port number 23
[  551.732991][T28401] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  551.741331][T28399] loop0: detected capacity change from 0 to 512
[  551.751704][T28399] EXT4-fs: Ignoring removed i_version option
[  551.761126][T28399] ext4 filesystem being mounted at /342/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  551.777600][T28399] 9pnet_fd: Insufficient options for proto=fd
[  551.786223][T28399] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  551.839711][T28399] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #4: comm syz.0.8073: corrupted inode contents
[  551.852103][T28399] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #4: comm syz.0.8073: mark_inode_dirty error
[  551.863974][T28399] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #4: comm syz.0.8073: corrupted inode contents
[  551.876916][T28399] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #4: comm syz.0.8073: mark_inode_dirty error
[  551.888563][T28399] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.8073: Failed to acquire dquot type 1
[  551.900433][T28399] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  551.923740][T28399] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.973038][T28399] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.032276][T28399] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.093090][T28399] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.157446][T28399] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  552.169760][T28399] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  552.182065][T28399] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  552.193869][T28399] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  552.307282][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  552.356610][T28414] syz.0.8077: attempt to access beyond end of device
[  552.356610][T28414] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  552.385429][T28414] loop0: detected capacity change from 0 to 128
[  552.430095][T28414] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  552.581497][T28419] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[  552.588157][T28419] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  552.596378][T28419] vhci_hcd vhci_hcd.0: Device attached
[  552.630594][T28420] vhci_hcd: connection closed
[  552.631074][ T3413] vhci_hcd: stop threads
[  552.640165][ T3413] vhci_hcd: release socket
[  552.644617][ T3413] vhci_hcd: disconnect device
[  552.659820][T28414] syz.0.8077: attempt to access beyond end of device
[  552.659820][T28414] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  553.227556][T28427] loop0: detected capacity change from 0 to 512
[  553.270499][T28427] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.8081: casefold flag without casefold feature
[  553.330232][T28427] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8081: couldn't read orphan inode 15 (err -117)
[  553.539237][   T29] kauditd_printk_skb: 784 callbacks suppressed
[  553.539256][   T29] audit: type=1326 audit(2000262817.382:40590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.570023][   T29] audit: type=1326 audit(2000262817.382:40591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.593968][   T29] audit: type=1326 audit(2000262817.382:40592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.618251][   T29] audit: type=1326 audit(2000262817.382:40593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.642655][   T29] audit: type=1326 audit(2000262817.382:40594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.666239][   T29] audit: type=1326 audit(2000262817.382:40595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.690908][   T29] audit: type=1326 audit(2000262817.382:40596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28440 comm="syz.1.8087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7a028cda9 code=0x7ffc0000
[  553.898196][T28451] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  553.904906][T28451] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  553.913009][T28451] vhci_hcd vhci_hcd.0: Device attached
[  553.943781][T28452] vhci_hcd: connection closed
[  553.944040][ T3413] vhci_hcd: stop threads
[  553.953097][ T3413] vhci_hcd: release socket
[  553.957534][ T3413] vhci_hcd: disconnect device
[  554.154572][   T29] audit: type=1326 audit(2000262818.012:40597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28454 comm="syz.2.8091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  554.193245][   T29] audit: type=1326 audit(2000262818.042:40598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28454 comm="syz.2.8091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  554.217562][   T29] audit: type=1326 audit(2000262818.042:40599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28454 comm="syz.2.8091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  554.342862][T28459] syz.0.8092: attempt to access beyond end of device
[  554.342862][T28459] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  554.357724][T28459] loop0: detected capacity change from 0 to 128
[  554.384459][T28459] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  554.440031][T28471] loop1: detected capacity change from 0 to 1764
[  554.506582][T28484] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  554.552409][T28488] usb usb7: usbfs: process 28488 (syz.4.8103) did not claim interface 0 before use
[  554.575330][T28488] loop4: detected capacity change from 0 to 2048
[  554.592875][T28488] ext4 filesystem being mounted at /446/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  554.617006][T28459] syz.0.8092: attempt to access beyond end of device
[  554.617006][T28459] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  554.621834][T28375] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  554.644084][T28375] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  554.661538][T28375] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  554.675765][T28375] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  554.845647][T28492] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.8103: bg 0: block 345: padding at end of block bitmap is not set
[  554.866227][T28492] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  554.879629][T28492] EXT4-fs (loop4): This should not happen!! Data will be lost
[  554.879629][T28492] 
[  554.978840][ T3413] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  554.991855][ T3413] EXT4-fs (loop4): This should not happen!! Data will be lost
[  554.991855][ T3413] 
[  555.001734][ T3413] EXT4-fs (loop4): Total free blocks count 0
[  555.007753][ T3413] EXT4-fs (loop4): Free/Dirty block details
[  555.013905][ T3413] EXT4-fs (loop4): free_blocks=0
[  555.018859][ T3413] EXT4-fs (loop4): dirty_blocks=2048
[  555.024347][ T3413] EXT4-fs (loop4): Block reservation details
[  555.030364][ T3413] EXT4-fs (loop4): i_reserved_data_blocks=128
[  555.115171][T28501] loop4: detected capacity change from 0 to 512
[  555.247680][T28509] loop0: detected capacity change from 0 to 1024
[  555.257428][T28509] EXT4-fs: Ignoring removed nobh option
[  555.292147][T28509] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  555.313641][T28509] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.8107: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  555.344119][T28509] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8107: couldn't read orphan inode 11 (err -117)
[  555.362613][T28514] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  555.369345][T28514] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  555.379454][T28514] vhci_hcd vhci_hcd.0: Device attached
[  555.417051][T28517] vhci_hcd: connection closed
[  555.417288][ T3413] vhci_hcd: stop threads
[  555.426453][ T3413] vhci_hcd: release socket
[  555.431693][ T3413] vhci_hcd: disconnect device
[  555.855345][T28542] bridge0: port 4(vlan2) entered blocking state
[  555.861699][T28542] bridge0: port 4(vlan2) entered disabled state
[  555.868536][T28542] vlan2: entered allmulticast mode
[  555.876872][T28542] vlan2: left allmulticast mode
[  556.003286][T28544] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  556.009930][T28544] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  556.018129][T28544] vhci_hcd vhci_hcd.0: Device attached
[  556.037172][T28545] vhci_hcd: connection closed
[  556.037363][   T57] vhci_hcd: stop threads
[  556.046561][   T57] vhci_hcd: release socket
[  556.051042][   T57] vhci_hcd: disconnect device
[  556.350727][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.358215][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.365803][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.378914][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.386465][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.394092][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.401550][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.406185][T28550] loop1: detected capacity change from 0 to 512
[  556.408948][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.423009][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.430477][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.437901][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.445358][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.452911][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.460472][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.460733][T28553] loop0: detected capacity change from 0 to 512
[  556.468451][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.478493][T28553] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  556.481916][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.481944][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.481974][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482000][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482026][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482051][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482093][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482119][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482145][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482171][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482231][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482303][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482328][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482351][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.482375][ T1032] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  556.529894][ T1032] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID vffffff.fd Device [syz0] on syz1
[  556.632555][T28564] loop4: detected capacity change from 0 to 1024
[  556.639506][T28564] EXT4-fs: Ignoring removed nobh option
[  556.647361][T28553] EXT4-fs (loop0): 1 truncate cleaned up
[  556.678960][T28564] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  556.715651][T28564] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.8123: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  556.736188][T28570] loop1: detected capacity change from 0 to 512
[  556.748308][T28564] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.8123: couldn't read orphan inode 11 (err -117)
[  556.769011][T28570] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.8125: casefold flag without casefold feature
[  556.795063][T28570] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8125: couldn't read orphan inode 15 (err -117)
[  556.854558][T28578] syz.4.8129: attempt to access beyond end of device
[  556.854558][T28578] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  556.869669][T28578] loop4: detected capacity change from 0 to 128
[  556.891827][T28578] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  556.919544][T28583] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[  556.926534][T28583] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  556.934716][T28583] vhci_hcd vhci_hcd.0: Device attached
[  556.959619][T28589] bridge0: port 3(dummy0) entered blocking state
[  556.966498][T28589] bridge0: port 3(dummy0) entered forwarding state
[  556.977017][T28589] 8021q: adding VLAN 0 to HW filter on device bond0
[  556.984251][T28584] vhci_hcd: connection closed
[  556.988460][ T3413] vhci_hcd: stop threads
[  556.997557][ T3413] vhci_hcd: release socket
[  557.002117][ T3413] vhci_hcd: disconnect device
[  557.007078][T28589] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  557.026708][T28591] bridge0: port 4(vlan2) entered blocking state
[  557.033875][T28591] bridge0: port 4(vlan2) entered disabled state
[  557.040441][T28591] vlan2: entered allmulticast mode
[  557.046340][T28591] vlan2: left allmulticast mode
[  557.104218][T28578] syz.4.8129: attempt to access beyond end of device
[  557.104218][T28578] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[  557.260475][T28604] bridge0: port 4(vlan2) entered blocking state
[  557.267071][T28604] bridge0: port 4(vlan2) entered disabled state
[  557.274373][T28604] vlan2: entered allmulticast mode
[  557.280044][T28604] vlan2: left allmulticast mode
[  557.518767][T28606] loop0: detected capacity change from 0 to 512
[  557.553616][T28612] loop0: detected capacity change from 0 to 1024
[  557.560413][T28612] EXT4-fs: Ignoring removed nobh option
[  557.566683][T28612] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  557.578930][T28612] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.8137: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  557.598648][T28612] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8137: couldn't read orphan inode 11 (err -117)
[  557.738270][T28634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8145'.
[  557.753912][T28634] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8145'.
[  557.758728][T28631] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  557.771995][T28631] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  557.780280][T28631] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  557.788463][T28631] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  557.801631][T28631] geneve2: entered promiscuous mode
[  557.807079][T28631] geneve2: entered allmulticast mode
[  557.830994][T28631] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  557.839427][T28631] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  557.847787][T28631] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  557.856927][T28631] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  557.897480][T28640] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  557.933118][T28645] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8148'.
[  557.944314][T28645] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=512 sclass=netlink_xfrm_socket pid=28645 comm=syz.2.8148
[  557.975398][    C1] sd 0:0:1:0: [sda] tag#4405 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  557.986518][    C1] sd 0:0:1:0: [sda] tag#4405 CDB: Read(6) 08 00 0c 6a 08 48
[  558.013006][T28643] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(13)
[  558.019737][T28643] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  558.027709][T28643] vhci_hcd vhci_hcd.0: Device attached
[  558.047099][T28648] vhci_hcd: connection closed
[  558.055288][ T3413] vhci_hcd: stop threads
[  558.058184][T28651] syz.0.8150: attempt to access beyond end of device
[  558.058184][T28651] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  558.060039][ T3413] vhci_hcd: release socket
[  558.060092][ T3413] vhci_hcd: disconnect device
[  558.066142][T28651] loop0: detected capacity change from 0 to 128
[  558.108633][T28651] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  558.322610][T28651] syz.0.8150: attempt to access beyond end of device
[  558.322610][T28651] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  558.619762][T28666] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8155'.
[  558.631850][T28664] FAULT_INJECTION: forcing a failure.
[  558.631850][T28664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  558.632656][T28666] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=512 sclass=netlink_xfrm_socket pid=28666 comm=syz.5.8155
[  558.645032][T28664] CPU: 0 UID: 0 PID: 28664 Comm: syz.4.8156 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  558.645098][T28664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  558.645113][T28664] Call Trace:
[  558.645121][T28664]  <TASK>
[  558.645131][T28664]  dump_stack_lvl+0xf2/0x150
[  558.645163][T28664]  dump_stack+0x15/0x1a
[  558.645268][T28664]  should_fail_ex+0x24a/0x260
[  558.645305][T28664]  should_fail+0xb/0x10
[  558.645399][T28664]  should_fail_usercopy+0x1a/0x20
[  558.645463][T28664]  _copy_to_user+0x20/0xa0
[  558.645492][T28664]  simple_read_from_buffer+0xa0/0x110
[  558.645520][T28664]  proc_fail_nth_read+0xf9/0x140
[  558.645551][T28664]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  558.645588][T28664]  vfs_read+0x19b/0x6f0
[  558.645610][T28664]  ? __rcu_read_unlock+0x4e/0x70
[  558.645632][T28664]  ? __fget_files+0x17c/0x1c0
[  558.645691][T28664]  ksys_read+0xe8/0x1b0
[  558.645723][T28664]  __x64_sys_read+0x42/0x50
[  558.645753][T28664]  x64_sys_call+0x2874/0x2dc0
[  558.645803][T28664]  do_syscall_64+0xc9/0x1c0
[  558.645850][T28664]  ? clear_bhb_loop+0x55/0xb0
[  558.645885][T28664]  ? clear_bhb_loop+0x55/0xb0
[  558.645966][T28664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.645999][T28664] RIP: 0033:0x7f7117ccb7bc
[  558.646019][T28664] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  558.646041][T28664] RSP: 002b:00007f7116337030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  558.646064][T28664] RAX: ffffffffffffffda RBX: 00007f7117ee5fa0 RCX: 00007f7117ccb7bc
[  558.646079][T28664] RDX: 000000000000000f RSI: 00007f71163370a0 RDI: 0000000000000007
[  558.646094][T28664] RBP: 00007f7116337090 R08: 0000000000000000 R09: 0000000000000000
[  558.646153][T28664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  558.646167][T28664] R13: 0000000000000000 R14: 00007f7117ee5fa0 R15: 00007ffe7158b808
[  558.646189][T28664]  </TASK>
[  558.857897][   T29] kauditd_printk_skb: 514 callbacks suppressed
[  558.857914][   T29] audit: type=1326 audit(2000262822.712:41114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.896017][    C1] sd 0:0:1:0: [sda] tag#4408 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  558.906429][    C1] sd 0:0:1:0: [sda] tag#4408 CDB: Read(6) 08 00 0c 6a 08 48
[  558.914379][   T29] audit: type=1326 audit(2000262822.712:41115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.938928][   T29] audit: type=1326 audit(2000262822.712:41116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963198][   T29] audit: type=1326 audit(2000262822.712:41117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963227][   T29] audit: type=1326 audit(2000262822.712:41118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963324][   T29] audit: type=1326 audit(2000262822.712:41119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963350][   T29] audit: type=1326 audit(2000262822.712:41120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963376][   T29] audit: type=1326 audit(2000262822.712:41121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963405][   T29] audit: type=1326 audit(2000262822.712:41122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963517][   T29] audit: type=1326 audit(2000262822.722:41123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28667 comm="syz.4.8157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  558.963754][T28666] loop5: detected capacity change from 0 to 512
[  558.991205][T28666] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  559.077721][T28666] EXT4-fs mount: 49 callbacks suppressed
[  559.077779][T28666] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.116391][T28687] bridge0: port 4(vlan2) entered blocking state
[  559.116488][T28687] bridge0: port 4(vlan2) entered disabled state
[  559.118346][T28687] vlan2: entered allmulticast mode
[  559.122170][T28687] vlan2: left allmulticast mode
[  559.148265][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.159896][T28689] syz.5.8161: attempt to access beyond end of device
[  559.159896][T28689] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  559.161657][T28689] loop5: detected capacity change from 0 to 128
[  559.184330][T28689] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  559.428144][T28705] FAULT_INJECTION: forcing a failure.
[  559.428144][T28705] name failslab, interval 1, probability 0, space 0, times 0
[  559.440916][T28705] CPU: 0 UID: 0 PID: 28705 Comm: syz.0.8167 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  559.440954][T28705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  559.440969][T28705] Call Trace:
[  559.440976][T28705]  <TASK>
[  559.440985][T28705]  dump_stack_lvl+0xf2/0x150
[  559.441093][T28705]  dump_stack+0x15/0x1a
[  559.441119][T28705]  should_fail_ex+0x24a/0x260
[  559.441159][T28705]  should_failslab+0x8f/0xb0
[  559.441215][T28705]  kmem_cache_alloc_node_noprof+0x59/0x320
[  559.441261][T28705]  ? __alloc_skb+0x10b/0x310
[  559.441312][T28705]  __alloc_skb+0x10b/0x310
[  559.441339][T28705]  tipc_buf_acquire+0x2c/0xb0
[  559.441382][T28705]  tipc_named_withdraw+0x144/0x360
[  559.441460][T28705]  tipc_nametbl_withdraw+0x105/0x1f0
[  559.441573][T28705]  tipc_sk_leave+0x255/0x270
[  559.441612][T28705]  tipc_release+0x83/0xa70
[  559.441646][T28705]  sock_close+0x68/0x150
[  559.441746][T28705]  ? __pfx_sock_close+0x10/0x10
[  559.441797][T28705]  __fput+0x2ac/0x640
[  559.441835][T28705]  ____fput+0x1c/0x30
[  559.441939][T28705]  task_work_run+0x13a/0x1a0
[  559.441984][T28705]  syscall_exit_to_user_mode+0xa8/0x120
[  559.442011][T28705]  do_syscall_64+0xd6/0x1c0
[  559.442134][T28705]  ? clear_bhb_loop+0x55/0xb0
[  559.442168][T28705]  ? clear_bhb_loop+0x55/0xb0
[  559.442197][T28705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.442223][T28705] RIP: 0033:0x7f822a6bcda9
[  559.442237][T28705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.442278][T28705] RSP: 002b:00007f8228d27038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  559.442302][T28705] RAX: 0000000000000000 RBX: 00007f822a8d5fa0 RCX: 00007f822a6bcda9
[  559.442352][T28705] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  559.442366][T28705] RBP: 00007f8228d27090 R08: 0000000000000000 R09: 0000000000000000
[  559.442381][T28705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.442395][T28705] R13: 0000000000000000 R14: 00007f822a8d5fa0 R15: 00007ffc73fc5388
[  559.442417][T28705]  </TASK>
[  559.442425][T28705] tipc: Withdrawal distribution failure
[  559.557701][T28701] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13)
[  559.572922][T28689] syz.5.8161: attempt to access beyond end of device
[  559.572922][T28689] loop5: rw=0, sector=121, nr_sectors = 920 limit=128
[  559.574673][T28701] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  559.692809][T28701] vhci_hcd vhci_hcd.0: Device attached
[  559.702383][T28709] vhci_hcd: connection closed
[  559.702693][ T3413] vhci_hcd: stop threads
[  559.712359][ T3413] vhci_hcd: release socket
[  559.717026][ T3413] vhci_hcd: disconnect device
[  559.737023][T28719] syz.0.8170: attempt to access beyond end of device
[  559.737023][T28719] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  559.752189][T28719] loop0: detected capacity change from 0 to 128
[  559.771464][T28719] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  559.858249][T28721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8171'.
[  559.867823][T28721] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8171'.
[  559.905550][T28723] loop1: detected capacity change from 0 to 512
[  559.913788][T28723] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.8172: casefold flag without casefold feature
[  559.926788][T28723] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8172: couldn't read orphan inode 15 (err -117)
[  559.939644][T28723] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.968915][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.983658][T28719] syz.0.8170: attempt to access beyond end of device
[  559.983658][T28719] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  560.279423][T28736] netlink: 44 bytes leftover after parsing attributes in process `syz.4.8177'.
[  560.288530][T28736] netlink: 43 bytes leftover after parsing attributes in process `syz.4.8177'.
[  560.297651][T28736] netlink: 'syz.4.8177': attribute type 6 has an invalid length.
[  560.305432][T28736] netlink: 'syz.4.8177': attribute type 5 has an invalid length.
[  560.313214][T28736] netlink: 43 bytes leftover after parsing attributes in process `syz.4.8177'.
[  560.409523][T28739] hub 6-0:1.0: USB hub found
[  560.422030][T28739] hub 6-0:1.0: 8 ports detected
[  560.578115][T28751] loop4: detected capacity change from 0 to 512
[  560.589402][T28751] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.8183: casefold flag without casefold feature
[  560.605941][T28751] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.8183: couldn't read orphan inode 15 (err -117)
[  560.618393][T28751] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.676440][T28756] loop0: detected capacity change from 0 to 1024
[  560.687020][T28757] loop5: detected capacity change from 0 to 1024
[  560.693960][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.722698][T28756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  560.776518][T28757] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  560.807529][T22372] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.834143][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.963488][T28781] syz.5.8193: attempt to access beyond end of device
[  560.963488][T28781] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  560.989032][T28781] loop5: detected capacity change from 0 to 128
[  561.007541][T28784] loop1: detected capacity change from 0 to 1024
[  561.014221][T28784] EXT4-fs: Ignoring removed nobh option
[  561.017516][T28781] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  561.021136][T28784] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  561.043897][T28784] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8195: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  561.069180][T28784] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8195: couldn't read orphan inode 11 (err -117)
[  561.102857][T28784] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.118539][T28784] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.8195: Invalid block bitmap block 0 in block_group 0
[  561.135374][T28784] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.8195: Failed to acquire dquot type 0
[  561.166363][T28793] geneve2: entered promiscuous mode
[  561.171778][T28793] geneve2: entered allmulticast mode
[  561.211601][T28793] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  561.222333][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.231829][ T1953] EXT4-fs error (device loop1): ext4_release_dquot:6950: comm kworker/u8:6: Failed to release dquot type 0
[  561.246884][T28781] syz.5.8193: attempt to access beyond end of device
[  561.246884][T28781] loop5: rw=0, sector=121, nr_sectors = 920 limit=128
[  561.271441][T28801] loop1: detected capacity change from 0 to 512
[  561.278897][T28801] EXT4-fs: Ignoring removed i_version option
[  561.301288][T28801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.313990][T28801] ext4 filesystem being mounted at /483/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  561.328014][T28801] 9pnet_fd: Insufficient options for proto=fd
[  561.335635][T28801] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  561.349585][T28801] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #4: comm syz.1.8199: corrupted inode contents
[  561.362093][T28801] EXT4-fs error (device loop1): ext4_dirty_inode:6042: inode #4: comm syz.1.8199: mark_inode_dirty error
[  561.374495][T28801] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #4: comm syz.1.8199: corrupted inode contents
[  561.387062][T28801] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #4: comm syz.1.8199: mark_inode_dirty error
[  561.398739][T28801] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.8199: Failed to acquire dquot type 1
[  561.410451][T28801] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  561.489995][T28813] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8203'.
[  561.584328][T28818] 9pnet_fd: Insufficient options for proto=fd
[  561.591955][T28818] binfmt_misc: register: failed to install interpreter file ./file2
[  561.663379][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.810477][T28831] loop5: detected capacity change from 0 to 1024
[  561.817281][T28831] EXT4-fs: Ignoring removed nobh option
[  561.824253][T28831] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  561.838632][T28831] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #11: comm syz.5.8209: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  561.865388][T28831] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.8209: couldn't read orphan inode 11 (err -117)
[  561.887548][T28831] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.904641][T28831] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.8209: Invalid block bitmap block 0 in block_group 0
[  561.923265][T28831] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.8209: Failed to acquire dquot type 0
[  562.012438][ T3351] hid-generic 000D:0009:0000.0003: item fetching failed at offset 3/85
[  562.025542][ T3351] hid-generic 000D:0009:0000.0003: probe with driver hid-generic failed with error -22
[  562.026472][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.048449][ T1953] EXT4-fs error (device loop5): ext4_release_dquot:6950: comm kworker/u8:6: Failed to release dquot type 0
[  562.084322][T28849] FAULT_INJECTION: forcing a failure.
[  562.084322][T28849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  562.094063][T28847] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[  562.097570][T28849] CPU: 0 UID: 0 PID: 28849 Comm: syz.5.8215 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  562.097604][T28849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  562.097667][T28849] Call Trace:
[  562.097676][T28849]  <TASK>
[  562.097685][T28849]  dump_stack_lvl+0xf2/0x150
[  562.097721][T28849]  dump_stack+0x15/0x1a
[  562.097808][T28849]  should_fail_ex+0x24a/0x260
[  562.097855][T28849]  should_fail+0xb/0x10
[  562.097892][T28849]  should_fail_usercopy+0x1a/0x20
[  562.097915][T28849]  _copy_to_user+0x20/0xa0
[  562.098019][T28849]  put_timespec64+0x64/0xb0
[  562.098061][T28849]  __x64_sys_clock_gettime+0x138/0x180
[  562.098102][T28849]  x64_sys_call+0x2ba8/0x2dc0
[  562.098159][T28849]  do_syscall_64+0xc9/0x1c0
[  562.098189][T28849]  ? clear_bhb_loop+0x55/0xb0
[  562.098223][T28849]  ? clear_bhb_loop+0x55/0xb0
[  562.098256][T28849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.098395][T28849] RIP: 0033:0x7f6c01e9cda9
[  562.098420][T28849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  562.098443][T28849] RSP: 002b:00007f6c00501038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
[  562.098467][T28849] RAX: ffffffffffffffda RBX: 00007f6c020b5fa0 RCX: 00007f6c01e9cda9
[  562.098520][T28849] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  562.098534][T28849] RBP: 00007f6c00501090 R08: 0000000000000000 R09: 0000000000000000
[  562.098549][T28849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  562.098564][T28849] R13: 0000000000000000 R14: 00007f6c020b5fa0 R15: 00007ffef54665c8
[  562.098615][T28849]  </TASK>
[  562.269222][T28847] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  562.292670][T28847] vhci_hcd vhci_hcd.0: Device attached
[  562.389846][T28850] vhci_hcd: connection closed
[  562.390919][ T3413] vhci_hcd: stop threads
[  562.399982][ T3413] vhci_hcd: release socket
[  562.404501][ T3413] vhci_hcd: disconnect device
[  562.430527][T28853] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  562.437255][T28853] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  562.445242][T28853] vhci_hcd vhci_hcd.0: Device attached
[  562.475499][T28855] vhci_hcd: connection closed
[  562.483720][ T3413] vhci_hcd: stop threads
[  562.493491][ T3413] vhci_hcd: release socket
[  562.497937][ T3413] vhci_hcd: disconnect device
[  562.558393][T28862] syz.2.8220: attempt to access beyond end of device
[  562.558393][T28862] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  562.578189][T28862] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  562.578813][T28863] bridge0: port 4(vlan2) entered blocking state
[  562.593377][T28863] bridge0: port 4(vlan2) entered disabled state
[  562.600178][T28863] vlan2: entered allmulticast mode
[  562.605900][T28863] vlan2: left allmulticast mode
[  562.823022][T28862] Invalid ELF header magic: != ELF
[  562.860739][T28865] loop4: detected capacity change from 0 to 512
[  562.868822][T28865] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.8221: casefold flag without casefold feature
[  562.882057][T28865] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.8221: couldn't read orphan inode 15 (err -117)
[  562.895701][T28865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  562.931737][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.983873][T28876] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  562.992176][T28876] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  563.000515][T28876] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  563.008789][T28876] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  563.021189][T28875] loop4: detected capacity change from 0 to 1024
[  563.027953][T28875] EXT4-fs: Ignoring removed orlov option
[  563.036801][T28883] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  563.037035][T28876] geneve2: entered promiscuous mode
[  563.050096][T28875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  563.050648][T28876] geneve2: entered allmulticast mode
[  563.071484][T28876] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  563.077012][T28875] netlink: 'syz.4.8225': attribute type 10 has an invalid length.
[  563.079958][T28876] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  563.079994][T28876] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  563.080027][T28876] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  563.117224][T28875] __nla_validate_parse: 2 callbacks suppressed
[  563.117249][T28875] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8225'.
[  563.307320][T28888] loop5: detected capacity change from 0 to 512
[  563.313852][T28888] EXT4-fs: Ignoring removed i_version option
[  563.330101][T28890] FAULT_INJECTION: forcing a failure.
[  563.330101][T28890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  563.343615][T28888] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  563.343692][T28888] ext4 filesystem being mounted at /224/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  563.344918][T28888] 9pnet_fd: Insufficient options for proto=fd
[  563.356407][T28890] CPU: 1 UID: 0 PID: 28890 Comm: syz.0.8229 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  563.356433][T28890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  563.356451][T28890] Call Trace:
[  563.356457][T28890]  <TASK>
[  563.356464][T28890]  dump_stack_lvl+0xf2/0x150
[  563.356564][T28890]  dump_stack+0x15/0x1a
[  563.356591][T28890]  should_fail_ex+0x24a/0x260
[  563.356632][T28890]  should_fail+0xb/0x10
[  563.356668][T28890]  should_fail_usercopy+0x1a/0x20
[  563.356691][T28890]  _copy_from_user+0x1c/0xa0
[  563.356769][T28890]  copy_msghdr_from_user+0x54/0x2a0
[  563.356937][T28890]  ? __fget_files+0x17c/0x1c0
[  563.356973][T28890]  __sys_sendmsg+0x13e/0x230
[  563.357022][T28890]  __x64_sys_sendmsg+0x46/0x50
[  563.357101][T28890]  x64_sys_call+0x2734/0x2dc0
[  563.357208][T28890]  do_syscall_64+0xc9/0x1c0
[  563.357309][T28890]  ? clear_bhb_loop+0x55/0xb0
[  563.357342][T28890]  ? clear_bhb_loop+0x55/0xb0
[  563.357402][T28890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.357436][T28890] RIP: 0033:0x7f822a6bcda9
[  563.357455][T28890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.357477][T28890] RSP: 002b:00007f8228d27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  563.357505][T28890] RAX: ffffffffffffffda RBX: 00007f822a8d5fa0 RCX: 00007f822a6bcda9
[  563.357539][T28890] RDX: 0000000000004010 RSI: 00000000200000c0 RDI: 0000000000000003
[  563.357554][T28890] RBP: 00007f8228d27090 R08: 0000000000000000 R09: 0000000000000000
[  563.357569][T28890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  563.357616][T28890] R13: 0000000000000000 R14: 00007f822a8d5fa0 R15: 00007ffc73fc5388
[  563.357637][T28890]  </TASK>
[  563.459175][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.513530][T28898] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.515359][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.525844][T28898] rdma_rxe: rxe_newlink: failed to add lo
[  563.531398][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.534819][T28895] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  563.583060][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.613728][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.622751][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.633548][T28888] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.640811][T28901] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[  563.650232][T28901] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  563.659148][T28901] vhci_hcd vhci_hcd.0: Device attached
[  563.666669][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.666690][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8231'.
[  563.698904][T28902] vhci_hcd: connection closed
[  563.705885][T13120] vhci_hcd: stop threads
[  563.715287][T13120] vhci_hcd: release socket
[  563.719863][T13120] vhci_hcd: disconnect device
[  563.741205][T28888] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.781002][T28888] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.844334][T28888] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.861889][   T29] kauditd_printk_skb: 306 callbacks suppressed
[  563.861905][   T29] audit: type=1326 audit(2000262827.722:41421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28921 comm="syz.2.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  563.892673][   T29] audit: type=1326 audit(2000262827.722:41422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28921 comm="syz.2.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  563.916399][   T29] audit: type=1326 audit(2000262827.722:41423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28921 comm="syz.2.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  563.916546][T28916] loop1: detected capacity change from 0 to 1024
[  563.940186][   T29] audit: type=1326 audit(2000262827.722:41424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28921 comm="syz.2.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  563.940307][   T29] audit: type=1326 audit(2000262827.722:41425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28921 comm="syz.2.8240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1645cda9 code=0x7ffc0000
[  563.940358][   T29] audit: type=1400 audit(2000262827.752:41426): avc:  denied  { setopt } for  pid=28915 comm="syz.1.8237" lport=58114 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  563.954057][T28925] syz.2.8241: attempt to access beyond end of device
[  563.954057][T28925] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  563.995055][T28916] EXT4-fs: dax option not supported
[  564.045121][T28888] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  564.045343][T28925] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  564.057259][T28888] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  564.073938][T28888] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  564.086007][T28888] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  564.115467][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.249599][   T29] audit: type=1326 audit(2000262828.102:41427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28932 comm="syz.0.8244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  564.273291][   T29] audit: type=1326 audit(2000262828.102:41428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28932 comm="syz.0.8244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  564.297048][   T29] audit: type=1326 audit(2000262828.102:41429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28932 comm="syz.0.8244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  564.320761][   T29] audit: type=1326 audit(2000262828.102:41430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28932 comm="syz.0.8244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  564.370998][T28925] Invalid ELF header magic: != ELF
[  564.486994][T28937] loop5: detected capacity change from 0 to 512
[  564.494021][T28937] EXT4-fs: Ignoring removed bh option
[  564.504925][T28937] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  564.514381][T28937] EXT4-fs (loop5): Errors on filesystem, clearing orphan list.
[  564.522603][T28937] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.556901][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.642571][T28946] geneve2: entered promiscuous mode
[  564.647841][T28946] geneve2: entered allmulticast mode
[  564.693015][T28950] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  565.003418][T28961] loop1: detected capacity change from 0 to 1024
[  565.010930][T28961] EXT4-fs: Ignoring removed nobh option
[  565.017273][T28961] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  565.028823][T28961] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8251: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  565.047945][T28961] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8251: couldn't read orphan inode 11 (err -117)
[  565.061477][T28961] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.082288][T28961] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm +}[@: Invalid block bitmap block 0 in block_group 0
[  565.096909][T28961] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm +}[@: Failed to acquire dquot type 0
[  565.148156][T28971] FAULT_INJECTION: forcing a failure.
[  565.148156][T28971] name failslab, interval 1, probability 0, space 0, times 0
[  565.161872][T28971] CPU: 0 UID: 0 PID: 28971 Comm: syz.2.8253 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  565.161897][T28971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  565.161918][T28971] Call Trace:
[  565.161926][T28971]  <TASK>
[  565.161934][T28971]  dump_stack_lvl+0xf2/0x150
[  565.161965][T28971]  dump_stack+0x15/0x1a
[  565.161990][T28971]  should_fail_ex+0x24a/0x260
[  565.162086][T28971]  should_failslab+0x8f/0xb0
[  565.162117][T28971]  kmem_cache_alloc_noprof+0x52/0x320
[  565.162156][T28971]  ? key_alloc+0x2a6/0xa40
[  565.162187][T28971]  key_alloc+0x2a6/0xa40
[  565.162308][T28971]  keyring_alloc+0x44/0xb0
[  565.162351][T28971]  join_session_keyring+0xea/0x2a0
[  565.162389][T28971]  lookup_user_key+0x3ef/0xdf0
[  565.162470][T28971]  ? should_fail_ex+0xd7/0x260
[  565.162578][T28971]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  565.162621][T28971]  __se_sys_add_key+0x24b/0x320
[  565.162722][T28971]  ? fput+0x1c4/0x200
[  565.162770][T28971]  __x64_sys_add_key+0x67/0x80
[  565.162797][T28971]  x64_sys_call+0x2964/0x2dc0
[  565.162829][T28971]  do_syscall_64+0xc9/0x1c0
[  565.162858][T28971]  ? clear_bhb_loop+0x55/0xb0
[  565.162892][T28971]  ? clear_bhb_loop+0x55/0xb0
[  565.163047][T28971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.163081][T28971] RIP: 0033:0x7f9b1645cda9
[  565.163098][T28971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  565.163116][T28971] RSP: 002b:00007f9b14ac7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  565.163137][T28971] RAX: ffffffffffffffda RBX: 00007f9b16675fa0 RCX: 00007f9b1645cda9
[  565.163148][T28971] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000020000040
[  565.163163][T28971] RBP: 00007f9b14ac7090 R08: fffffffffffffffd R09: 0000000000000000
[  565.163177][T28971] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001
[  565.163191][T28971] R13: 0000000000000000 R14: 00007f9b16675fa0 R15: 00007fff58b1f598
[  565.163213][T28971]  </TASK>
[  565.168409][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.389844][T28978] 9pnet_fd: Insufficient options for proto=fd
[  565.396181][T28981] loop1: detected capacity change from 0 to 512
[  565.396908][T28978] binfmt_misc: register: failed to install interpreter file ./file2
[  565.403661][T28981] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  565.421964][T28981] EXT4-fs (loop1): 1 truncate cleaned up
[  565.428281][T28981] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.604659][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.625752][T28989] syz.1.8259: attempt to access beyond end of device
[  565.625752][T28989] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  565.640813][T28989] loop1: detected capacity change from 0 to 128
[  565.666561][T28989] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  565.878757][T28989] syz.1.8259: attempt to access beyond end of device
[  565.878757][T28989] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  565.993969][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.242735][T29003] loop4: detected capacity change from 0 to 1764
[  566.274352][T29005] loop4: detected capacity change from 0 to 1024
[  566.281899][T29005] EXT4-fs: Ignoring removed nobh option
[  566.288371][T29005] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  566.313341][T29005] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.8265: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  566.336219][T29005] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.8265: couldn't read orphan inode 11 (err -117)
[  566.350429][T29005] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.371280][T29005] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm +}[@: Invalid block bitmap block 0 in block_group 0
[  566.385061][T29005] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm +}[@: Failed to acquire dquot type 0
[  566.441303][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.479484][T29018] loop4: detected capacity change from 0 to 1024
[  566.508397][T29018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.541823][T29022] loop1: detected capacity change from 0 to 1024
[  566.548906][T29022] EXT4-fs: Ignoring removed orlov option
[  566.574912][T29022] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.602761][T29022] netlink: 'syz.1.8270': attribute type 10 has an invalid length.
[  566.657087][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.896377][T29038] usb usb7: usbfs: process 29038 (syz.0.8275) did not claim interface 0 before use
[  566.933673][T29038] loop0: detected capacity change from 0 to 2048
[  566.951501][T29038] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.970963][T29038] ext4 filesystem being mounted at /378/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  567.193394][T29043] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8275: bg 0: block 345: padding at end of block bitmap is not set
[  567.209746][T29043] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  567.223112][T29043] EXT4-fs (loop0): This should not happen!! Data will be lost
[  567.223112][T29043] 
[  567.271714][   T57] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  567.284528][   T57] EXT4-fs (loop0): This should not happen!! Data will be lost
[  567.284528][   T57] 
[  567.294471][   T57] EXT4-fs (loop0): Total free blocks count 0
[  567.301234][   T57] EXT4-fs (loop0): Free/Dirty block details
[  567.307158][   T57] EXT4-fs (loop0): free_blocks=0
[  567.312124][   T57] EXT4-fs (loop0): dirty_blocks=2048
[  567.317464][   T57] EXT4-fs (loop0): Block reservation details
[  567.339608][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.396091][T29058] program syz.4.8281 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  567.414551][T29058] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  567.422998][T29063] loop5: detected capacity change from 0 to 512
[  567.424175][T29063] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  567.456792][T29065] loop0: detected capacity change from 0 to 512
[  567.457308][T29058] netlink: 'syz.4.8281': attribute type 10 has an invalid length.
[  567.464400][T29065] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  567.466617][T29063] EXT4-fs (loop5): 1 truncate cleaned up
[  567.467199][T29063] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  567.522775][T29065] EXT4-fs (loop0): 1 truncate cleaned up
[  567.540617][T29065] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  567.545819][T29063] lo speed is unknown, defaulting to 1000
[  567.602424][T29065] FAULT_INJECTION: forcing a failure.
[  567.602424][T29065] name failslab, interval 1, probability 0, space 0, times 0
[  567.615544][T29065] CPU: 1 UID: 0 PID: 29065 Comm: syz.0.8278 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  567.615569][T29065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  567.615584][T29065] Call Trace:
[  567.615657][T29065]  <TASK>
[  567.615664][T29065]  dump_stack_lvl+0xf2/0x150
[  567.615698][T29065]  dump_stack+0x15/0x1a
[  567.615722][T29065]  should_fail_ex+0x24a/0x260
[  567.615802][T29065]  should_failslab+0x8f/0xb0
[  567.615827][T29065]  kmem_cache_alloc_noprof+0x52/0x320
[  567.615863][T29065]  ? ext4_mb_new_blocks+0x7ad/0x2020
[  567.615909][T29065]  ext4_mb_new_blocks+0x7ad/0x2020
[  567.615975][T29065]  ? trace_event_reg+0x154/0x170
[  567.616044][T29065]  ? xas_load+0x3ae/0x3d0
[  567.616069][T29065]  ? trace_event_reg+0x154/0x170
[  567.616117][T29065]  ext4_new_meta_blocks+0xc1/0x1a0
[  567.616148][T29065]  ext4_ind_map_blocks+0xb95/0x14a0
[  567.616262][T29065]  ext4_map_blocks+0x555/0xd20
[  567.616296][T29065]  ext4_iomap_begin+0x4a9/0x5d0
[  567.616348][T29065]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  567.616377][T29065]  iomap_iter+0x3f1/0x830
[  567.616488][T29065]  __iomap_dio_rw+0x6e9/0x1110
[  567.616516][T29065]  ? __pfx_ext4_xattr_security_get+0x10/0x10
[  567.616562][T29065]  iomap_dio_rw+0x40/0x90
[  567.616587][T29065]  ext4_file_write_iter+0xb71/0xf20
[  567.616623][T29065]  do_iter_readv_writev+0x403/0x4b0
[  567.616716][T29065]  vfs_writev+0x2d9/0x880
[  567.616750][T29065]  ? proc_fail_nth_write+0x12a/0x150
[  567.616787][T29065]  __se_sys_pwritev2+0x100/0x1c0
[  567.616909][T29065]  __x64_sys_pwritev2+0x78/0x90
[  567.616933][T29065]  x64_sys_call+0x2afe/0x2dc0
[  567.616963][T29065]  do_syscall_64+0xc9/0x1c0
[  567.616986][T29065]  ? clear_bhb_loop+0x55/0xb0
[  567.617086][T29065]  ? clear_bhb_loop+0x55/0xb0
[  567.617136][T29065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.617268][T29065] RIP: 0033:0x7f822a6bcda9
[  567.617287][T29065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.617306][T29065] RSP: 002b:00007f8228d27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  567.617324][T29065] RAX: ffffffffffffffda RBX: 00007f822a8d5fa0 RCX: 00007f822a6bcda9
[  567.617338][T29065] RDX: 0000000000000001 RSI: 0000000020001180 RDI: 0000000000000005
[  567.617352][T29065] RBP: 00007f8228d27090 R08: 0000000000000000 R09: 0000000000000004
[  567.617366][T29065] R10: 0000000000033000 R11: 0000000000000246 R12: 0000000000000001
[  567.617381][T29065] R13: 0000000000000000 R14: 00007f822a8d5fa0 R15: 00007ffc73fc5388
[  567.617432][T29065]  </TASK>
[  567.913644][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.946318][T29075] loop5: detected capacity change from 0 to 2048
[  567.954470][T22372] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.971072][T29075]  loop5: p1 p2 p3
[  567.981165][T29080] usb usb7: usbfs: process 29080 (syz.0.8288) did not claim interface 0 before use
[  568.008019][T29080] loop0: detected capacity change from 0 to 2048
[  568.031756][T29080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  568.081932][T29080] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  568.190732][T29090] bridge0: port 4(vlan2) entered blocking state
[  568.197147][T29090] bridge0: port 4(vlan2) entered disabled state
[  568.215928][T29090] vlan2: entered allmulticast mode
[  568.222392][T29090] vlan2: left allmulticast mode
[  568.284237][T29093] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8288: bg 0: block 345: padding at end of block bitmap is not set
[  568.299008][T29093] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  568.311680][T29093] EXT4-fs (loop0): This should not happen!! Data will be lost
[  568.311680][T29093] 
[  568.325610][T29089] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  568.338322][T29089] EXT4-fs (loop0): This should not happen!! Data will be lost
[  568.338322][T29089] 
[  568.384466][ T8207] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  568.397341][ T8207] EXT4-fs (loop0): This should not happen!! Data will be lost
[  568.397341][ T8207] 
[  568.407160][ T8207] EXT4-fs (loop0): Total free blocks count 0
[  568.413679][ T8207] EXT4-fs (loop0): Free/Dirty block details
[  568.419624][ T8207] EXT4-fs (loop0): free_blocks=0
[  568.498391][T29102] FAULT_INJECTION: forcing a failure.
[  568.498391][T29102] name failslab, interval 1, probability 0, space 0, times 0
[  568.511311][T29102] CPU: 1 UID: 0 PID: 29102 Comm: syz.0.8292 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  568.511403][T29102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  568.511419][T29102] Call Trace:
[  568.511427][T29102]  <TASK>
[  568.511435][T29102]  dump_stack_lvl+0xf2/0x150
[  568.511462][T29102]  dump_stack+0x15/0x1a
[  568.511483][T29102]  should_fail_ex+0x24a/0x260
[  568.511566][T29102]  should_failslab+0x8f/0xb0
[  568.511592][T29102]  kmem_cache_alloc_noprof+0x52/0x320
[  568.511632][T29102]  ? security_inode_alloc+0x37/0x100
[  568.511678][T29102]  security_inode_alloc+0x37/0x100
[  568.511784][T29102]  inode_init_always_gfp+0x4a2/0x4f0
[  568.511812][T29102]  ? __pfx_sock_alloc_inode+0x10/0x10
[  568.511872][T29102]  alloc_inode+0x82/0x160
[  568.511906][T29102]  new_inode_pseudo+0x15/0x20
[  568.511941][T29102]  __sock_create+0x12b/0x5a0
[  568.512001][T29102]  __sys_socketpair+0x17c/0x430
[  568.512026][T29102]  __x64_sys_socketpair+0x52/0x60
[  568.512067][T29102]  x64_sys_call+0x1cad/0x2dc0
[  568.512142][T29102]  do_syscall_64+0xc9/0x1c0
[  568.512178][T29102]  ? clear_bhb_loop+0x55/0xb0
[  568.512202][T29102]  ? clear_bhb_loop+0x55/0xb0
[  568.512287][T29102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.512311][T29102] RIP: 0033:0x7f822a6bcda9
[  568.512323][T29102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  568.512339][T29102] RSP: 002b:00007f8228d27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  568.512354][T29102] RAX: ffffffffffffffda RBX: 00007f822a8d5fa0 RCX: 00007f822a6bcda9
[  568.512365][T29102] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000018
[  568.512376][T29102] RBP: 00007f8228d27090 R08: 0000000000000000 R09: 0000000000000000
[  568.512469][T29102] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  568.512484][T29102] R13: 0000000000000000 R14: 00007f822a8d5fa0 R15: 00007ffc73fc5388
[  568.512527][T29102]  </TASK>
[  568.512537][T29102] socket: no more sockets
[  568.788620][T29111] loop0: detected capacity change from 0 to 512
[  568.795193][T29111] EXT4-fs: Ignoring removed i_version option
[  568.821302][T29111] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.833977][T29111] ext4 filesystem being mounted at /385/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  568.847897][T29111] 9pnet_fd: Insufficient options for proto=fd
[  568.856431][T29111] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  568.880284][T29111] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #4: comm syz.0.8296: corrupted inode contents
[  568.892640][T29111] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #4: comm syz.0.8296: mark_inode_dirty error
[  568.909988][T29111] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #4: comm syz.0.8296: corrupted inode contents
[  568.922257][T29111] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #4: comm syz.0.8296: mark_inode_dirty error
[  568.936000][T29111] __quota_error: 932 callbacks suppressed
[  568.936017][T29111] Quota error (device loop0): write_blk: dquota write failed
[  568.951997][T29111] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5
[  568.961284][T29111] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  568.971860][T29111] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.8296: Failed to acquire dquot type 1
[  568.986488][T29111] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  568.986586][T29118] __nla_validate_parse: 9 callbacks suppressed
[  568.986602][T29118] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8297'.
[  569.014065][T29111] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.014646][T29118] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8297'.
[  569.071291][T29111] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.080301][T29121] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  569.087909][T29121] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  569.098556][T29121] vhci_hcd vhci_hcd.0: Device attached
[  569.116909][T29126] vhci_hcd: connection closed
[  569.117283][T13120] vhci_hcd: stop threads
[  569.126526][T13120] vhci_hcd: release socket
[  569.131017][T13120] vhci_hcd: disconnect device
[  569.143216][T29111] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.151318][T29129] 9pnet_fd: Insufficient options for proto=fd
[  569.161247][T29129] binfmt_misc: register: failed to install interpreter file ./file2
[  569.181513][T29111] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.286204][T29111] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  569.298436][T29111] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  569.310399][T29111] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  569.322728][T29111] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  569.359269][T22372] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.507907][T29136] FAULT_INJECTION: forcing a failure.
[  569.507907][T29136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  569.521126][T29136] CPU: 0 UID: 0 PID: 29136 Comm: syz.0.8304 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  569.521151][T29136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  569.521163][T29136] Call Trace:
[  569.521196][T29136]  <TASK>
[  569.521205][T29136]  dump_stack_lvl+0xf2/0x150
[  569.521237][T29136]  dump_stack+0x15/0x1a
[  569.521274][T29136]  should_fail_ex+0x24a/0x260
[  569.521312][T29136]  should_fail+0xb/0x10
[  569.521338][T29136]  should_fail_usercopy+0x1a/0x20
[  569.521369][T29136]  _copy_from_iter+0xd5/0xd00
[  569.521386][T29136]  ? kmalloc_reserve+0x16e/0x190
[  569.521407][T29136]  ? __build_skb_around+0x196/0x1f0
[  569.521506][T29136]  ? __alloc_skb+0x21f/0x310
[  569.521544][T29136]  ? __virt_addr_valid+0x1ed/0x250
[  569.521639][T29136]  ? __check_object_size+0x364/0x520
[  569.521682][T29136]  netlink_sendmsg+0x460/0x6e0
[  569.521727][T29136]  ? __pfx_netlink_sendmsg+0x10/0x10
[  569.521811][T29136]  __sock_sendmsg+0x140/0x180
[  569.521829][T29136]  ____sys_sendmsg+0x312/0x410
[  569.521941][T29136]  __sys_sendmsg+0x19d/0x230
[  569.521978][T29136]  __x64_sys_sendmsg+0x46/0x50
[  569.522013][T29136]  x64_sys_call+0x2734/0x2dc0
[  569.522095][T29136]  do_syscall_64+0xc9/0x1c0
[  569.522126][T29136]  ? clear_bhb_loop+0x55/0xb0
[  569.522160][T29136]  ? clear_bhb_loop+0x55/0xb0
[  569.522194][T29136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.522335][T29136] RIP: 0033:0x7f822a6bcda9
[  569.522353][T29136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  569.522374][T29136] RSP: 002b:00007f8228d27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  569.522390][T29136] RAX: ffffffffffffffda RBX: 00007f822a8d5fa0 RCX: 00007f822a6bcda9
[  569.522474][T29136] RDX: 0000000004048010 RSI: 0000000020000080 RDI: 0000000000000003
[  569.522489][T29136] RBP: 00007f8228d27090 R08: 0000000000000000 R09: 0000000000000000
[  569.522503][T29136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  569.522561][T29136] R13: 0000000000000000 R14: 00007f822a8d5fa0 R15: 00007ffc73fc5388
[  569.522643][T29136]  </TASK>
[  569.753566][   T29] audit: type=1326 audit(2000262833.612:42359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29139 comm="syz.0.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  569.773047][T29142] audit: audit_lost=12 audit_rate_limit=0 audit_backlog_limit=64
[  569.777618][   T29] audit: type=1326 audit(2000262833.612:42360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29139 comm="syz.0.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  569.786046][T29142] audit: out of memory in audit_log_start
[  569.879034][   T29] audit: type=1326 audit(2000262833.612:42361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29139 comm="syz.0.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  569.903419][   T29] audit: type=1326 audit(2000262833.612:42362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29139 comm="syz.0.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  569.927624][   T29] audit: type=1326 audit(2000262833.612:42363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29139 comm="syz.0.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822a6bcda9 code=0x7ffc0000
[  569.966210][T29148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8309'.
[  570.005892][T29149] bridge0: port 4(vlan2) entered blocking state
[  570.012621][T29149] bridge0: port 4(vlan2) entered disabled state
[  570.023242][T29148] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8309'.
[  570.036433][T29149] vlan2: entered allmulticast mode
[  570.053390][T29149] vlan2: left allmulticast mode
[  570.184106][T29143] lo speed is unknown, defaulting to 1000
[  570.695438][T29178] loop1: detected capacity change from 0 to 8192
[  570.711913][T29181] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  570.718554][T29181] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  570.727667][T29181] vhci_hcd vhci_hcd.0: Device attached
[  570.748174][T29182] vhci_hcd: connection closed
[  570.748411][ T8207] vhci_hcd: stop threads
[  570.757588][ T8207] vhci_hcd: release socket
[  570.762149][ T8207] vhci_hcd: disconnect device
[  570.942963][T29188] loop0: detected capacity change from 0 to 512
[  570.949827][T29188] EXT4-fs: Ignoring removed i_version option
[  570.964142][T29188] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  570.977242][T29188] ext4 filesystem being mounted at /394/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  570.996944][T29188] 9pnet_fd: Insufficient options for proto=fd
[  571.007084][T29188] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  571.039945][T29188] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  571.053558][T29188] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.101303][T29188] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.182431][T29188] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.271829][T29188] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.305530][T29200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8322'.
[  571.314981][T29200] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8322'.
[  571.542147][T22142] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  571.550177][T22142] FAT-fs (loop1): Filesystem has been set read-only
[  571.597383][T29218] loop1: detected capacity change from 0 to 512
[  571.607257][T29218] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.8329: casefold flag without casefold feature
[  571.643114][T29218] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8329: couldn't read orphan inode 15 (err -117)
[  571.659686][T29215] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=29215 comm=syz.5.8328
[  571.665434][T29221] loop4: detected capacity change from 0 to 1764
[  571.679140][T29218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.755056][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.769109][T29228] syz.5.8334: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  571.784227][T29228] CPU: 0 UID: 0 PID: 29228 Comm: syz.5.8334 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  571.784260][T29228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  571.784344][T29228] Call Trace:
[  571.784393][T29228]  <TASK>
[  571.784405][T29228]  dump_stack_lvl+0xf2/0x150
[  571.784453][T29228]  dump_stack+0x15/0x1a
[  571.784543][T29228]  warn_alloc+0x145/0x1b0
[  571.784568][T29228]  ? __schedule+0x75b/0x990
[  571.784807][T29228]  ? __vmalloc_node_range_noprof+0x88/0xe70
[  571.784850][T29228]  __vmalloc_node_range_noprof+0xaa/0xe70
[  571.784886][T29228]  ? __pfx_futex_wake_mark+0x10/0x10
[  571.784952][T29228]  ? __rcu_read_unlock+0x4e/0x70
[  571.784979][T29228]  ? avc_has_perm_noaudit+0x1cc/0x210
[  571.785013][T29228]  ? should_fail_ex+0x31/0x260
[  571.785076][T29228]  ? xskq_create+0x36/0xd0
[  571.785104][T29228]  ? should_failslab+0x8f/0xb0
[  571.785135][T29228]  vmalloc_user_noprof+0x59/0x70
[  571.785163][T29228]  ? xskq_create+0x79/0xd0
[  571.785195][T29228]  xskq_create+0x79/0xd0
[  571.785280][T29228]  xsk_init_queue+0x82/0xd0
[  571.785309][T29228]  xsk_setsockopt+0x409/0x520
[  571.785355][T29228]  ? __pfx_xsk_setsockopt+0x10/0x10
[  571.785386][T29228]  __sys_setsockopt+0x187/0x200
[  571.785421][T29228]  __x64_sys_setsockopt+0x66/0x80
[  571.785480][T29228]  x64_sys_call+0x282e/0x2dc0
[  571.785508][T29228]  do_syscall_64+0xc9/0x1c0
[  571.785658][T29228]  ? clear_bhb_loop+0x55/0xb0
[  571.785695][T29228]  ? clear_bhb_loop+0x55/0xb0
[  571.785726][T29228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.785796][T29228] RIP: 0033:0x7f6c01e9cda9
[  571.785815][T29228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.785849][T29228] RSP: 002b:00007f6c00501038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  571.785874][T29228] RAX: ffffffffffffffda RBX: 00007f6c020b5fa0 RCX: 00007f6c01e9cda9
[  571.785891][T29228] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[  571.785969][T29228] RBP: 00007f6c01f1e2a0 R08: 0000000000000020 R09: 0000000000000000
[  571.785983][T29228] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
[  571.785997][T29228] R13: 0000000000000000 R14: 00007f6c020b5fa0 R15: 00007ffef54665c8
[  571.786020][T29228]  </TASK>
[  571.786032][T29228] Mem-Info:
[  572.016920][T29228] active_anon:31985 inactive_anon:32 isolated_anon:0
[  572.016920][T29228]  active_file:9300 inactive_file:7148 isolated_file:0
[  572.016920][T29228]  unevictable:0 dirty:304 writeback:0
[  572.016920][T29228]  slab_reclaimable:3586 slab_unreclaimable:127095
[  572.016920][T29228]  mapped:31928 shmem:3289 pagetables:1414
[  572.016920][T29228]  sec_pagetables:0 bounce:0
[  572.016920][T29228]  kernel_misc_reclaimable:0
[  572.016920][T29228]  free:1731410 free_pcp:10348 free_cma:0
[  572.062777][T29228] Node 0 active_anon:127940kB inactive_anon:128kB active_file:37200kB inactive_file:28592kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:127712kB dirty:1216kB writeback:0kB shmem:13156kB writeback_tmp:0kB kernel_stack:3856kB pagetables:5656kB sec_pagetables:0kB all_unreclaimable? no
[  572.093390][T29228] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  572.121209][T29228] lowmem_reserve[]: 0 2885 7863 0
[  572.126274][T29228] Node 0 DMA32 free:2950968kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954500kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  572.155526][T29228] lowmem_reserve[]: 0 0 4978 0
[  572.160384][T29228] Node 0 Normal free:3959312kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:127940kB inactive_anon:128kB active_file:37200kB inactive_file:28592kB unevictable:0kB writepending:1216kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:37876kB local_pcp:3776kB free_cma:0kB
[  572.191984][T29228] lowmem_reserve[]: 0 0 0 0
[  572.196550][T29228] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  572.209409][T29228] Node 0 DMA32: 4*4kB (M) 1*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950968kB
[  572.225475][T29228] Node 0 Normal: 4*4kB (UM) 252*8kB (UME) 788*16kB (UME) 1035*32kB (UME) 600*64kB (UME) 161*128kB (UME) 83*256kB (UME) 31*512kB (UME) 44*1024kB (UME) 45*2048kB (UM) 898*4096kB (UM) = 3959312kB
[  572.245061][T29228] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  572.254542][T29228] 19773 total pagecache pages
[  572.260937][T29228] 41 pages in swap cache
[  572.265212][T29228] Free swap  = 124568kB
[  572.269566][T29228] Total swap = 124996kB
[  572.273832][T29228] 2097051 pages RAM
[  572.277670][T29228] 0 pages HighMem/MovableOnly
[  572.282376][T29228] 80034 pages reserved
[  572.322065][T29236] loop5: detected capacity change from 0 to 512
[  572.332149][T29230] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  572.338872][T29230] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  572.347480][T29236] EXT4-fs: Ignoring removed i_version option
[  572.349746][T29230] vhci_hcd vhci_hcd.0: Device attached
[  572.359265][T29238] syz.2.8336: attempt to access beyond end of device
[  572.359265][T29238] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  572.361946][T29238] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  572.384782][T29233] vhci_hcd: connection closed
[  572.384897][ T8207] vhci_hcd: stop threads
[  572.394062][ T8207] vhci_hcd: release socket
[  572.398476][ T8207] vhci_hcd: disconnect device
[  572.408075][T29236] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.422037][T29236] ext4 filesystem being mounted at /250/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.437219][T29236] 9pnet_fd: Insufficient options for proto=fd
[  572.446822][T29236] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  572.470309][T29236] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #4: comm syz.5.8335: corrupted inode contents
[  572.483196][T29236] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #4: comm syz.5.8335: mark_inode_dirty error
[  572.494963][T29236] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #4: comm syz.5.8335: corrupted inode contents
[  572.507552][T29236] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #4: comm syz.5.8335: mark_inode_dirty error
[  572.520061][T29236] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.8335: Failed to acquire dquot type 1
[  572.533149][T29236] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  572.546006][T29236] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.605603][T29238] Invalid ELF header magic: != ELF
[  572.612838][T29236] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.635082][T29250] loop4: detected capacity change from 0 to 512
[  572.660980][T29236] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.662204][T29250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.685613][T29250] ext4 filesystem being mounted at /491/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  572.714509][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.726310][T29236] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.743343][T29254] loop4: detected capacity change from 0 to 1024
[  572.750829][T29254] EXT4-fs: Ignoring removed orlov option
[  572.759550][T29254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.783127][T29236] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  572.795342][T29254] netlink: 'syz.4.8340': attribute type 10 has an invalid length.
[  572.796545][T29236] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  572.803598][T29254] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8340'.
[  572.818757][T29236] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  572.837101][T29236] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  572.865149][T25140] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.890967][T29257] loop5: detected capacity change from 0 to 164
[  572.904850][T29257] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  572.934476][T29261] loop1: detected capacity change from 0 to 128
[  573.184303][T29273] syz.2.8347: attempt to access beyond end of device
[  573.184303][T29273] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  573.201729][T29273] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  573.291248][T29281] geneve2: entered promiscuous mode
[  573.296514][T29281] geneve2: entered allmulticast mode
[  573.340403][T29285] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  573.425522][T29273] Invalid ELF header magic: != ELF
[  573.966407][T29287] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8350'.
[  573.975608][T29287] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8350'.
[  573.982661][   T29] kauditd_printk_skb: 131 callbacks suppressed
[  573.982680][   T29] audit: type=1400 audit(2000262837.842:42492): avc:  denied  { load_policy } for  pid=29288 comm="syz.1.8351" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  574.011411][T29289] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  574.016969][T29188] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  574.023654][T29289] SELinux: failed to load policy
[  574.044893][T29188] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  574.061549][T29188] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  574.071311][   T29] audit: type=1400 audit(2000262837.932:42493): avc:  denied  { execute } for  pid=29292 comm="syz.1.8353" dev="tmpfs" ino=3284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  574.075054][T29188] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  574.094377][   T29] audit: type=1400 audit(2000262837.932:42494): avc:  denied  { execute_no_trans } for  pid=29292 comm="syz.1.8353" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=3284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  574.139144][   T29] audit: type=1400 audit(2000262837.992:42495): avc:  denied  { open } for  pid=29290 comm="syz.2.8352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  574.158752][   T29] audit: type=1400 audit(2000262837.992:42496): avc:  denied  { perfmon } for  pid=29290 comm="syz.2.8352" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  574.179993][   T29] audit: type=1400 audit(2000262837.992:42497): avc:  denied  { kernel } for  pid=29290 comm="syz.2.8352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  574.225644][   T29] audit: type=1400 audit(2000262838.062:42499): avc:  denied  { read write } for  pid=22142 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  574.250225][   T29] audit: type=1400 audit(2000262838.062:42500): avc:  denied  { open } for  pid=22142 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  574.274629][   T29] audit: type=1400 audit(2000262838.062:42501): avc:  denied  { ioctl } for  pid=22142 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  574.277807][T29291] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  574.300413][   T29] audit: type=1400 audit(2000262837.992:42498): avc:  denied  { prog_load } for  pid=29290 comm="syz.2.8352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  574.306943][T29291] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  574.328060][T22372] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  574.345118][T29291] vhci_hcd vhci_hcd.0: Device attached
[  574.365303][T29301] loop1: detected capacity change from 0 to 1024
[  574.372230][T29301] EXT4-fs: Ignoring removed nobh option
[  574.386987][T29303] syz.5.8357: attempt to access beyond end of device
[  574.386987][T29303] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  574.400112][T29294] vhci_hcd: connection closed
[  574.401448][T13120] vhci_hcd: stop threads
[  574.410547][T29301] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  574.413333][T29303] loop5: detected capacity change from 0 to 128
[  574.421698][T13120] vhci_hcd: release socket
[  574.421708][T13120] vhci_hcd: disconnect device
[  574.447930][T29301] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8356: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  574.454481][T29303] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  574.466937][T29301] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8356: couldn't read orphan inode 11 (err -117)
[  574.492353][T29301] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  574.509428][T29301] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.8356: Invalid block bitmap block 0 in block_group 0
[  574.525805][T29301] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.8356: Failed to acquire dquot type 0
[  574.581622][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  574.687098][T29323] loop1: detected capacity change from 0 to 1764
[  574.695537][T29303] syz.5.8357: attempt to access beyond end of device
[  574.695537][T29303] loop5: rw=0, sector=121, nr_sectors = 920 limit=128
[  574.754552][T29329] loop1: detected capacity change from 0 to 512
[  574.761219][T29329] EXT4-fs: Ignoring removed i_version option
[  574.770676][T29329] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  574.784355][T29329] ext4 filesystem being mounted at /519/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  574.797091][T29329] 9pnet_fd: Insufficient options for proto=fd
[  574.805756][T29329] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  574.819837][T29329] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  574.975597][T29341] loop0: detected capacity change from 0 to 512
[  574.983814][T29341] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.8369: casefold flag without casefold feature
[  574.996954][T29341] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8369: couldn't read orphan inode 15 (err -117)
[  575.010870][T29341] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  575.043109][T22372] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.044703][T29344] bridge0: port 4(vlan2) entered blocking state
[  575.058579][T29344] bridge0: port 4(vlan2) entered disabled state
[  575.065449][T29344] vlan2: entered allmulticast mode
[  575.071763][T29344] vlan2: left allmulticast mode
[  575.097474][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.137624][T29352] netlink: '+}[@': attribute type 3 has an invalid length.
[  575.145654][T29352] netlink: '+}[@': attribute type 3 has an invalid length.
[  575.204880][T29361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8376'.
[  575.214691][T29361] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8376'.
[  575.248809][T29363] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  575.255480][T29363] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  575.268039][T29363] vhci_hcd vhci_hcd.0: Device attached
[  575.285493][T29364] vhci_hcd: connection closed
[  575.286049][ T1953] vhci_hcd: stop threads
[  575.296217][ T1953] vhci_hcd: release socket
[  575.300806][ T1953] vhci_hcd: disconnect device
[  575.321055][T29371] loop1: detected capacity change from 0 to 512
[  575.333675][T29371] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.8380: casefold flag without casefold feature
[  575.335583][T29375] FAULT_INJECTION: forcing a failure.
[  575.335583][T29375] name failslab, interval 1, probability 0, space 0, times 0
[  575.346829][T29371] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8380: couldn't read orphan inode 15 (err -117)
[  575.359800][T29375] CPU: 1 UID: 0 PID: 29375 Comm: syz.5.8381 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  575.359875][T29375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  575.359921][T29375] Call Trace:
[  575.359930][T29375]  <TASK>
[  575.359940][T29375]  dump_stack_lvl+0xf2/0x150
[  575.360043][T29375]  dump_stack+0x15/0x1a
[  575.360068][T29375]  should_fail_ex+0x24a/0x260
[  575.360109][T29375]  ? ip_set_create+0x1de/0x8a0
[  575.360141][T29375]  should_failslab+0x8f/0xb0
[  575.360239][T29375]  __kmalloc_cache_noprof+0x4e/0x320
[  575.360281][T29375]  ? cgroup_rstat_updated+0x9f/0x570
[  575.360384][T29375]  ip_set_create+0x1de/0x8a0
[  575.360492][T29375]  nfnetlink_rcv_msg+0x4a9/0x570
[  575.360603][T29375]  netlink_rcv_skb+0x12c/0x230
[  575.360643][T29375]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  575.360705][T29375]  nfnetlink_rcv+0x16c/0x15d0
[  575.360728][T29375]  ? kmem_cache_free+0xdc/0x2d0
[  575.360765][T29375]  ? nlmon_xmit+0x51/0x60
[  575.360798][T29375]  ? __kfree_skb+0x102/0x150
[  575.360901][T29375]  ? consume_skb+0x49/0x160
[  575.360969][T29375]  ? nlmon_xmit+0x51/0x60
[  575.361000][T29375]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  575.361072][T29375]  ? __dev_queue_xmit+0xb6e/0x2090
[  575.361107][T29375]  ? ref_tracker_free+0x3a5/0x410
[  575.361144][T29375]  ? __dev_queue_xmit+0x186/0x2090
[  575.361234][T29375]  ? __netlink_deliver_tap+0x4c6/0x4f0
[  575.361278][T29375]  netlink_unicast+0x599/0x670
[  575.361316][T29375]  netlink_sendmsg+0x5cc/0x6e0
[  575.361360][T29375]  ? __pfx_netlink_sendmsg+0x10/0x10
[  575.361481][T29375]  __sock_sendmsg+0x140/0x180
[  575.361505][T29375]  ____sys_sendmsg+0x312/0x410
[  575.361564][T29375]  __sys_sendmsg+0x19d/0x230
[  575.361615][T29375]  __x64_sys_sendmsg+0x46/0x50
[  575.361650][T29375]  x64_sys_call+0x2734/0x2dc0
[  575.361682][T29375]  do_syscall_64+0xc9/0x1c0
[  575.361772][T29375]  ? clear_bhb_loop+0x55/0xb0
[  575.361805][T29375]  ? clear_bhb_loop+0x55/0xb0
[  575.361880][T29375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.361954][T29375] RIP: 0033:0x7f6c01e9cda9
[  575.361973][T29375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.362003][T29375] RSP: 002b:00007f6c00501038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  575.362028][T29375] RAX: ffffffffffffffda RBX: 00007f6c020b5fa0 RCX: 00007f6c01e9cda9
[  575.362044][T29375] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  575.362059][T29375] RBP: 00007f6c00501090 R08: 0000000000000000 R09: 0000000000000000
[  575.362074][T29375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  575.362089][T29375] R13: 0000000000000000 R14: 00007f6c020b5fa0 R15: 00007ffef54665c8
[  575.362147][T29375]  </TASK>
[  575.643864][T29379] FAULT_INJECTION: forcing a failure.
[  575.643864][T29379] name failslab, interval 1, probability 0, space 0, times 0
[  575.646030][T29371] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  575.656542][T29379] CPU: 1 UID: 0 PID: 29379 Comm: syz.5.8383 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  575.656574][T29379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  575.656620][T29379] Call Trace:
[  575.656630][T29379]  <TASK>
[  575.656640][T29379]  dump_stack_lvl+0xf2/0x150
[  575.656678][T29379]  dump_stack+0x15/0x1a
[  575.656705][T29379]  should_fail_ex+0x24a/0x260
[  575.656768][T29379]  ? alloc_pipe_info+0xb0/0x360
[  575.656807][T29379]  should_failslab+0x8f/0xb0
[  575.656838][T29379]  __kmalloc_cache_noprof+0x4e/0x320
[  575.656882][T29379]  alloc_pipe_info+0xb0/0x360
[  575.657059][T29379]  splice_direct_to_actor+0x60f/0x670
[  575.657087][T29379]  ? __pfx_direct_splice_actor+0x10/0x10
[  575.657115][T29379]  ? 0xffffffff81000000
[  575.657130][T29379]  ? selinux_file_permission+0x22a/0x360
[  575.657231][T29379]  ? __rcu_read_unlock+0x4e/0x70
[  575.657257][T29379]  ? avc_policy_seqno+0x15/0x20
[  575.657288][T29379]  ? selinux_file_permission+0x22a/0x360
[  575.657331][T29379]  do_splice_direct+0xd7/0x150
[  575.657356][T29379]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  575.657390][T29379]  do_sendfile+0x398/0x660
[  575.657431][T29379]  __x64_sys_sendfile64+0x110/0x150
[  575.657522][T29379]  x64_sys_call+0xfbd/0x2dc0
[  575.657553][T29379]  do_syscall_64+0xc9/0x1c0
[  575.657610][T29379]  ? clear_bhb_loop+0x55/0xb0
[  575.657709][T29379]  ? clear_bhb_loop+0x55/0xb0
[  575.657742][T29379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.657814][T29379] RIP: 0033:0x7f6c01e9cda9
[  575.657833][T29379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.657856][T29379] RSP: 002b:00007f6c00501038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  575.657879][T29379] RAX: ffffffffffffffda RBX: 00007f6c020b5fa0 RCX: 00007f6c01e9cda9
[  575.657893][T29379] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007
[  575.657908][T29379] RBP: 00007f6c00501090 R08: 0000000000000000 R09: 0000000000000000
[  575.657923][T29379] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001
[  575.657937][T29379] R13: 0000000000000000 R14: 00007f6c020b5fa0 R15: 00007ffef54665c8
[  575.657973][T29379]  </TASK>
[  575.856708][T29392] syz.0.8389: attempt to access beyond end of device
[  575.856708][T29392] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  575.905422][T29392] loop0: detected capacity change from 0 to 128
[  575.909021][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.912447][T29386] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8385'.
[  575.971070][T22142] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.981127][T29392] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  576.013396][T29401] program syz.4.8392 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  576.023662][T29401] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  576.038886][T29401] netlink: 'syz.4.8392': attribute type 10 has an invalid length.
[  576.038916][T29401] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8392'.
[  576.083895][T29400] hub 6-0:1.0: USB hub found
[  576.088775][T29400] hub 6-0:1.0: 8 ports detected
[  576.088830][T29405] loop5: detected capacity change from 0 to 1764
[  576.153292][T29411] netlink: 'syz.2.8397': attribute type 10 has an invalid length.
[  576.170798][T29411] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8397'.
[  576.208291][T29392] syz.0.8389: attempt to access beyond end of device
[  576.208291][T29392] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[  576.241698][T29418] bridge0: port 4(vlan2) entered blocking state
[  576.248257][T29418] bridge0: port 4(vlan2) entered disabled state
[  576.263311][T29418] vlan2: entered allmulticast mode
[  576.272589][T29418] vlan2: left allmulticast mode
[  576.348826][T29430] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=29430 comm=syz.1.8404
[  576.372267][T29430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8404'.
[  576.381668][T29430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8404'.
[  576.404140][T29430] wireguard0: entered promiscuous mode
[  576.409705][T29430] wireguard0: entered allmulticast mode
[  576.501163][T29442] loop5: detected capacity change from 0 to 8192
[  576.513265][T29442] FAULT_INJECTION: forcing a failure.
[  576.513265][T29442] name failslab, interval 1, probability 0, space 0, times 0
[  576.527021][T29442] CPU: 1 UID: 0 PID: 29442 Comm: syz.5.8408 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  576.527054][T29442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  576.527070][T29442] Call Trace:
[  576.527077][T29442]  <TASK>
[  576.527086][T29442]  dump_stack_lvl+0xf2/0x150
[  576.527119][T29442]  dump_stack+0x15/0x1a
[  576.527148][T29442]  should_fail_ex+0x24a/0x260
[  576.527320][T29442]  ? vfat_add_entry+0xd5/0x1b40
[  576.527358][T29442]  should_failslab+0x8f/0xb0
[  576.527503][T29442]  __kmalloc_cache_noprof+0x4e/0x320
[  576.527639][T29442]  ? kmem_cache_free+0xdc/0x2d0
[  576.527712][T29442]  vfat_add_entry+0xd5/0x1b40
[  576.527814][T29442]  ? fat_search_long+0x926/0x980
[  576.527836][T29442]  ? _raw_spin_lock_irqsave+0x3c/0xb0
[  576.527870][T29442]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  576.527903][T29442]  ? __wake_up+0x88/0xb0
[  576.527927][T29442]  ? ktime_get_coarse_real_ts64_mg+0x1a2/0x1c0
[  576.528073][T29442]  ? __pfx_vfat_create+0x10/0x10
[  576.528097][T29442]  ? current_time+0x175/0x220
[  576.528150][T29442]  vfat_create+0xa9/0x190
[  576.528177][T29442]  ? __pfx_vfat_create+0x10/0x10
[  576.528199][T29442]  path_openat+0xea3/0x1fc0
[  576.528315][T29442]  do_filp_open+0x107/0x230
[  576.528350][T29442]  do_sys_openat2+0xab/0x120
[  576.528391][T29442]  __x64_sys_openat+0xf3/0x120
[  576.528431][T29442]  x64_sys_call+0x2b30/0x2dc0
[  576.528524][T29442]  do_syscall_64+0xc9/0x1c0
[  576.528551][T29442]  ? clear_bhb_loop+0x55/0xb0
[  576.528579][T29442]  ? clear_bhb_loop+0x55/0xb0
[  576.528621][T29442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.528654][T29442] RIP: 0033:0x7f6c01e9cda9
[  576.528737][T29442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.528758][T29442] RSP: 002b:00007f6c00501038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  576.528776][T29442] RAX: ffffffffffffffda RBX: 00007f6c020b5fa0 RCX: 00007f6c01e9cda9
[  576.528790][T29442] RDX: 000000000000275a RSI: 0000000020000140 RDI: ffffffffffffff9c
[  576.528805][T29442] RBP: 00007f6c00501090 R08: 0000000000000000 R09: 0000000000000000
[  576.528819][T29442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.528834][T29442] R13: 0000000000000000 R14: 00007f6c020b5fa0 R15: 00007ffef54665c8
[  576.528856][T29442]  </TASK>
[  576.843290][T29447] hub 6-0:1.0: USB hub found
[  576.848127][T29447] hub 6-0:1.0: 8 ports detected
[  577.009484][T29462] loop4: detected capacity change from 0 to 1024
[  577.040401][T29462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  577.073013][T21788] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  577.226067][T29477] usb usb7: usbfs: process 29477 (syz.4.8422) did not claim interface 0 before use
[  577.246893][T29477] loop4: detected capacity change from 0 to 2048
[  577.290816][T29477] ext4 filesystem being mounted at /499/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  577.379813][T29486] bridge0: port 4(vlan2) entered blocking state
[  577.386183][T29486] bridge0: port 4(vlan2) entered disabled state
[  577.397482][T29486] vlan2: entered allmulticast mode
[  577.403386][T29486] vlan2: left allmulticast mode
[  577.540422][T29485] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.8422: bg 0: block 345: padding at end of block bitmap is not set
[  577.555644][T29485] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  577.560963][T29490] FAULT_INJECTION: forcing a failure.
[  577.560963][T29490] name failslab, interval 1, probability 0, space 0, times 0
[  577.568607][T29485] EXT4-fs (loop4): This should not happen!! Data will be lost
[  577.568607][T29485] 
[  577.581944][T29490] CPU: 1 UID: 0 PID: 29490 Comm: syz.1.8425 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  577.582038][T29490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  577.582054][T29490] Call Trace:
[  577.582064][T29490]  <TASK>
[  577.582074][T29490]  dump_stack_lvl+0xf2/0x150
[  577.582110][T29490]  dump_stack+0x15/0x1a
[  577.582137][T29490]  should_fail_ex+0x24a/0x260
[  577.582296][T29490]  should_failslab+0x8f/0xb0
[  577.582329][T29490]  kmem_cache_alloc_node_noprof+0x59/0x320
[  577.582435][T29490]  ? __alloc_skb+0x10b/0x310
[  577.582466][T29490]  __alloc_skb+0x10b/0x310
[  577.582494][T29490]  ? audit_log_start+0x34c/0x6b0
[  577.582533][T29490]  audit_log_start+0x368/0x6b0
[  577.582576][T29490]  ? shmem_setattr+0x5fc/0x830
[  577.582603][T29490]  audit_seccomp+0x4b/0x130
[  577.582671][T29490]  __seccomp_filter+0x6fa/0x1180
[  577.582699][T29490]  ? vfs_utimes+0x3ad/0x3e0
[  577.582750][T29490]  ? fput+0x1c4/0x200
[  577.582792][T29490]  __secure_computing+0x9f/0x1c0
[  577.582821][T29490]  syscall_trace_enter+0xd1/0x1f0
[  577.582851][T29490]  do_syscall_64+0xaa/0x1c0
[  577.582905][T29490]  ? clear_bhb_loop+0x55/0xb0
[  577.582953][T29490]  ? clear_bhb_loop+0x55/0xb0
[  577.582992][T29490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  577.583093][T29490] RIP: 0033:0x7fb7a028b7bc
[  577.583113][T29490] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  577.583135][T29490] RSP: 002b:00007fb79e8f1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  577.583159][T29490] RAX: ffffffffffffffda RBX: 00007fb7a04a5fa0 RCX: 00007fb7a028b7bc
[  577.583174][T29490] RDX: 000000000000000f RSI: 00007fb79e8f10a0 RDI: 0000000000000004
[  577.583214][T29490] RBP: 00007fb79e8f1090 R08: 0000000000000000 R09: 0000000000000000
[  577.583228][T29490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  577.583259][T29490] R13: 0000000000000000 R14: 00007fb7a04a5fa0 R15: 00007ffcd40cdfd8
[  577.583281][T29490]  </TASK>
[  577.638026][T29492] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8426'.
[  577.831058][T13120] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  577.843904][T13120] EXT4-fs (loop4): This should not happen!! Data will be lost
[  577.843904][T13120] 
[  577.853572][T13120] EXT4-fs (loop4): Total free blocks count 0
[  577.859757][T13120] EXT4-fs (loop4): Free/Dirty block details
[  577.865775][T13120] EXT4-fs (loop4): free_blocks=0
[  577.871006][T13120] EXT4-fs (loop4): dirty_blocks=2048
[  577.876293][T13120] EXT4-fs (loop4): Block reservation details
[  577.882363][T13120] EXT4-fs (loop4): i_reserved_data_blocks=128
[  578.004748][T29506] FAULT_INJECTION: forcing a failure.
[  578.004748][T29506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  578.005922][T29505] loop4: detected capacity change from 0 to 512
[  578.018157][T29506] CPU: 0 UID: 0 PID: 29506 Comm: syz.5.8429 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  578.018189][T29506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  578.018202][T29506] Call Trace:
[  578.018210][T29506]  <TASK>
[  578.018220][T29506]  dump_stack_lvl+0xf2/0x150
[  578.018253][T29506]  dump_stack+0x15/0x1a
[  578.018276][T29506]  should_fail_ex+0x24a/0x260
[  578.018396][T29506]  should_fail+0xb/0x10
[  578.018471][T29506]  should_fail_usercopy+0x1a/0x20
[  578.018492][T29506]  _copy_from_user+0x1c/0xa0
[  578.018515][T29506]  kstrtouint_from_user+0x76/0xe0
[  578.018566][T29506]  ? 0xffffffff81000000
[  578.018579][T29506]  ? selinux_file_permission+0x22a/0x360
[  578.018611][T29506]  proc_fail_nth_write+0x4f/0x150
[  578.018640][T29506]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  578.018666][T29506]  vfs_write+0x27d/0x920
[  578.018699][T29506]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  578.018731][T29506]  ? __fget_files+0x17c/0x1c0
[  578.018763][T29506]  ksys_write+0xe8/0x1b0
[  578.018788][T29506]  __x64_sys_write+0x42/0x50
[  578.018814][T29506]  x64_sys_call+0x287e/0x2dc0
[  578.019007][T29506]  do_syscall_64+0xc9/0x1c0
[  578.019038][T29506]  ? clear_bhb_loop+0x55/0xb0
[  578.019076][T29506]  ? clear_bhb_loop+0x55/0xb0
[  578.019108][T29506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.019185][T29506] RIP: 0033:0x7f6c01e9b85f
[  578.019202][T29506] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  578.019248][T29506] RSP: 002b:00007f6c004e0030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  578.019271][T29506] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6c01e9b85f
[  578.019376][T29506] RDX: 0000000000000001 RSI: 00007f6c004e00a0 RDI: 0000000000000004
[  578.019391][T29506] RBP: 00007f6c004e0090 R08: 0000000000000000 R09: 0000000000000000
[  578.019406][T29506] R10: 0000000000028011 R11: 0000000000000293 R12: 0000000000000001
[  578.019421][T29506] R13: 0000000000000000 R14: 00007f6c020b6080 R15: 00007ffef54665c8
[  578.019443][T29506]  </TASK>
[  578.154583][T29515] program syz.0.8437 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  578.157898][T29505] EXT4-fs: Ignoring removed i_version option
[  578.165670][T29516] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8435'.
[  578.194945][T29515] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  578.202714][T29516] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8435'.
[  578.220938][T29515] netlink: 'syz.0.8437': attribute type 10 has an invalid length.
[  578.238368][T29505] ext4 filesystem being mounted at /503/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.306534][T29505] 9pnet_fd: Insufficient options for proto=fd
[  578.314722][T29505] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  578.329193][T29520] usb usb7: usbfs: process 29520 (syz.5.8438) did not claim interface 0 before use
[  578.347068][T29520] loop5: detected capacity change from 0 to 2048
[  578.352293][T29505] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #4: comm syz.4.8432: corrupted inode contents
[  578.367224][T29505] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #4: comm syz.4.8432: mark_inode_dirty error
[  578.379216][T29505] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #4: comm syz.4.8432: corrupted inode contents
[  578.391571][T29505] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #4: comm syz.4.8432: mark_inode_dirty error
[  578.403804][T29520] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.407352][T29505] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.8432: Failed to acquire dquot type 1
[  578.426503][T29505] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  578.565635][T29524] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.8438: bg 0: block 345: padding at end of block bitmap is not set
[  578.580896][T29524] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  578.593637][T29524] EXT4-fs (loop5): This should not happen!! Data will be lost
[  578.593637][T29524] 
[  578.638838][ T1953] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  578.651902][ T1953] EXT4-fs (loop5): This should not happen!! Data will be lost
[  578.651902][ T1953] 
[  578.661651][ T1953] EXT4-fs (loop5): Total free blocks count 0
[  578.667678][ T1953] EXT4-fs (loop5): Free/Dirty block details
[  578.673636][ T1953] EXT4-fs (loop5): free_blocks=0
[  578.678600][ T1953] EXT4-fs (loop5): dirty_blocks=2048
[  578.684013][ T1953] EXT4-fs (loop5): Block reservation details
[  578.691008][ T1953] EXT4-fs (loop5): i_reserved_data_blocks=128
[  578.835780][T29533] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(12)
[  578.842444][T29533] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  578.856161][T29533] vhci_hcd vhci_hcd.0: Device attached
[  578.914328][T29537] FAULT_INJECTION: forcing a failure.
[  578.914328][T29537] name failslab, interval 1, probability 0, space 0, times 0
[  578.927149][T29537] CPU: 1 UID: 0 PID: 29537 Comm: syz.1.8441 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  578.927252][T29537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  578.927268][T29537] Call Trace:
[  578.927275][T29537]  <TASK>
[  578.927284][T29537]  dump_stack_lvl+0xf2/0x150
[  578.927323][T29537]  dump_stack+0x15/0x1a
[  578.927344][T29537]  should_fail_ex+0x24a/0x260
[  578.927385][T29537]  ? bpf_xdp_link_attach+0xbf/0x370
[  578.927420][T29537]  should_failslab+0x8f/0xb0
[  578.927451][T29537]  __kmalloc_cache_noprof+0x4e/0x320
[  578.927489][T29537]  bpf_xdp_link_attach+0xbf/0x370
[  578.927528][T29537]  link_create+0x3d9/0x660
[  578.927564][T29537]  __sys_bpf+0x430/0x7a0
[  578.927603][T29537]  __x64_sys_bpf+0x43/0x50
[  578.927625][T29537]  x64_sys_call+0x2914/0x2dc0
[  578.927731][T29537]  do_syscall_64+0xc9/0x1c0
[  578.927755][T29537]  ? clear_bhb_loop+0x55/0xb0
[  578.927806][T29537]  ? clear_bhb_loop+0x55/0xb0
[  578.927847][T29537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.927878][T29537] RIP: 0033:0x7fb7a028cda9
[  578.927928][T29537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.927947][T29537] RSP: 002b:00007fb79e8af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  578.927965][T29537] RAX: ffffffffffffffda RBX: 00007fb7a04a6160 RCX: 00007fb7a028cda9
[  578.927977][T29537] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 000000000000001c
[  578.927989][T29537] RBP: 00007fb79e8af090 R08: 0000000000000000 R09: 0000000000000000
[  578.928008][T29537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.928020][T29537] R13: 0000000000000000 R14: 00007fb7a04a6160 R15: 00007ffcd40cdfd8
[  578.928042][T29537]  </TASK>
[  579.124907][   T29] kauditd_printk_skb: 452 callbacks suppressed
[  579.124926][   T29] audit: type=1326 audit(2000262842.962:42947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.155563][   T29] audit: type=1326 audit(2000262842.962:42948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.174467][T29534] vhci_hcd: connection closed
[  579.179622][T12376] vhci_hcd: stop threads
[  579.180023][   T29] audit: type=1326 audit(2000262842.972:42949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.184323][T12376] vhci_hcd: release socket
[  579.190616][   T29] audit: type=1326 audit(2000262842.972:42950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.214206][T12376] vhci_hcd: disconnect device
[  579.248661][   T29] audit: type=1326 audit(2000262842.972:42951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.273028][   T29] audit: type=1326 audit(2000262842.972:42952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.297033][   T29] audit: type=1326 audit(2000262842.972:42953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.321553][   T29] audit: type=1326 audit(2000262842.972:42954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.345402][   T29] audit: type=1326 audit(2000262842.972:42955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.369860][   T29] audit: type=1326 audit(2000262842.972:42956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29536 comm="syz.4.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7117cccda9 code=0x7ffc0000
[  579.410519][T29545] loop4: detected capacity change from 0 to 1024
[  579.446195][T29549] rdma_rxe: rxe_newlink: failed to add lo
[  579.469851][ T3376] vhci_hcd: vhci_device speed not set
[  579.524508][T29569] 9pnet_fd: Insufficient options for proto=fd
[  579.531817][T29569] binfmt_misc: register: failed to install interpreter file ./file2
[  579.620299][T29575] loop1: detected capacity change from 0 to 1024
[  579.627081][T29575] EXT4-fs: Ignoring removed orlov option
[  579.650112][T29575] netlink: 'syz.1.8454': attribute type 10 has an invalid length.
[  579.675965][T29574] ==================================================================
[  579.684062][T29574] BUG: KCSAN: data-race in _free_event / perf_pending_task
[  579.691281][T29574] 
[  579.693604][T29574] write to 0xffff888118061d90 of 4 bytes by task 29575 on cpu 0:
[  579.701347][T29574]  perf_pending_task+0xe8/0x220
[  579.706231][T29574]  task_work_run+0x13a/0x1a0
[  579.710836][T29574]  irqentry_exit_to_user_mode+0xe5/0x120
[  579.716481][T29574]  irqentry_exit+0x12/0x50
[  579.720907][T29574]  sysvec_apic_timer_interrupt+0x44/0x80
[  579.726579][T29574]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  579.732581][T29574] 
[  579.734909][T29574] read to 0xffff888118061d90 of 4 bytes by task 29574 on cpu 1:
[  579.742632][T29574]  _free_event+0x3d/0xa10
[  579.746972][T29574]  perf_event_release_kernel+0x61a/0x670
[  579.752618][T29574]  perf_release+0x1f/0x30
[  579.756965][T29574]  __fput+0x2ac/0x640
[  579.760967][T29574]  ____fput+0x1c/0x30
[  579.765017][T29574]  task_work_run+0x13a/0x1a0
[  579.769634][T29574]  syscall_exit_to_user_mode+0xa8/0x120
[  579.775205][T29574]  do_syscall_64+0xd6/0x1c0
[  579.779729][T29574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.785656][T29574] 
[  579.787982][T29574] value changed: 0x7e93eba1 -> 0x00000000
[  579.793714][T29574] 
[  579.796128][T29574] Reported by Kernel Concurrency Sanitizer on:
[  579.802283][T29574] CPU: 1 UID: 0 PID: 29574 Comm: syz.1.8454 Not tainted 6.13.0-syzkaller-10003-ga86bf2283d2c #0
[  579.812889][T29574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  579.822966][T29574] ==================================================================
[  580.430067][ T3376] page_pool_release_retry() stalled pool shutdown: id 204, 1 inflight 60 sec